Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/spatialite-5.0.0/src/cutter/gaia_cutter.c
Examining data/spatialite-5.0.0/src/dxf/dxf_loader.c
Examining data/spatialite-5.0.0/src/dxf/dxf_private.h
Examining data/spatialite-5.0.0/src/dxf/dxf_load_distinct.c
Examining data/spatialite-5.0.0/src/dxf/dxf_writer.c
Examining data/spatialite-5.0.0/src/dxf/dxf_load_mixed.c
Examining data/spatialite-5.0.0/src/dxf/dxf_parser.c
Examining data/spatialite-5.0.0/src/md5/gaia_md5.c
Examining data/spatialite-5.0.0/src/md5/md5.c
Examining data/spatialite-5.0.0/src/md5/md5.h
Examining data/spatialite-5.0.0/src/connection_cache/cache_aux_3.h
Examining data/spatialite-5.0.0/src/connection_cache/generator/code_generator.c
Examining data/spatialite-5.0.0/src/connection_cache/cache_aux_2.h
Examining data/spatialite-5.0.0/src/connection_cache/cache_aux_1.h
Examining data/spatialite-5.0.0/src/connection_cache/gg_sequence.c
Examining data/spatialite-5.0.0/src/connection_cache/alloc_cache.c
Examining data/spatialite-5.0.0/src/versioninfo/version.c
Examining data/spatialite-5.0.0/src/topology/gaia_topostmts.c
Examining data/spatialite-5.0.0/src/topology/gaia_topology.c
Examining data/spatialite-5.0.0/src/topology/gaia_auxnet.c
Examining data/spatialite-5.0.0/src/topology/lwn_network_private.h
Examining data/spatialite-5.0.0/src/topology/network_private.h
Examining data/spatialite-5.0.0/src/topology/topology_private.h
Examining data/spatialite-5.0.0/src/topology/gaia_netstmts.c
Examining data/spatialite-5.0.0/src/topology/topo_callbacks.c
Examining data/spatialite-5.0.0/src/topology/lwn_network.h
Examining data/spatialite-5.0.0/src/topology/gaia_auxtopo.c
Examining data/spatialite-5.0.0/src/topology/gaia_network.c
Examining data/spatialite-5.0.0/src/topology/lwn_network.c
Examining data/spatialite-5.0.0/src/topology/net_callbacks.c
Examining data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c
Examining data/spatialite-5.0.0/src/gaiaexif/gaia_exif.c
Examining data/spatialite-5.0.0/src/geopackage/gpkgCreateTilesTable.c
Examining data/spatialite-5.0.0/src/geopackage/gpkgBinary.c
Examining data/spatialite-5.0.0/src/geopackage/geopackage_internal.h
Examining data/spatialite-5.0.0/src/geopackage/gpkgCreateTilesZoomLevel.c
Examining data/spatialite-5.0.0/src/geopackage/gpkgMakePoint.c
Examining data/spatialite-5.0.0/src/geopackage/gpkgGetImageType.c
Examining data/spatialite-5.0.0/src/geopackage/gpkg_add_spatial_index.c
Examining data/spatialite-5.0.0/src/geopackage/gpkg_get_normal_zoom.c
Examining data/spatialite-5.0.0/src/geopackage/gpkgCreateBaseTables.c
Examining data/spatialite-5.0.0/src/geopackage/gpkg_add_tile_triggers.c
Examining data/spatialite-5.0.0/src/geopackage/gpkg_get_normal_row.c
Examining data/spatialite-5.0.0/src/geopackage/gaia_cvt_gpkg.c
Examining data/spatialite-5.0.0/src/geopackage/gpkgAddGeometryColumn.c
Examining data/spatialite-5.0.0/src/geopackage/gpkgInsertEpsgSRID.c
Examining data/spatialite-5.0.0/src/geopackage/gpkg_add_geometry_triggers.c
Examining data/spatialite-5.0.0/src/virtualtext/virtualtext.c
Examining data/spatialite-5.0.0/src/stored_procedures/stored_procedures.c
Examining data/spatialite-5.0.0/src/spatialite/extra_tables.c
Examining data/spatialite-5.0.0/src/spatialite/virtualgeojson.c
Examining data/spatialite-5.0.0/src/spatialite/table_cloner.c
Examining data/spatialite-5.0.0/src/spatialite/spatialite.c
Examining data/spatialite-5.0.0/src/spatialite/virtualshape.c
Examining data/spatialite-5.0.0/src/spatialite/virtualspatialindex.c
Examining data/spatialite-5.0.0/src/spatialite/virtualknn.c
Examining data/spatialite-5.0.0/src/spatialite/spatialite_init.c
Examining data/spatialite-5.0.0/src/spatialite/virtualnetwork.c
Examining data/spatialite-5.0.0/src/spatialite/create_routing.c
Examining data/spatialite-5.0.0/src/spatialite/mbrcache.c
Examining data/spatialite-5.0.0/src/spatialite/statistics.c
Examining data/spatialite-5.0.0/src/spatialite/virtualfdo.c
Examining data/spatialite-5.0.0/src/spatialite/virtualelementary.c
Examining data/spatialite-5.0.0/src/spatialite/srid_aux.c
Examining data/spatialite-5.0.0/src/spatialite/virtualdbf.c
Examining data/spatialite-5.0.0/src/spatialite/virtualrouting.c
Examining data/spatialite-5.0.0/src/spatialite/dbobj_scopes.c
Examining data/spatialite-5.0.0/src/spatialite/virtualxpath.c
Examining data/spatialite-5.0.0/src/spatialite/virtualbbox.c
Examining data/spatialite-5.0.0/src/spatialite/virtualXL.c
Examining data/spatialite-5.0.0/src/spatialite/metatables.c
Examining data/spatialite-5.0.0/src/spatialite/pause.c
Examining data/spatialite-5.0.0/src/spatialite/se_helpers.c
Examining data/spatialite-5.0.0/src/spatialite/virtualgpkg.c
Examining data/spatialite-5.0.0/src/gaiageo/lex.Kml.c
Examining data/spatialite-5.0.0/src/gaiageo/gg_gml.c
Examining data/spatialite-5.0.0/src/gaiageo/lex.GeoJson.c
Examining data/spatialite-5.0.0/src/gaiageo/gg_ewkt.c
Examining data/spatialite-5.0.0/src/gaiageo/gg_endian.c
Examining data/spatialite-5.0.0/src/gaiageo/lemon/lemon_src/lemon.c
Examining data/spatialite-5.0.0/src/gaiageo/lemon/lemon_src/lempar.c
Examining data/spatialite-5.0.0/src/gaiageo/gg_wkb.c
Examining data/spatialite-5.0.0/src/gaiageo/Kml.c
Examining data/spatialite-5.0.0/src/gaiageo/gg_transform.c
Examining data/spatialite-5.0.0/src/gaiageo/Ewkt.c
Examining data/spatialite-5.0.0/src/gaiageo/geoJSON.c
Examining data/spatialite-5.0.0/src/gaiageo/geoJSON.h
Examining data/spatialite-5.0.0/src/gaiageo/gg_vanuatu.c
Examining data/spatialite-5.0.0/src/gaiageo/gg_geoJSON.c
Examining data/spatialite-5.0.0/src/gaiageo/Ewkt.h
Examining data/spatialite-5.0.0/src/gaiageo/gg_voronoj.c
Examining data/spatialite-5.0.0/src/gaiageo/gg_matrix.c
Examining data/spatialite-5.0.0/src/gaiageo/gg_advanced.c
Examining data/spatialite-5.0.0/src/gaiageo/Kml.h
Examining data/spatialite-5.0.0/src/gaiageo/gg_rttopo.c
Examining data/spatialite-5.0.0/src/gaiageo/gg_kml.c
Examining data/spatialite-5.0.0/src/gaiageo/lex.VanuatuWkt.c
Examining data/spatialite-5.0.0/src/gaiageo/gg_extras.c
Examining data/spatialite-5.0.0/src/gaiageo/Gml.c
Examining data/spatialite-5.0.0/src/gaiageo/gg_relations.c
Examining data/spatialite-5.0.0/src/gaiageo/gg_geoscvt.c
Examining data/spatialite-5.0.0/src/gaiageo/gg_shape.c
Examining data/spatialite-5.0.0/src/gaiageo/gg_relations_ext.c
Examining data/spatialite-5.0.0/src/gaiageo/gg_geodesic.c
Examining data/spatialite-5.0.0/src/gaiageo/gg_geometries.c
Examining data/spatialite-5.0.0/src/gaiageo/lex.Ewkt.c
Examining data/spatialite-5.0.0/src/gaiageo/gg_wkt.c
Examining data/spatialite-5.0.0/src/gaiageo/vanuatuWkt.h
Examining data/spatialite-5.0.0/src/gaiageo/lex.Gml.c
Examining data/spatialite-5.0.0/src/gaiageo/gg_xml.c
Examining data/spatialite-5.0.0/src/gaiageo/vanuatuWkt.c
Examining data/spatialite-5.0.0/src/gaiageo/Gml.h
Examining data/spatialite-5.0.0/src/shapefiles/shapefiles.c
Examining data/spatialite-5.0.0/src/shapefiles/validator.c
Examining data/spatialite-5.0.0/src/srsinit/epsg_inlined_26.c
Examining data/spatialite-5.0.0/src/srsinit/epsg_inlined_36.c
Examining data/spatialite-5.0.0/src/srsinit/epsg_inlined_25.c
Examining data/spatialite-5.0.0/src/srsinit/epsg_inlined_prussian.c
Examining data/spatialite-5.0.0/src/srsinit/epsg_inlined_14.c
Examining data/spatialite-5.0.0/src/srsinit/epsg_inlined_59.c
Examining data/spatialite-5.0.0/src/srsinit/epsg_inlined_41.c
Examining data/spatialite-5.0.0/src/srsinit/epsg_inlined_16.c
Examining data/spatialite-5.0.0/src/srsinit/epsg_inlined_32.c
Examining data/spatialite-5.0.0/src/srsinit/epsg_inlined_57.c
Examining data/spatialite-5.0.0/src/srsinit/epsg_inlined_28.c
Examining data/spatialite-5.0.0/src/srsinit/epsg_inlined_24.c
Examining data/spatialite-5.0.0/src/srsinit/epsg_inlined_19.c
Examining data/spatialite-5.0.0/src/srsinit/epsg_inlined_10.c
Examining data/spatialite-5.0.0/src/srsinit/epsg_inlined_15.c
Examining data/spatialite-5.0.0/src/srsinit/epsg_inlined_44.c
Examining data/spatialite-5.0.0/src/srsinit/epsg_inlined_46.c
Examining data/spatialite-5.0.0/src/srsinit/epsg_inlined_08.c
Examining data/spatialite-5.0.0/src/srsinit/epsg_inlined_17.c
Examining data/spatialite-5.0.0/src/srsinit/epsg_inlined_22.c
Examining data/spatialite-5.0.0/src/srsinit/epsg_inlined_wgs84_00.c
Examining data/spatialite-5.0.0/src/srsinit/epsg_inlined_09.c
Examining data/spatialite-5.0.0/src/srsinit/epsg_inlined_03.c
Examining data/spatialite-5.0.0/src/srsinit/epsg_inlined_21.c
Examining data/spatialite-5.0.0/src/srsinit/epsg_inlined_wgs84_01.c
Examining data/spatialite-5.0.0/src/srsinit/epsg_inlined_49.c
Examining data/spatialite-5.0.0/src/srsinit/epsg_inlined_58.c
Examining data/spatialite-5.0.0/src/srsinit/epsg_inlined_39.c
Examining data/spatialite-5.0.0/src/srsinit/epsg_inlined_52.c
Examining data/spatialite-5.0.0/src/srsinit/epsg_inlined_55.c
Examining data/spatialite-5.0.0/src/srsinit/epsg_inlined_04.c
Examining data/spatialite-5.0.0/src/srsinit/epsg_inlined_40.c
Examining data/spatialite-5.0.0/src/srsinit/epsg_inlined_50.c
Examining data/spatialite-5.0.0/src/srsinit/epsg_inlined_01.c
Examining data/spatialite-5.0.0/src/srsinit/epsg_inlined_48.c
Examining data/spatialite-5.0.0/src/srsinit/epsg_inlined_38.c
Examining data/spatialite-5.0.0/src/srsinit/epsg_inlined_37.c
Examining data/spatialite-5.0.0/src/srsinit/epsg_inlined_56.c
Examining data/spatialite-5.0.0/src/srsinit/epsg_inlined_06.c
Examining data/spatialite-5.0.0/src/srsinit/epsg_inlined_07.c
Examining data/spatialite-5.0.0/src/srsinit/epsg_inlined_05.c
Examining data/spatialite-5.0.0/src/srsinit/epsg_inlined_12.c
Examining data/spatialite-5.0.0/src/srsinit/epsg_inlined_33.c
Examining data/spatialite-5.0.0/src/srsinit/epsg_inlined_27.c
Examining data/spatialite-5.0.0/src/srsinit/epsg_inlined_53.c
Examining data/spatialite-5.0.0/src/srsinit/epsg_inlined_35.c
Examining data/spatialite-5.0.0/src/srsinit/epsg_inlined_00.c
Examining data/spatialite-5.0.0/src/srsinit/epsg_inlined_11.c
Examining data/spatialite-5.0.0/src/srsinit/epsg_inlined_47.c
Examining data/spatialite-5.0.0/src/srsinit/epsg_inlined_20.c
Examining data/spatialite-5.0.0/src/srsinit/epsg_inlined_13.c
Examining data/spatialite-5.0.0/src/srsinit/epsg_inlined_51.c
Examining data/spatialite-5.0.0/src/srsinit/epsg_inlined_02.c
Examining data/spatialite-5.0.0/src/srsinit/epsg_inlined_34.c
Examining data/spatialite-5.0.0/src/srsinit/epsg_inlined_54.c
Examining data/spatialite-5.0.0/src/srsinit/epsg_inlined_29.c
Examining data/spatialite-5.0.0/src/srsinit/epsg_inlined_extra.c
Examining data/spatialite-5.0.0/src/srsinit/epsg_inlined_18.c
Examining data/spatialite-5.0.0/src/srsinit/epsg_inlined_30.c
Examining data/spatialite-5.0.0/src/srsinit/epsg_inlined_43.c
Examining data/spatialite-5.0.0/src/srsinit/epsg_update/auto_epsg_ext.c
Examining data/spatialite-5.0.0/src/srsinit/epsg_update/epsg_from_gdal-proj6.c
Examining data/spatialite-5.0.0/src/srsinit/epsg_update/epsg_from_gdal.c
Examining data/spatialite-5.0.0/src/srsinit/epsg_update/auto_epsg.c
Examining data/spatialite-5.0.0/src/srsinit/epsg_inlined_45.c
Examining data/spatialite-5.0.0/src/srsinit/epsg_inlined_31.c
Examining data/spatialite-5.0.0/src/srsinit/epsg_inlined_42.c
Examining data/spatialite-5.0.0/src/srsinit/epsg_inlined_23.c
Examining data/spatialite-5.0.0/src/srsinit/srs_init.c
Examining data/spatialite-5.0.0/src/headers/spatialite/gg_wfs.h
Examining data/spatialite-5.0.0/src/headers/spatialite/gaia_network.h
Examining data/spatialite-5.0.0/src/headers/spatialite/gg_mbr.h
Examining data/spatialite-5.0.0/src/headers/spatialite/gg_core.h
Examining data/spatialite-5.0.0/src/headers/spatialite/gg_dynamic.h
Examining data/spatialite-5.0.0/src/headers/spatialite/gaiaexif.h
Examining data/spatialite-5.0.0/src/headers/spatialite/debug.h
Examining data/spatialite-5.0.0/src/headers/spatialite/stored_procedures.h
Examining data/spatialite-5.0.0/src/headers/spatialite/gg_sequence.h
Examining data/spatialite-5.0.0/src/headers/spatialite/gaia_topology.h
Examining data/spatialite-5.0.0/src/headers/spatialite/gaiamatrix.h
Examining data/spatialite-5.0.0/src/headers/spatialite/control_points.h
Examining data/spatialite-5.0.0/src/headers/spatialite/sqlite.h
Examining data/spatialite-5.0.0/src/headers/spatialite/gg_formats.h
Examining data/spatialite-5.0.0/src/headers/spatialite/geojson.h
Examining data/spatialite-5.0.0/src/headers/spatialite/spatialite.h
Examining data/spatialite-5.0.0/src/headers/spatialite/gg_structs.h
Examining data/spatialite-5.0.0/src/headers/spatialite/gg_dxf.h
Examining data/spatialite-5.0.0/src/headers/spatialite/gg_advanced.h
Examining data/spatialite-5.0.0/src/headers/spatialite/gg_const.h
Examining data/spatialite-5.0.0/src/headers/spatialite/gaiaaux.h
Examining data/spatialite-5.0.0/src/headers/spatialite/geopackage.h
Examining data/spatialite-5.0.0/src/headers/spatialite/gg_xml.h
Examining data/spatialite-5.0.0/src/headers/spatialite/gaiageo.h
Examining data/spatialite-5.0.0/src/headers/spatialite.h
Examining data/spatialite-5.0.0/src/headers/spatialite_private.h
Examining data/spatialite-5.0.0/src/wfs/wfs_in.c
Examining data/spatialite-5.0.0/src/control_points/gaia_control_points.c
Examining data/spatialite-5.0.0/src/control_points/grass_georef.c
Examining data/spatialite-5.0.0/src/control_points/grass_crs.h
Examining data/spatialite-5.0.0/src/control_points/grass_crs3d.c
Examining data/spatialite-5.0.0/src/control_points/grass_georef_tps.c
Examining data/spatialite-5.0.0/src/gaiaaux/gg_sqlaux.c
Examining data/spatialite-5.0.0/src/gaiaaux/gg_utf8.c
Examining data/spatialite-5.0.0/config-msvc.h
Examining data/spatialite-5.0.0/test/scandir4win.h
Examining data/spatialite-5.0.0/test/check_gpkgCreateFeaturesTable.c
Examining data/spatialite-5.0.0/test/check_topology2d.c
Examining data/spatialite-5.0.0/test/check_libxml2.c
Examining data/spatialite-5.0.0/test/check_get_normal_row_bad_geopackage.c
Examining data/spatialite-5.0.0/test/check_relations_fncts.c
Examining data/spatialite-5.0.0/test/check_virtualtable2.c
Examining data/spatialite-5.0.0/test/check_gpkg_opt_extension_mechanism_extensions_data_table_def.c
Examining data/spatialite-5.0.0/test/check_virtualtable6.c
Examining data/spatialite-5.0.0/test/check_tempgeom.c
Examining data/spatialite-5.0.0/test/check_get_normal_zoom_bad_geopackage.c
Examining data/spatialite-5.0.0/test/check_init.c
Examining data/spatialite-5.0.0/test/check_gaia_util.c
Examining data/spatialite-5.0.0/test/check_sql_stmt_tiny.c
Examining data/spatialite-5.0.0/test/check_map_config.c
Examining data/spatialite-5.0.0/test/check_get_normal_zoom_extension_load.c
Examining data/spatialite-5.0.0/test/check_init2.c
Examining data/spatialite-5.0.0/test/check_virtualtable4.c
Examining data/spatialite-5.0.0/test/check_virtualbbox.c
Examining data/spatialite-5.0.0/test/check_gpkgGetImageFormat.c
Examining data/spatialite-5.0.0/test/check_bufovflw.c
Examining data/spatialite-5.0.0/test/check_fdo_bufovflw.c
Examining data/spatialite-5.0.0/test/check_get_normal_row_bad_geopackage2.c
Examining data/spatialite-5.0.0/test/check_create.c
Examining data/spatialite-5.0.0/test/test_helpers.h
Examining data/spatialite-5.0.0/test/check_sql_stmt_extension.c
Examining data/spatialite-5.0.0/test/routing_test.c
Examining data/spatialite-5.0.0/test/check_virtualxpath.c
Examining data/spatialite-5.0.0/test/check_gpkgCreateTilesTable.c
Examining data/spatialite-5.0.0/test/check_clone_table.c
Examining data/spatialite-5.0.0/test/check_topology3d.c
Examining data/spatialite-5.0.0/test/check_sql_stmt.c
Examining data/spatialite-5.0.0/test/check_cutter.c
Examining data/spatialite-5.0.0/test/check_recover_geom.c
Examining data/spatialite-5.0.0/test/check_gpkgGetImageFormat_webp.c
Examining data/spatialite-5.0.0/test/check_srid_fncts.c
Examining data/spatialite-5.0.0/test/check_geometry_cols.c
Examining data/spatialite-5.0.0/test/fnmatch4win.h
Examining data/spatialite-5.0.0/test/check_add_tile_triggers_bad_table_name.c
Examining data/spatialite-5.0.0/test/check_geoscvt_fncts.c
Examining data/spatialite-5.0.0/test/check_gpkg_base_core_spatial_ref_sys_data_table_def.c
Examining data/spatialite-5.0.0/test/check_shp_load.c
Examining data/spatialite-5.0.0/test/check_exif2.c
Examining data/spatialite-5.0.0/test/check_gpkgConvert.c
Examining data/spatialite-5.0.0/test/check_wfsin.c
Examining data/spatialite-5.0.0/test/check_mbrcache.c
Examining data/spatialite-5.0.0/test/shape_utf8_2.c
Examining data/spatialite-5.0.0/test/check_gpkg_base_core_contents_data_table_def.c
Examining data/spatialite-5.0.0/test/check_fdo2.c
Examining data/spatialite-5.0.0/test/check_drop_rename.c
Examining data/spatialite-5.0.0/test/geojson_test.c
Examining data/spatialite-5.0.0/test/check_sql_stmt_legacy.c
Examining data/spatialite-5.0.0/test/check_math_funcs.c
Examining data/spatialite-5.0.0/test/check_topoplus.c
Examining data/spatialite-5.0.0/test/check_gpkg_base_core_spatial_ref_sys_data_values_default.c
Examining data/spatialite-5.0.0/test/check_gpkgGetImageFormat_png.c
Examining data/spatialite-5.0.0/test/shape_utf8_1.c
Examining data/spatialite-5.0.0/test/check_endian.c
Examining data/spatialite-5.0.0/test/check_toposnap.c
Examining data/spatialite-5.0.0/test/check_gpkgGetImageFormat_nonimage.c
Examining data/spatialite-5.0.0/test/check_wms.c
Examining data/spatialite-5.0.0/test/shape_3d.c
Examining data/spatialite-5.0.0/test/check_sequence.c
Examining data/spatialite-5.0.0/test/check_init_full.c
Examining data/spatialite-5.0.0/test/check_dbf_load.c
Examining data/spatialite-5.0.0/test/check_virtualtable5.c
Examining data/spatialite-5.0.0/test/check_version.c
Examining data/spatialite-5.0.0/test/check_shp_load_3d.c
Examining data/spatialite-5.0.0/test/check_gpkgGetImageFormat_nonblob.c
Examining data/spatialite-5.0.0/test/check_zipshp.c
Examining data/spatialite-5.0.0/test/check_exif.c
Examining data/spatialite-5.0.0/test/check_network3d.c
Examining data/spatialite-5.0.0/test/check_fdo3.c
Examining data/spatialite-5.0.0/test/check_metacatalog.c
Examining data/spatialite-5.0.0/test/check_toponoface2d.c
Examining data/spatialite-5.0.0/test/check_control_points.c
Examining data/spatialite-5.0.0/test/check_virtual_ovflw.c
Examining data/spatialite-5.0.0/test/check_network_log.c
Examining data/spatialite-5.0.0/test/check_gpkgCreateTilesZoomLevel.c
Examining data/spatialite-5.0.0/test/check_spatialindex.c
Examining data/spatialite-5.0.0/test/check_get_normal_zoom.c
Examining data/spatialite-5.0.0/test/check_network2d.c
Examining data/spatialite-5.0.0/test/check_styling.c
Examining data/spatialite-5.0.0/test/check_geom_aux.c
Examining data/spatialite-5.0.0/test/check_gpkgMode.c
Examining data/spatialite-5.0.0/test/check_multithread.c
Examining data/spatialite-5.0.0/test/check_virtualknn.c
Examining data/spatialite-5.0.0/test/check_sql_stmt.h
Examining data/spatialite-5.0.0/test/check_md5.c
Examining data/spatialite-5.0.0/test/fnmatch_impl4win.h
Examining data/spatialite-5.0.0/test/check_add_tile_triggers.c
Examining data/spatialite-5.0.0/test/check_extra_relations_fncts.c
Examining data/spatialite-5.0.0/test/shape_cp1252.c
Examining data/spatialite-5.0.0/test/check_createBaseTables.c
Examining data/spatialite-5.0.0/test/shape_primitives.c
Examining data/spatialite-5.0.0/test/check_virtualtable3.c
Examining data/spatialite-5.0.0/test/shape_utf8_1ex.c
Examining data/spatialite-5.0.0/test/check_gpkgCreateTilesTableMissingSRID.c
Examining data/spatialite-5.0.0/test/check_stored_proc.c
Examining data/spatialite-5.0.0/test/check_extension.c
Examining data/spatialite-5.0.0/test/check_gpkg_base_core_container_data_file_format_application_id.c
Examining data/spatialite-5.0.0/test/check_gaia_utf8.c
Examining data/spatialite-5.0.0/test/check_virtualtable1.c
Examining data/spatialite-5.0.0/test/check_xls_load.c
Examining data/spatialite-5.0.0/test/check_virtualelem.c
Examining data/spatialite-5.0.0/test/check_fdo1.c
Examining data/spatialite-5.0.0/test/check_gpkgVirtual.c
Examining data/spatialite-5.0.0/test/check_gpkgGetImageFormat_tiff.c
Examining data/spatialite-5.0.0/test/check_dxf.c
Examining data/spatialite-5.0.0/test/check_get_normal_zoom_bad_geopackage2.c
Examining data/spatialite-5.0.0/test/check_get_normal_row.c
Examining data/spatialite-5.0.0/test/check_gpkgInsertEpsgSRID.c
Examining data/spatialite-5.0.0/examples/demo3.c
Examining data/spatialite-5.0.0/examples/demo1.c
Examining data/spatialite-5.0.0/examples/demo2.c
Examining data/spatialite-5.0.0/examples/demo4.c
Examining data/spatialite-5.0.0/examples/demo5.c
Parsing failed to find end of parameter list; semicolon terminated it in ("\t\t\tIntRange %I64d / %I64d\n",
#else
printf ("\t\t\tIntRange %lld / %lld\n",
#endif
fld->IntRange->MinValue, fld->IntRange->MaxValue);
if (fld->DoubleRange)
printf ("\t\t\tDo
FINAL RESULTS:
data/spatialite-5.0.0/examples/demo1.c:152:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (p_geotables[i - 1], table_name);
data/spatialite-5.0.0/examples/demo1.c:178:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (sql, "SELECT * FROM %s", p_geotables[i]);
data/spatialite-5.0.0/src/connection_cache/alloc_cache.c:154:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (cache->gaia_geos_error_msg, msg);
data/spatialite-5.0.0/src/connection_cache/alloc_cache.c:185:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (cache->gaia_geos_warning_msg, msg);
data/spatialite-5.0.0/src/connection_cache/alloc_cache.c:221:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (cache->gaia_rttopo_error_msg, msg);
data/spatialite-5.0.0/src/connection_cache/alloc_cache.c:263:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (cache->gaia_rttopo_warning_msg, msg);
data/spatialite-5.0.0/src/connection_cache/alloc_cache.c:767:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (vtable->table, table);
data/spatialite-5.0.0/src/connection_cache/alloc_cache.c:1067:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (cache->gaia_geos_error_msg, msg);
data/spatialite-5.0.0/src/connection_cache/alloc_cache.c:1091:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (cache->gaia_geos_warning_msg, msg);
data/spatialite-5.0.0/src/connection_cache/alloc_cache.c:1115:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (cache->gaia_geosaux_error_msg, msg);
data/spatialite-5.0.0/src/connection_cache/alloc_cache.c:1491:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (text, value);
data/spatialite-5.0.0/src/connection_cache/alloc_cache.c:1579:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (cache->proj6_cached_string_1, proj_string_1);
data/spatialite-5.0.0/src/connection_cache/alloc_cache.c:1586:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (cache->proj6_cached_string_2, proj_string_2);
data/spatialite-5.0.0/src/connection_cache/gg_sequence.c:92:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (seq->seq_name, seq_name);
data/spatialite-5.0.0/src/cutter/gaia_cutter.c:360:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (var->value.textValue, value);
data/spatialite-5.0.0/src/cutter/gaia_cutter.c:513:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (col->base_name, name);
data/spatialite-5.0.0/src/cutter/gaia_cutter.c:517:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (col->type, type);
data/spatialite-5.0.0/src/cutter/gaia_cutter.c:735:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (geom_name, value);
data/spatialite-5.0.0/src/cutter/gaia_cutter.c:890:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (geom_name, value);
data/spatialite-5.0.0/src/cutter/gaia_cutter.c:1240:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (idx_prefix, db_prefix);
data/spatialite-5.0.0/src/dxf/dxf_parser.c:754:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (ext->key, org->key);
data/spatialite-5.0.0/src/dxf/dxf_parser.c:757:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (ext->value, org->value);
data/spatialite-5.0.0/src/dxf/dxf_parser.c:783:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (txt->label, label);
data/spatialite-5.0.0/src/dxf/dxf_parser.c:888:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (ins->block_id, block_id);
data/spatialite-5.0.0/src/dxf/dxf_parser.c:921:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (ins->block_id, org->block_id);
data/spatialite-5.0.0/src/dxf/dxf_parser.c:1581:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (blk->layer_name, layer);
data/spatialite-5.0.0/src/dxf/dxf_parser.c:1584:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (blk->block_id, id);
data/spatialite-5.0.0/src/dxf/dxf_parser.c:1719:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (lyr->layer_name, name);
data/spatialite-5.0.0/src/dxf/dxf_parser.c:2456:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (dxf->curr_layer_name, name);
data/spatialite-5.0.0/src/dxf/dxf_parser.c:2468:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (dxf->curr_block.layer_name, name);
data/spatialite-5.0.0/src/dxf/dxf_parser.c:2480:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (dxf->curr_block.block_id, id);
data/spatialite-5.0.0/src/dxf/dxf_parser.c:2492:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (dxf->curr_insert.block_id, id);
data/spatialite-5.0.0/src/dxf/dxf_parser.c:2504:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (dxf->curr_text.label, label);
data/spatialite-5.0.0/src/dxf/dxf_parser.c:2532:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (dxf->extra_key, key);
data/spatialite-5.0.0/src/dxf/dxf_parser.c:2546:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (dxf->extra_value, value);
data/spatialite-5.0.0/src/dxf/dxf_parser.c:3493:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (dxf->filename, path);
data/spatialite-5.0.0/src/dxf/dxf_writer.c:123:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf (dxf->out, format, 10, minx, 20, miny, 30, minz);
data/spatialite-5.0.0/src/dxf/dxf_writer.c:128:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf (dxf->out, format, 10, maxx, 20, maxy, 30, maxz);
data/spatialite-5.0.0/src/dxf/dxf_writer.c:224:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf (dxf->out, format, 10, x, 20, y, 30, z);
data/spatialite-5.0.0/src/dxf/dxf_writer.c:245:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf (dxf->out, format, 10, x, 20, y, 30, z);
data/spatialite-5.0.0/src/dxf/dxf_writer.c:246:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (format, "%%3d\r\n%%1.%df\r\n%%3d\r\n%%1.%df\r\n%%3d\r\n%%s\r\n",
data/spatialite-5.0.0/src/dxf/dxf_writer.c:248:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf (dxf->out, format, 40, text_height, 50, angle, 1, label);
data/spatialite-5.0.0/src/dxf/dxf_writer.c:298:4: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf (dxf->out, format, 10, x, 20, y, 30, z);
data/spatialite-5.0.0/src/dxf/dxf_writer.c:354:4: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf (dxf->out, format, 10, x, 20, y, 30, z);
data/spatialite-5.0.0/src/dxf/dxf_writer.c:417:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (lyr->layer_name, layer), lyr->minx = geom->MinX;
data/spatialite-5.0.0/src/gaiaaux/gg_sqlaux.c:586:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (clean, value);
data/spatialite-5.0.0/src/gaiaaux/gg_sqlaux.c:745:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (value, new_value);
data/spatialite-5.0.0/src/gaiaaux/gg_sqlaux.c:787:5: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (dummy, FRMT64, sqllog_pk);
data/spatialite-5.0.0/src/gaiaaux/gg_sqlaux.c:1225:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (dms, dms0);
data/spatialite-5.0.0/src/gaiaaux/gg_sqlaux.c:1399:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (name, last + 1);
data/spatialite-5.0.0/src/gaiaaux/gg_sqlaux.c:1429:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (name, last + 1);
data/spatialite-5.0.0/src/gaiaaux/gg_sqlaux.c:1474:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (name, path + pos + 1);
data/spatialite-5.0.0/src/gaiaexif/gaia_exif.c:882:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (str, name);
data/spatialite-5.0.0/src/gaiaexif/gaia_exif.c:1574:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (str, tag->StringValue);
data/spatialite-5.0.0/src/gaiaexif/gaia_exif.c:2347:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (str, human);
data/spatialite-5.0.0/src/gaiaexif/gaia_exif.c:3079:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (latlong, ll);
data/spatialite-5.0.0/src/gaiageo/gg_geoJSON.c:1481:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (clean, dirty);
data/spatialite-5.0.0/src/gaiageo/gg_geoJSON.c:1486:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (clean, dirty);
data/spatialite-5.0.0/src/gaiageo/gg_geoJSON.c:1491:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (clean, dirty);
data/spatialite-5.0.0/src/gaiageo/gg_geoJSON.c:1496:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (clean, dirty);
data/spatialite-5.0.0/src/gaiageo/gg_geoJSON.c:1501:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (clean, dirty);
data/spatialite-5.0.0/src/gaiageo/gg_gml.c:482:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (*ptr, str);
data/spatialite-5.0.0/src/gaiageo/gg_gml.c:495:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (c->Value, tok->value);
data/spatialite-5.0.0/src/gaiageo/gg_gml.c:511:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (a->Key, k_tok->value);
data/spatialite-5.0.0/src/gaiageo/gg_gml.c:525:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (a->Value, v_tok->value);
data/spatialite-5.0.0/src/gaiageo/gg_gml.c:560:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (n->Tag, tok->value);
data/spatialite-5.0.0/src/gaiageo/gg_gml.c:594:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (n->Tag, tok->value);
data/spatialite-5.0.0/src/gaiageo/gg_gml.c:620:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (n->Tag, tok->value);
data/spatialite-5.0.0/src/gaiageo/gg_gml.c:660:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (*p, str);
data/spatialite-5.0.0/src/gaiageo/gg_kml.c:474:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (*ptr, str);
data/spatialite-5.0.0/src/gaiageo/gg_kml.c:487:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (c->Value, tok->value);
data/spatialite-5.0.0/src/gaiageo/gg_kml.c:503:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (a->Key, k_tok->value);
data/spatialite-5.0.0/src/gaiageo/gg_kml.c:515:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (a->Value, v_tok->value);
data/spatialite-5.0.0/src/gaiageo/gg_kml.c:549:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (n->Tag, tok->value);
data/spatialite-5.0.0/src/gaiageo/gg_kml.c:583:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (n->Tag, tok->value);
data/spatialite-5.0.0/src/gaiageo/gg_kml.c:609:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (n->Tag, tok->value);
data/spatialite-5.0.0/src/gaiageo/gg_kml.c:649:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (*p, str);
data/spatialite-5.0.0/src/gaiageo/gg_relations.c:174:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (gaia_geos_error_msg, msg);
data/spatialite-5.0.0/src/gaiageo/gg_relations.c:189:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (gaia_geos_warning_msg, msg);
data/spatialite-5.0.0/src/gaiageo/gg_relations.c:204:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (gaia_geosaux_error_msg, msg);
data/spatialite-5.0.0/src/gaiageo/gg_relations.c:1677:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (matrix, retMatrix);
data/spatialite-5.0.0/src/gaiageo/gg_relations.c:1739:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (matrix, retMatrix);
data/spatialite-5.0.0/src/gaiageo/gg_relations.c:3213:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (text, str);
data/spatialite-5.0.0/src/gaiageo/gg_relations.c:3221:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (text, str);
data/spatialite-5.0.0/src/gaiageo/gg_relations.c:3229:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (text, str);
data/spatialite-5.0.0/src/gaiageo/gg_relations.c:3239:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (text, gstr);
data/spatialite-5.0.0/src/gaiageo/gg_relations.c:3275:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (text, str);
data/spatialite-5.0.0/src/gaiageo/gg_relations.c:3283:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (text, str);
data/spatialite-5.0.0/src/gaiageo/gg_relations.c:3291:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (text, str);
data/spatialite-5.0.0/src/gaiageo/gg_relations.c:3301:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (text, gstr);
data/spatialite-5.0.0/src/gaiageo/gg_rttopo.c:151:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (cache->gaia_rttopo_error_msg, msg);
data/spatialite-5.0.0/src/gaiageo/gg_rttopo.c:190:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (cache->gaia_rttopo_warning_msg, msg);
data/spatialite-5.0.0/src/gaiageo/gg_rttopo.c:2350:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (geo_hash, result);
data/spatialite-5.0.0/src/gaiageo/gg_rttopo.c:2394:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (x3d, result);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:175:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (field->Value->TxtValue, str);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:229:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (p->Name, name);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:259:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (p->Name, org->Name);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:381:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (value->TxtValue, org->TxtValue);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:509:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (errMsg, "conversion from '%s' to '%s' not available\n",
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:528:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (xpath, "%s.shx", path);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:533:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (errMsg, "unable to open '%s' for reading: %s", xpath,
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:540:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (xpath, "%s.shp", path);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:545:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (errMsg, "unable to open '%s' for reading: %s", xpath,
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:552:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (xpath, "%s.dbf", path);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:557:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (errMsg, "unable to open '%s' for reading: %s", xpath,
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:610:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (errMsg, "'%s'\ninvalid magic number %02x [FoxBASE format]",
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:614:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (errMsg,
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:621:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (errMsg,
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:629:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (errMsg, "'%s'\ninvalid magic number %02x [dBASE IV format]",
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:633:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (errMsg, "'%s'\ninvalid magic number %02x [unknown format]",
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:703:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (shp->Path, path);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:769:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (shp->LastError, errMsg);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:777:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (shp->LastError, errMsg);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:791:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (shp->LastError, errMsg);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:803:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (errMsg, "'%s' is corrupted / has invalid format", path);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:806:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (shp->LastError, errMsg);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:818:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (errMsg, "'%s' shape=%d is not supported", path, shape);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:821:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (shp->LastError, errMsg);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:834:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (errMsg, "'%s.dbf' contains unsupported data types", path);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:837:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (shp->LastError, errMsg);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:850:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (errMsg, "'%s.dbf' field name: invalid character sequence", path);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:853:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (shp->LastError, errMsg);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:880:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (fld_ex->name, fld->Name);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:954:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (xfld->Name, buf);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:956:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (base->name, buf);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:987:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (xfld->Name, buf);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:989:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (base->name, buf);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:1069:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (errMsg, "conversion from '%s' to '%s' not available\n",
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:1088:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (xpath, "%s.shx", path);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:1093:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (errMsg, "unable to open '%s' for writing: %s", xpath,
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:1097:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (xpath, "%s.shp", path);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:1102:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (errMsg, "unable to open '%s' for writing: %s", xpath,
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:1106:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (xpath, "%s.dbf", path);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:1111:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (errMsg, "unable to open '%s' for writing: %s", xpath,
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:1148:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (buf, fld->Name);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:1179:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (shp->Path, path);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:1331:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (shp->LastError, errMsg);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:1339:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (shp->LastError, errMsg);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:2768:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (errMsg, "'%s' is corrupted / has invalid format", shp->Path);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:2771:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (shp->LastError, errMsg);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:2785:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (shp->LastError, errMsg);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:2995:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (dynbuf, fld->Value->TxtValue);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:3032:8: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (dummy, FRMT64, fld->Value->IntValue);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:3040:8: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (dummy, fmt, fld->Value->DblValue);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:3087:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (shp->LastError, dummy);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:3116:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (shp->LastError, dummy);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:3147:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (shp->LastError, dummy);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:3187:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (shp->LastError, dummy);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:3290:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (shp->LastError, dummy);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:3483:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (shp->LastError, dummy);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:3635:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (shp->LastError, dummy);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:3796:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (shp->LastError, dummy);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:4119:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (shp->LastError, dummy);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:4339:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (shp->LastError, dummy);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:4405:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (shp->LastError, dummy);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:4512:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (shp->LastError, dummy);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:4583:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (shp->LastError, dummy);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:4972:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (errMsg,
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:4995:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (errMsg, "unable to open '%s' for reading: %s", path,
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:5015:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (errMsg, "'%s'\ninvalid magic number %02x [FoxBASE format]",
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:5019:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (errMsg,
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:5026:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (errMsg,
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:5034:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (errMsg, "'%s'\ninvalid magic number %02x [dBASE IV format]",
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:5038:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (errMsg, "'%s'\ninvalid magic number %02x [unknown format]",
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:5108:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (dbf->Path, path);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:5124:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (dbf->LastError, errMsg);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:5132:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (dbf->LastError, errMsg);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:5140:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (errMsg, "'%s' is corrupted / has invalid format", path);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:5143:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (dbf->LastError, errMsg);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:5153:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (dbf->LastError, errMsg);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:5161:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (errMsg, "'%s' contains unsupported data types", path);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:5164:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (dbf->LastError, errMsg);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:5173:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (errMsg, "'%s.dbf' field name: invalid character sequence", path);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:5176:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (dbf->LastError, errMsg);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:5223:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (errMsg, "conversion from '%s' to '%s' not available\n",
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:5244:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (errMsg, "unable to open '%s' for writing: %s", path,
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:5273:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (buf, fld->Name);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:5315:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (dbf->LastError, errMsg);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:5323:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (dbf->LastError, errMsg);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:5390:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (dynbuf, fld->Value->TxtValue);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:5427:8: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (dummy, FRMT64, fld->Value->IntValue);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:5435:8: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (dummy, fmt, fld->Value->DblValue);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:5455:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (dbf->LastError, dummy);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:5563:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (dbf->LastError, errMsg);
data/spatialite-5.0.0/src/gaiageo/gg_transform.c:2717:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (result, proj_string);
data/spatialite-5.0.0/src/gaiageo/gg_transform.c:2782:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (result, wkt);
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:145:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (buf->Buffer + buf->WriteOffset, text);
data/spatialite-5.0.0/src/gaiageo/gg_xml.c:240:5: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf (out, 65536, msg, args);
data/spatialite-5.0.0/src/gaiageo/gg_xml.c:261:5: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf (out, 65536, msg, args);
data/spatialite-5.0.0/src/gaiageo/gg_xml.c:402:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (pSlot->schemaURI, schemaURI);
data/spatialite-5.0.0/src/gaiageo/gg_xml.c:549:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (buf, (const char *) cur_node->content);
data/spatialite-5.0.0/src/gaiageo/gg_xml.c:656:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (buf, (const char *) cur_node->content);
data/spatialite-5.0.0/src/gaiageo/gg_xml.c:744:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (buf, (const char *) cur_node->content);
data/spatialite-5.0.0/src/gaiageo/gg_xml.c:1108:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (*string, value);
data/spatialite-5.0.0/src/gaiageo/gg_xml.c:1140:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (*string, value);
data/spatialite-5.0.0/src/gaiageo/gg_xml.c:1174:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (*string, value);
data/spatialite-5.0.0/src/gaiageo/gg_xml.c:1264:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (*string, value);
data/spatialite-5.0.0/src/gaiageo/gg_xml.c:1318:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (*string, value);
data/spatialite-5.0.0/src/gaiageo/gg_xml.c:1372:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (*string, value);
data/spatialite-5.0.0/src/gaiageo/gg_xml.c:1481:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (*string, value);
data/spatialite-5.0.0/src/gaiageo/gg_xml.c:1513:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (*string, value);
data/spatialite-5.0.0/src/gaiageo/gg_xml.c:1547:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (*string, value);
data/spatialite-5.0.0/src/gaiageo/gg_xml.c:2846:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy ((char *) encoding, (const char *) (xml_doc->encoding));
data/spatialite-5.0.0/src/gaiageo/gg_xml.c:3342:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (uri, ptr);
data/spatialite-5.0.0/src/gaiageo/gg_xml.c:3374:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (uri,
data/spatialite-5.0.0/src/gaiageo/gg_xml.c:4415:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (encoding, (const char *) xml_doc->encoding);
data/spatialite-5.0.0/src/gaiageo/gg_xml.c:4759:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (version, ver);
data/spatialite-5.0.0/src/gaiageo/lemon/lemon_src/lemon.c:34:12: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
extern int access(const char *path, int mode);
data/spatialite-5.0.0/src/gaiageo/lemon/lemon_src/lemon.c:1496:3: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr,format,ap);
data/spatialite-5.0.0/src/gaiageo/lemon/lemon_src/lemon.c:3353:13: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if( access(path,modemask)==0 ) break;
data/spatialite-5.0.0/src/gaiageo/lemon/lemon_src/lemon.c:3434:9: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if( access(user_templatename,004)==-1 ){
data/spatialite-5.0.0/src/gaiageo/lemon/lemon_src/lemon.c:3456:7: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if( access(buf,004)==0 ){
data/spatialite-5.0.0/src/gaiageo/lemon/lemon_src/lemon.c:3458:13: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
}else if( access(templatename,004)==0 ){
data/spatialite-5.0.0/src/geopackage/gaia_cvt_gpkg.c:132:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (pi->column, column);
data/spatialite-5.0.0/src/geopackage/gpkgBinary.c:450:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (gtype, type);
data/spatialite-5.0.0/src/headers/spatialite/debug.h:69:27: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define spatialite_d(...) fprintf(stdout, __VA_ARGS__)
data/spatialite-5.0.0/src/headers/spatialite/debug.h:72:27: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define spatialite_i(...) fprintf(stdout, __VA_ARGS__)
data/spatialite-5.0.0/src/headers/spatialite/debug.h:73:27: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define spatialite_e(...) fprintf(stderr, __VA_ARGS__)
data/spatialite-5.0.0/src/md5/gaia_md5.c:113:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (hex, hex_byte);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:226:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (ign->column, column);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:323:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy ((char *) (value->txt_blob_value), (const char *) p);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:629:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (clean, buf);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:784:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (err_msg, "load shapefile error: <%s>\n",
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:810:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (err_msg,
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:829:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (err_msg, "load shapefile error: <%s>\n",
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:877:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (extra, "\n\tcause: %s\n", shp->LastError);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:878:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (err_msg,
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:992:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (*(col_name + cnt), dummy);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:1019:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (*(col_name + cnt), dummy);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:1038:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (err_msg, "load shapefile error: <%s>\n", errMsg);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:1145:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (err_msg, "load shapefile error: <%s>\n", errMsg);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:1351:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (err_msg,
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:1370:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (err_msg, "load shapefile error: <%s>\n", errMsg);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:1387:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (err_msg, "load shapefile error: <%s>\n",
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:1469:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (err_msg, "load shapefile error: <%s>\n",
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:1493:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (err_msg, "%s\n", shp->LastError);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:1592:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (err_msg, "load shapefile error: <%s>\n",
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:1637:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (err_msg, "load shapefile error: <%s>\n", errMsg);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:1648:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (err_msg, "Inserted %d rows into '%s' from SHAPEFILE",
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:1834:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (err_msg, "load DBF error: <%s>\n",
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:1864:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (err_msg, "load DBF error: table '%s' already exists\n",
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:1892:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (extra, "\n\tcause: %s", dbf->LastError);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:1893:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (err_msg, "load DBF error: cannot open '%s'%s",
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:2006:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (*(col_name + cnt), dummy);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:2025:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (*(col_name + cnt), dummy);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:2043:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (err_msg, "load DBF error: <%s>\n", errMsg);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:2139:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (err_msg, "load DBF error: <%s>\n", errMsg);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:2194:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (err_msg, "load DBF error: <%s>\n",
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:2211:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (err_msg, "%s\n", dbf->LastError);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:2299:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (err_msg, "load DBF error: <%s>\n",
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:2357:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (err_msg, "Inserted %d rows into '%s' from DBF",
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:2376:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (item->basename, basename);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:2682:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (mem_shp->dbf.path, filename);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:2697:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (mem_shp->shp.path, filename);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:2709:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (mem_shp->shx.path, filename);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:2721:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (mem_shp->dbf.path, filename);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:2733:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (mem_shp->prj.path, filename);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:3195:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (srsWkt, srs);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:3332:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (lyr->TableName, table);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:3335:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (lyr->GeometryName, geometry);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:3449:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (*table_name, tn + i_dot + 1);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:3453:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (*table_name, tn);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:4409:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (converted, string);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:4490:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (converted, string);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:4613:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (err_msg,
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:4732:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (err_msg,
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:5021:6: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (buf, FRMT64,
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:5084:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (err_msg, "SELECT failed: %s", sqlite3_errmsg (sqlite));
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:5104:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (err_msg, "ERROR: unable to open '%s' for writing", shp_path);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:5387:6: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (buf, FRMT64,
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:5447:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (err_msg, "dump DBF file error: %s\n", sqlite3_errmsg (sqlite));
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:5467:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (err_msg, "ERROR: unable to open '%s' for writing\n", dbf_path);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:5825:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (*geoname, x);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:6055:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (clean, name);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:6684:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (basename, item->basename);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:6779:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (filename, item->basename);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:7402:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (coordDims, dims);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:7937:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (multi_type, type);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:8386:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (err_msg, "load XL error: <%s>\n",
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:8411:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (err_msg, "load XL error: table '%s' already exists\n",
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:8692:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (err_msg, "load XL error: %s\n", errMsg);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:8708:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (err_msg, "XL datasource '%s' is not valid\n", path);
data/spatialite-5.0.0/src/shapefiles/validator.c:357:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (r->error, error);
data/spatialite-5.0.0/src/shapefiles/validator.c:363:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (r->warning, warning);
data/spatialite-5.0.0/src/shapefiles/validator.c:369:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (r->summary, summary);
data/spatialite-5.0.0/src/shapefiles/validator.c:1020:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (summary, "%d Poin%s", pts, (pts > 1) ? "ts" : "t");
data/spatialite-5.0.0/src/shapefiles/validator.c:1022:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (summary, "%d Linestrin%s", lns, (lns > 1) ? "gs" : "g");
data/spatialite-5.0.0/src/shapefiles/validator.c:1024:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (summary, "%d Polygo%s", pgs, (pgs > 1) ? "ns" : "n");
data/spatialite-5.0.0/src/shapefiles/validator.c:1026:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (summary, "%d Poin%s; %d Linestrin%s", pts,
data/spatialite-5.0.0/src/shapefiles/validator.c:1029:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (summary, "%d Poin%s; %d Polygo%s", pts, (pts > 1) ? "ts" : "t",
data/spatialite-5.0.0/src/shapefiles/validator.c:1032:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (summary, "%d Linestrin%s; %d Polygo%s", lns,
data/spatialite-5.0.0/src/shapefiles/validator.c:1035:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (summary, "%d Poin%s; %d Linestrin%s; %d Polygo%s", pts,
data/spatialite-5.0.0/src/shapefiles/validator.c:1721:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (*err_msg, msg);
data/spatialite-5.0.0/src/shapefiles/validator.c:1882:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (*err_msg, msg);
data/spatialite-5.0.0/src/shapefiles/validator.c:1909:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (*err_msg, msg);
data/spatialite-5.0.0/src/shapefiles/validator.c:1934:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (*err_msg, msg);
data/spatialite-5.0.0/src/shapefiles/validator.c:1953:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (*err_msg, msg);
data/spatialite-5.0.0/src/shapefiles/validator.c:2080:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (*err_msg, msg);
data/spatialite-5.0.0/src/shapefiles/validator.c:2105:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (*err_msg, msg);
data/spatialite-5.0.0/src/shapefiles/validator.c:2130:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (*err_msg, msg);
data/spatialite-5.0.0/src/shapefiles/validator.c:2153:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (*err_msg, msg);
data/spatialite-5.0.0/src/shapefiles/validator.c:2336:3: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (num, FRMT64, p_r->rowid);
data/spatialite-5.0.0/src/shapefiles/validator.c:2370:3: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (num, FRMT64, p_r->rowid);
data/spatialite-5.0.0/src/shapefiles/validator.c:2733:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (*err_msg, msg);
data/spatialite-5.0.0/src/shapefiles/validator.c:2757:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (*err_msg, msg);
data/spatialite-5.0.0/src/shapefiles/validator.c:2783:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (*err_msg, msg);
data/spatialite-5.0.0/src/shapefiles/validator.c:2810:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (*err_msg, msg);
data/spatialite-5.0.0/src/shapefiles/validator.c:2875:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (r->error, error);
data/spatialite-5.0.0/src/shapefiles/validator.c:2881:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (r->warning, warning);
data/spatialite-5.0.0/src/shapefiles/validator.c:2887:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (r->extra, extra);
data/spatialite-5.0.0/src/shapefiles/validator.c:2942:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (*err_msg, msg);
data/spatialite-5.0.0/src/shapefiles/validator.c:3103:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (*err_msg, msg);
data/spatialite-5.0.0/src/shapefiles/validator.c:3177:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (*err_msg, msg);
data/spatialite-5.0.0/src/shapefiles/validator.c:3354:3: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (num, FRMT64, p_r->rowid);
data/spatialite-5.0.0/src/shapefiles/validator.c:3389:3: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (num, FRMT64, p_r->rowid);
data/spatialite-5.0.0/src/shapefiles/validator.c:3674:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (*err_msg, msg);
data/spatialite-5.0.0/src/shapefiles/validator.c:3696:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (*err_msg, msg);
data/spatialite-5.0.0/src/shapefiles/validator.c:3721:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (*err_msg, msg);
data/spatialite-5.0.0/src/shapefiles/validator.c:3746:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (*err_msg, msg);
data/spatialite-5.0.0/src/spatialite/create_routing.c:95:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (cache->createRoutingError, errmsg);
data/spatialite-5.0.0/src/spatialite/create_routing.c:1482:8: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (xid, FRMT64, id);
data/spatialite-5.0.0/src/spatialite/create_routing.c:1510:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (last_code, code);
data/spatialite-5.0.0/src/spatialite/create_routing.c:1922:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy ((char *) out, input_table);
data/spatialite-5.0.0/src/spatialite/create_routing.c:1930:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy ((char *) out, from_column);
data/spatialite-5.0.0/src/spatialite/create_routing.c:1938:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy ((char *) out, to_column);
data/spatialite-5.0.0/src/spatialite/create_routing.c:1950:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy ((char *) out, geom_column);
data/spatialite-5.0.0/src/spatialite/create_routing.c:1962:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy ((char *) out, name_column);
data/spatialite-5.0.0/src/spatialite/create_routing.c:1998:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy ((char *) out, code);
data/spatialite-5.0.0/src/spatialite/create_routing.c:2444:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (name, geom);
data/spatialite-5.0.0/src/spatialite/mbrcache.c:934:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (p_vt->table_name, table);
data/spatialite-5.0.0/src/spatialite/mbrcache.c:937:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (p_vt->column_name, column);
data/spatialite-5.0.0/src/spatialite/metatables.c:3983:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (curr_idx->TableName, p_table);
data/spatialite-5.0.0/src/spatialite/metatables.c:3986:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (curr_idx->ColumnName, p_column);
data/spatialite-5.0.0/src/spatialite/metatables.c:4832:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (curr_idx->TableName, p_table);
data/spatialite-5.0.0/src/spatialite/metatables.c:4835:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (curr_idx->ColumnName, p_column);
data/spatialite-5.0.0/src/spatialite/metatables.c:5395:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (p_table, name);
data/spatialite-5.0.0/src/spatialite/metatables.c:5433:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (p_column, name);
data/spatialite-5.0.0/src/spatialite/metatables.c:5502:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (p_table, name);
data/spatialite-5.0.0/src/spatialite/metatables.c:5543:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (p_column, name);
data/spatialite-5.0.0/src/spatialite/metatables.c:5603:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (fld->AttributeFieldName, column_name);
data/spatialite-5.0.0/src/spatialite/metatables.c:5655:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (lyr->TableName, table_name);
data/spatialite-5.0.0/src/spatialite/metatables.c:5658:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (lyr->GeometryName, geometry_column);
data/spatialite-5.0.0/src/spatialite/spatialite.c:1491:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (table_name, rtree_table);
data/spatialite-5.0.0/src/spatialite/spatialite.c:1504:4: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (pkv, FRMT64, pkid);
data/spatialite-5.0.0/src/spatialite/spatialite.c:1600:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (table_name, rtree_table);
data/spatialite-5.0.0/src/spatialite/spatialite.c:1614:4: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (pkv, FRMT64, pkid);
data/spatialite-5.0.0/src/spatialite/spatialite.c:2063:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (sql, "PRAGMA \"%s\".database_list", xdb_prefix);
data/spatialite-5.0.0/src/spatialite/spatialite.c:2113:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (sql, "PRAGMA \"%s\".table_info(gpkg_geometry_columns)",
data/spatialite-5.0.0/src/spatialite/spatialite.c:2230:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (sql, "PRAGMA \"%s\".table_info(geometry_columns)", xdb_prefix);
data/spatialite-5.0.0/src/spatialite/spatialite.c:2324:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (p->table, table);
data/spatialite-5.0.0/src/spatialite/spatialite.c:3579:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (p->table, table);
data/spatialite-5.0.0/src/spatialite/spatialite.c:6906:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (gtype, results[(i * columns)]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:11605:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (name_malloc, name);
data/spatialite-5.0.0/src/spatialite/spatialite.c:11610:4: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (dummy, FRMT64, int_value);
data/spatialite-5.0.0/src/spatialite/spatialite.c:11613:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (name_malloc, dummy);
data/spatialite-5.0.0/src/spatialite/spatialite.c:11621:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (name_malloc, xdummy);
data/spatialite-5.0.0/src/spatialite/spatialite.c:11638:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (desc_malloc, desc);
data/spatialite-5.0.0/src/spatialite/spatialite.c:11643:4: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (dummy, FRMT64, int_value);
data/spatialite-5.0.0/src/spatialite/spatialite.c:11646:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (desc_malloc, dummy);
data/spatialite-5.0.0/src/spatialite/spatialite.c:11654:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (desc_malloc, xdummy);
data/spatialite-5.0.0/src/spatialite/spatialite.c:16934:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (p_result, p_dim);
data/spatialite-5.0.0/src/spatialite/spatialite.c:17147:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (p_result, p_type);
data/spatialite-5.0.0/src/spatialite/spatialite.c:17236:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (p_result, p_type);
data/spatialite-5.0.0/src/spatialite/spatialite.c:32061:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (srs, name);
data/spatialite-5.0.0/src/spatialite/spatialite.c:35707:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (string, mime);
data/spatialite-5.0.0/src/spatialite/srid_aux.c:243:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (save, mux[item]);
data/spatialite-5.0.0/src/spatialite/srid_aux.c:261:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (result, mux[1]);
data/spatialite-5.0.0/src/spatialite/srid_aux.c:269:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (result, mux[2]);
data/spatialite-5.0.0/src/spatialite/srid_aux.c:283:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (result, mux[1]);
data/spatialite-5.0.0/src/spatialite/srid_aux.c:295:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (result, mux[1]);
data/spatialite-5.0.0/src/spatialite/srid_aux.c:300:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (mux[0], save);
data/spatialite-5.0.0/src/spatialite/srid_aux.c:332:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (result, mux[1]);
data/spatialite-5.0.0/src/spatialite/srid_aux.c:339:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (result, mux[2]);
data/spatialite-5.0.0/src/spatialite/srid_aux.c:353:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (result, mux[1]);
data/spatialite-5.0.0/src/spatialite/srid_aux.c:365:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (result, mux[1]);
data/spatialite-5.0.0/src/spatialite/srid_aux.c:811:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (result, spheroid);
data/spatialite-5.0.0/src/spatialite/srid_aux.c:1005:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (result, prime_meridian);
data/spatialite-5.0.0/src/spatialite/srid_aux.c:1183:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (result, projection);
data/spatialite-5.0.0/src/spatialite/srid_aux.c:1393:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (result, datum);
data/spatialite-5.0.0/src/spatialite/srid_aux.c:1562:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (result, unit);
data/spatialite-5.0.0/src/spatialite/srid_aux.c:1704:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (result, unit);
data/spatialite-5.0.0/src/spatialite/srid_aux.c:1781:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (*proj_params, proj4text);
data/spatialite-5.0.0/src/spatialite/srid_aux.c:1888:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (*proj_params, iter->proj4text);
data/spatialite-5.0.0/src/spatialite/srid_aux.c:1950:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (*wkt, srtext);
data/spatialite-5.0.0/src/spatialite/srid_aux.c:1994:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (*auth_name_srid, auth);
data/spatialite-5.0.0/src/spatialite/statistics.c:516:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (p->col_name, col_name);
data/spatialite-5.0.0/src/spatialite/statistics.c:1029:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (fld->AttributeFieldName, p->col_name);
data/spatialite-5.0.0/src/spatialite/statistics.c:1954:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (coverage_name, cvg);
data/spatialite-5.0.0/src/spatialite/statistics.c:5059:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (*(aux->rtrees + (i - 1)), name);
data/spatialite-5.0.0/src/spatialite/table_cloner.c:1281:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (trigger->name, name);
data/spatialite-5.0.0/src/spatialite/table_cloner.c:1284:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (trigger->sql, sql);
data/spatialite-5.0.0/src/spatialite/table_cloner.c:1305:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (col->from, from);
data/spatialite-5.0.0/src/spatialite/table_cloner.c:1308:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (col->to, to);
data/spatialite-5.0.0/src/spatialite/table_cloner.c:1351:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (fk->references, references);
data/spatialite-5.0.0/src/spatialite/table_cloner.c:1359:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (fk->on_update, on_update);
data/spatialite-5.0.0/src/spatialite/table_cloner.c:1365:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (fk->on_delete, on_delete);
data/spatialite-5.0.0/src/spatialite/table_cloner.c:1371:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (fk->match, match);
data/spatialite-5.0.0/src/spatialite/table_cloner.c:1410:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (index->name, name);
data/spatialite-5.0.0/src/spatialite/table_cloner.c:1432:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (column->name, name);
data/spatialite-5.0.0/src/spatialite/table_cloner.c:1435:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (column->type, type);
data/spatialite-5.0.0/src/spatialite/table_cloner.c:1443:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (column->deflt, deflt);
data/spatialite-5.0.0/src/spatialite/table_cloner.c:1691:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (index->create_sql, create_sql);
data/spatialite-5.0.0/src/spatialite/table_cloner.c:2134:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (cloner->db_prefix, db_prefix);
data/spatialite-5.0.0/src/spatialite/table_cloner.c:2137:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (cloner->in_table, in_table);
data/spatialite-5.0.0/src/spatialite/table_cloner.c:2140:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (cloner->out_table, out_table);
data/spatialite-5.0.0/src/spatialite/virtualXL.c:146:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (path, pPath + 1);
data/spatialite-5.0.0/src/spatialite/virtualXL.c:151:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (path, pPath);
data/spatialite-5.0.0/src/spatialite/virtualXL.c:363:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (str, buf);
data/spatialite-5.0.0/src/spatialite/virtualXL.c:759:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (pC->txtValue,
data/spatialite-5.0.0/src/spatialite/virtualbbox.c:528:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (p_vt->table, table);
data/spatialite-5.0.0/src/spatialite/virtualbbox.c:562:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (p_vt->MinX, col_name);
data/spatialite-5.0.0/src/spatialite/virtualbbox.c:567:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (p_vt->MinY, col_name);
data/spatialite-5.0.0/src/spatialite/virtualbbox.c:572:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (p_vt->MaxX, col_name);
data/spatialite-5.0.0/src/spatialite/virtualbbox.c:577:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (p_vt->MaxY, col_name);
data/spatialite-5.0.0/src/spatialite/virtualbbox.c:582:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (p_vt->ColSrid, col_name);
data/spatialite-5.0.0/src/spatialite/virtualbbox.c:585:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (*(p_vt->Column + (i - 1)), col_name);
data/spatialite-5.0.0/src/spatialite/virtualbbox.c:588:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (*(p_vt->Type + (i - 1)), col_type);
data/spatialite-5.0.0/src/spatialite/virtualdbf.c:116:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (clean, buf);
data/spatialite-5.0.0/src/spatialite/virtualdbf.c:170:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (path, pPath + 1);
data/spatialite-5.0.0/src/spatialite/virtualdbf.c:175:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (path, pPath);
data/spatialite-5.0.0/src/spatialite/virtualdbf.c:183:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (encoding, pEncoding + 1);
data/spatialite-5.0.0/src/spatialite/virtualdbf.c:188:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (encoding, pEncoding);
data/spatialite-5.0.0/src/spatialite/virtualdbf.c:200:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (ColnameCase, pColnameCase + 1);
data/spatialite-5.0.0/src/spatialite/virtualdbf.c:205:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (ColnameCase, pColnameCase);
data/spatialite-5.0.0/src/spatialite/virtualdbf.c:379:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (str, buf);
data/spatialite-5.0.0/src/spatialite/virtualdbf.c:799:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (pC->txtValue,
data/spatialite-5.0.0/src/spatialite/virtualelementary.c:176:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (rt, v);
data/spatialite-5.0.0/src/spatialite/virtualelementary.c:182:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (rg, v);
data/spatialite-5.0.0/src/spatialite/virtualelementary.c:196:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (*real_prefix, db_prefix);
data/spatialite-5.0.0/src/spatialite/virtualfdo.c:907:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (buf, "%s?", prefix);
data/spatialite-5.0.0/src/spatialite/virtualfdo.c:1147:5: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (buf, " WHERE ROWID = " FRMT64, rowid);
data/spatialite-5.0.0/src/spatialite/virtualfdo.c:1342:5: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (dummy, FRMT64, rowid);
data/spatialite-5.0.0/src/spatialite/virtualfdo.c:1784:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (p_vt->db_prefix, db_prefix);
data/spatialite-5.0.0/src/spatialite/virtualfdo.c:1787:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (p_vt->table, table);
data/spatialite-5.0.0/src/spatialite/virtualfdo.c:1816:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (*(p_vt->Column + (i - 1)), col_name);
data/spatialite-5.0.0/src/spatialite/virtualfdo.c:1819:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (*(p_vt->Type + (i - 1)), col_type);
data/spatialite-5.0.0/src/spatialite/virtualfdo.c:1865:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (*(p_vt->GeoColumn + (i - 1)), col_name);
data/spatialite-5.0.0/src/spatialite/virtualgeojson.c:201:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (col->name, name);
data/spatialite-5.0.0/src/spatialite/virtualgeojson.c:343:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (pkv->key, stack->key);
data/spatialite-5.0.0/src/spatialite/virtualgeojson.c:352:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (pkv->value, stack->value);
data/spatialite-5.0.0/src/spatialite/virtualgeojson.c:364:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (pkv->value, stack->numvalue);
data/spatialite-5.0.0/src/spatialite/virtualgeojson.c:644:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (entry->parent_key, parent_key);
data/spatialite-5.0.0/src/spatialite/virtualgeojson.c:853:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (parent_key, stack->key);
data/spatialite-5.0.0/src/spatialite/virtualgeojson.c:1009:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (prop->name, stack->key);
data/spatialite-5.0.0/src/spatialite/virtualgeojson.c:1024:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (prop->txt_value, stack->value);
data/spatialite-5.0.0/src/spatialite/virtualgeojson.c:1545:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (clean, name);
data/spatialite-5.0.0/src/spatialite/virtualgeojson.c:2288:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (path, pPath + 1);
data/spatialite-5.0.0/src/spatialite/virtualgeojson.c:2293:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (path, pPath);
data/spatialite-5.0.0/src/spatialite/virtualgeojson.c:2309:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (ColnameCase, pColnameCase + 1);
data/spatialite-5.0.0/src/spatialite/virtualgeojson.c:2314:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (ColnameCase, pColnameCase);
data/spatialite-5.0.0/src/spatialite/virtualgeojson.c:2345:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (p_vt->TableName, argv[2]);
data/spatialite-5.0.0/src/spatialite/virtualgeojson.c:2727:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (str, buf);
data/spatialite-5.0.0/src/spatialite/virtualgeojson.c:3151:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (pC->txtValue,
data/spatialite-5.0.0/src/spatialite/virtualgpkg.c:344:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (buf, "%s?", prefix);
data/spatialite-5.0.0/src/spatialite/virtualgpkg.c:434:5: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (buf, " WHERE ROWID = " FRMT64, rowid);
data/spatialite-5.0.0/src/spatialite/virtualgpkg.c:495:5: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (dummy, FRMT64, rowid);
data/spatialite-5.0.0/src/spatialite/virtualgpkg.c:620:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (p_vt->db_prefix, db_prefix);
data/spatialite-5.0.0/src/spatialite/virtualgpkg.c:623:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (p_vt->table, table);
data/spatialite-5.0.0/src/spatialite/virtualgpkg.c:649:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (*(p_vt->Column + (i - 1)), col_name);
data/spatialite-5.0.0/src/spatialite/virtualgpkg.c:652:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (*(p_vt->Type + (i - 1)), col_type);
data/spatialite-5.0.0/src/spatialite/virtualgpkg.c:680:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (p_vt->GeoColumn, col_name);
data/spatialite-5.0.0/src/spatialite/virtualknn.c:340:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (ctx->table_name, table);
data/spatialite-5.0.0/src/spatialite/virtualknn.c:343:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (ctx->column_name, column);
data/spatialite-5.0.0/src/spatialite/virtualknn.c:440:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (rt, v);
data/spatialite-5.0.0/src/spatialite/virtualknn.c:446:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (rg, v);
data/spatialite-5.0.0/src/spatialite/virtualknn.c:519:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (rt, v);
data/spatialite-5.0.0/src/spatialite/virtualknn.c:525:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (rg, v);
data/spatialite-5.0.0/src/spatialite/virtualknn.c:639:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (rt, v);
data/spatialite-5.0.0/src/spatialite/virtualknn.c:645:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (rg, v);
data/spatialite-5.0.0/src/spatialite/virtualknn.c:710:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (rt, v);
data/spatialite-5.0.0/src/spatialite/virtualknn.c:716:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (rg, v);
data/spatialite-5.0.0/src/spatialite/virtualknn.c:761:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (*table_name, tn + i_dot + 1);
data/spatialite-5.0.0/src/spatialite/virtualknn.c:766:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (*table_name, tn);
data/spatialite-5.0.0/src/spatialite/virtualnetwork.c:984:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (row->Name, name);
data/spatialite-5.0.0/src/spatialite/virtualnetwork.c:1007:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (p->FromCode, from_code);
data/spatialite-5.0.0/src/spatialite/virtualnetwork.c:1014:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (p->ToCode, to_code);
data/spatialite-5.0.0/src/spatialite/virtualnetwork.c:1027:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (p->Name, name);
data/spatialite-5.0.0/src/spatialite/virtualnetwork.c:1423:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (pR->Name, pA->Name);
data/spatialite-5.0.0/src/spatialite/virtualnetwork.c:1652:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (graph->TableName, table);
data/spatialite-5.0.0/src/spatialite/virtualnetwork.c:1655:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (graph->FromColumn, from);
data/spatialite-5.0.0/src/spatialite/virtualnetwork.c:1658:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (graph->ToColumn, to);
data/spatialite-5.0.0/src/spatialite/virtualnetwork.c:1665:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (graph->GeometryColumn, geom);
data/spatialite-5.0.0/src/spatialite/virtualnetwork.c:1680:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (graph->NameColumn, name);
data/spatialite-5.0.0/src/spatialite/virtualnetwork.c:1782:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (pN->Code, code);
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:799:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (row->Name, name);
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:826:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (p->FromCode, from_code);
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:833:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (p->ToCode, to_code);
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:896:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (p->Name, name);
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:1373:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (pR->Name, pA->Name);
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:1431:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (pR->Name, pA->Name);
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:1891:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (row->Undefined, code);
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:3691:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (row->Undefined, code);
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:3701:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (row->Undefined, code);
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:4347:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (*(to->Codes + 0), destination->Code);
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:4986:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (graph->TableName, table);
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:4989:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (graph->FromColumn, from);
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:4992:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (graph->ToColumn, to);
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:4999:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (graph->GeometryColumn, geom);
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:5014:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (graph->NameColumn, name);
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:5118:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (pN->Code, code);
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:5318:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (p->codNodeFrom, node_from);
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:5321:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (p->codNodeTo, node_to);
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:6084:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (p->codNode, node);
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:6144:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (p->codNode, node);
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:6541:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (name, xname);
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:6889:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (code, p_node_to->codNode);
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:6942:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (code, p2p->toCandidate->codNodeFrom);
data/spatialite-5.0.0/src/spatialite/virtualshape.c:178:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (clean, buf);
data/spatialite-5.0.0/src/spatialite/virtualshape.c:236:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (path, pPath + 1);
data/spatialite-5.0.0/src/spatialite/virtualshape.c:241:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (path, pPath);
data/spatialite-5.0.0/src/spatialite/virtualshape.c:249:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (encoding, pEncoding + 1);
data/spatialite-5.0.0/src/spatialite/virtualshape.c:254:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (encoding, pEncoding);
data/spatialite-5.0.0/src/spatialite/virtualshape.c:269:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (ColnameCase, pColnameCase + 1);
data/spatialite-5.0.0/src/spatialite/virtualshape.c:274:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (ColnameCase, pColnameCase);
data/spatialite-5.0.0/src/spatialite/virtualshape.c:303:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (p_vt->TableName, argv[2]);
data/spatialite-5.0.0/src/spatialite/virtualshape.c:693:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (str, buf);
data/spatialite-5.0.0/src/spatialite/virtualshape.c:1146:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (pC->txtValue,
data/spatialite-5.0.0/src/spatialite/virtualspatialindex.c:202:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (rt, v);
data/spatialite-5.0.0/src/spatialite/virtualspatialindex.c:208:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (rg, v);
data/spatialite-5.0.0/src/spatialite/virtualspatialindex.c:214:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (rowid, v);
data/spatialite-5.0.0/src/spatialite/virtualspatialindex.c:286:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (rt, v);
data/spatialite-5.0.0/src/spatialite/virtualspatialindex.c:292:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (rg, v);
data/spatialite-5.0.0/src/spatialite/virtualspatialindex.c:409:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (rt, v);
data/spatialite-5.0.0/src/spatialite/virtualspatialindex.c:415:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (rg, v);
data/spatialite-5.0.0/src/spatialite/virtualspatialindex.c:421:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (rowid, v);
data/spatialite-5.0.0/src/spatialite/virtualspatialindex.c:490:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (rt, v);
data/spatialite-5.0.0/src/spatialite/virtualspatialindex.c:496:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (rg, v);
data/spatialite-5.0.0/src/spatialite/virtualspatialindex.c:545:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (*table_name, tn + i_dot + 1);
data/spatialite-5.0.0/src/spatialite/virtualspatialindex.c:550:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (*table_name, tn);
data/spatialite-5.0.0/src/spatialite/virtualxpath.c:195:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (ns->Prefix, prefix);
data/spatialite-5.0.0/src/spatialite/virtualxpath.c:199:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (ns->Href, href);
data/spatialite-5.0.0/src/spatialite/virtualxpath.c:289:5: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf (out, 65536, msg, args);
data/spatialite-5.0.0/src/spatialite/virtualxpath.c:806:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (cursor->xpathExpr, exp);
data/spatialite-5.0.0/src/srsinit/epsg_update/auto_epsg.c:92:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (p->ref_sys_name, name);
data/spatialite-5.0.0/src/srsinit/epsg_update/auto_epsg.c:95:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (p->proj4text, proj4text);
data/spatialite-5.0.0/src/srsinit/epsg_update/auto_epsg.c:120:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (p->srs_wkt, wkt);
data/spatialite-5.0.0/src/srsinit/epsg_update/auto_epsg.c:205:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (name, line + 2);
data/spatialite-5.0.0/src/srsinit/epsg_update/auto_epsg_ext.c:128:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (p->ref_sys_name, name);
data/spatialite-5.0.0/src/srsinit/epsg_update/auto_epsg_ext.c:131:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (p->proj4text, proj4text);
data/spatialite-5.0.0/src/srsinit/epsg_update/auto_epsg_ext.c:134:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (p->srtext, srtext);
data/spatialite-5.0.0/src/srsinit/epsg_update/auto_epsg_ext.c:137:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (p->unit, unit);
data/spatialite-5.0.0/src/srsinit/epsg_update/auto_epsg_ext.c:140:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (p->axis_1, axis_1);
data/spatialite-5.0.0/src/srsinit/epsg_update/auto_epsg_ext.c:143:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (p->orientation_1, orientation_1);
data/spatialite-5.0.0/src/srsinit/epsg_update/auto_epsg_ext.c:146:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (p->axis_2, axis_2);
data/spatialite-5.0.0/src/srsinit/epsg_update/auto_epsg_ext.c:149:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (p->orientation_2, orientation_2);
data/spatialite-5.0.0/src/srsinit/epsg_update/auto_epsg_ext.c:152:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (p->spheroid, spheroid);
data/spatialite-5.0.0/src/srsinit/epsg_update/auto_epsg_ext.c:155:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (p->prime_meridian, prime_meridian);
data/spatialite-5.0.0/src/srsinit/epsg_update/auto_epsg_ext.c:158:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (p->datum, datum);
data/spatialite-5.0.0/src/srsinit/epsg_update/auto_epsg_ext.c:161:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (p->projection, projection);
data/spatialite-5.0.0/src/srsinit/epsg_update/epsg_from_gdal-proj6.c:55:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (crs->proj4text, proj4text);
data/spatialite-5.0.0/src/srsinit/epsg_update/epsg_from_gdal-proj6.c:129:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (proj4text, crs->proj4text);
data/spatialite-5.0.0/src/srsinit/srs_init.c:125:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (p->auth_name, auth_name);
data/spatialite-5.0.0/src/srsinit/srs_init.c:136:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (p->ref_sys_name, ref_sys_name);
data/spatialite-5.0.0/src/srsinit/srs_init.c:206:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (p->auth_name, auth_name);
data/spatialite-5.0.0/src/srsinit/srs_init.c:217:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (p->ref_sys_name, ref_sys_name);
data/spatialite-5.0.0/src/srsinit/srs_init.c:228:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (p->spheroid, spheroid);
data/spatialite-5.0.0/src/srsinit/srs_init.c:236:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (p->prime_meridian, prime_meridian);
data/spatialite-5.0.0/src/srsinit/srs_init.c:244:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (p->datum, datum);
data/spatialite-5.0.0/src/srsinit/srs_init.c:252:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (p->projection, projection);
data/spatialite-5.0.0/src/srsinit/srs_init.c:260:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (p->unit, unit);
data/spatialite-5.0.0/src/srsinit/srs_init.c:268:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (p->axis_1, axis_1);
data/spatialite-5.0.0/src/srsinit/srs_init.c:276:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (p->orientation_1, orientation_1);
data/spatialite-5.0.0/src/srsinit/srs_init.c:284:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (p->axis_2, axis_2);
data/spatialite-5.0.0/src/srsinit/srs_init.c:292:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (p->orientation_2, orientation_2);
data/spatialite-5.0.0/src/srsinit/srs_init.c:320:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (p->proj4text, text);
data/spatialite-5.0.0/src/srsinit/srs_init.c:329:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (string, p->proj4text);
data/spatialite-5.0.0/src/srsinit/srs_init.c:332:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (p->proj4text, text);
data/spatialite-5.0.0/src/srsinit/srs_init.c:350:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (p->srs_wkt, text);
data/spatialite-5.0.0/src/srsinit/srs_init.c:359:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (string, p->srs_wkt);
data/spatialite-5.0.0/src/srsinit/srs_init.c:362:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (p->srs_wkt, text);
data/spatialite-5.0.0/src/stored_procedures/stored_procedures.c:125:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (cache->storedProcError, errmsg);
data/spatialite-5.0.0/src/stored_procedures/stored_procedures.c:230:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (val, str + start);
data/spatialite-5.0.0/src/stored_procedures/stored_procedures.c:463:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (sql, xsql);
data/spatialite-5.0.0/src/stored_procedures/stored_procedures.c:1634:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (p_value, var_with_val);
data/spatialite-5.0.0/src/stored_procedures/stored_procedures.c:2308:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf (log, FRMT64, int64);
data/spatialite-5.0.0/src/stored_procedures/stored_procedures.c:2467:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (cache->SqlProcLogfile, filepath);
data/spatialite-5.0.0/src/topology/gaia_auxnet.c:1195:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (xnetwork_name, str);
data/spatialite-5.0.0/src/topology/gaia_auxnet.c:1514:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (net->last_error_message, msg);
data/spatialite-5.0.0/src/topology/gaia_auxtopo.c:2138:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (xtopology_name, str);
data/spatialite-5.0.0/src/topology/gaia_auxtopo.c:2581:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (topo->last_error_message, msg);
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:6307:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (geometry_name, dummy);
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:7238:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (geometry_name, dummy);
data/spatialite-5.0.0/src/topology/gaia_network.c:2920:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (xx_table, table_name);
data/spatialite-5.0.0/src/topology/gaia_network.c:2925:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (xx_column, column_name);
data/spatialite-5.0.0/src/topology/gaia_network.c:3901:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (xnetwork_name, str);
data/spatialite-5.0.0/src/topology/gaia_topology.c:157:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (pI->name, name);
data/spatialite-5.0.0/src/topology/gaia_topology.c:160:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (pI->type, type);
data/spatialite-5.0.0/src/topology/gaia_topology.c:3924:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (xx_table, table_name);
data/spatialite-5.0.0/src/topology/gaia_topology.c:3929:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (xx_column, column_name);
data/spatialite-5.0.0/src/topology/gaia_topology.c:7882:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (xtopology_name, str);
data/spatialite-5.0.0/src/topology/gaia_topology.c:8889:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (xreftable, ref_table);
data/spatialite-5.0.0/src/topology/gaia_topology.c:8891:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (xrefcolumn, ref_column);
data/spatialite-5.0.0/src/topology/lwn_network.c:414:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (iface->errorMsg, message);
data/spatialite-5.0.0/src/virtualtext/virtualtext.c:124:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (buffer + 1, value);
data/spatialite-5.0.0/src/virtualtext/virtualtext.c:126:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (value, buffer);
data/spatialite-5.0.0/src/virtualtext/virtualtext.c:145:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (buffer + 1, value);
data/spatialite-5.0.0/src/virtualtext/virtualtext.c:147:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (value, buffer);
data/spatialite-5.0.0/src/virtualtext/virtualtext.c:196:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (path, pPath + 1);
data/spatialite-5.0.0/src/virtualtext/virtualtext.c:201:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (path, pPath);
data/spatialite-5.0.0/src/virtualtext/virtualtext.c:209:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (encoding, pEncoding + 1);
data/spatialite-5.0.0/src/virtualtext/virtualtext.c:214:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (encoding, pEncoding);
data/spatialite-5.0.0/src/virtualtext/virtualtext.c:277:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (sql, "CREATE TABLE %s (ROWNO INTEGER)", vtable);
data/spatialite-5.0.0/src/virtualtext/virtualtext.c:291:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (sql, "CREATE TABLE %s (ROWNO INTEGER", vtable);
data/spatialite-5.0.0/src/virtualtext/virtualtext.c:297:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (dummyName, "\"%s\"", text->columns[i].name);
data/spatialite-5.0.0/src/virtualtext/virtualtext.c:310:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (*(col_name + i), dummyName);
data/spatialite-5.0.0/src/virtualtext/virtualtext.c:311:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (sql, dummyName);
data/spatialite-5.0.0/src/virtualtext/virtualtext.c:369:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (str, buf);
data/spatialite-5.0.0/src/virtualtext/virtualtext.c:547:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (buf, value);
data/spatialite-5.0.0/src/virtualtext/virtualtext.c:559:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (buf, value);
data/spatialite-5.0.0/src/virtualtext/virtualtext.c:778:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (pC->txtValue,
data/spatialite-5.0.0/src/virtualtext/virtualtext.c:867:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (buf, value);
data/spatialite-5.0.0/src/virtualtext/virtualtext.c:878:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (buf, value);
data/spatialite-5.0.0/src/virtualtext/virtualtext.c:1306:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (buffer, string);
data/spatialite-5.0.0/src/virtualtext/virtualtext.c:1381:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (txt->columns[col_no].name, utf8text);
data/spatialite-5.0.0/src/wfs/wfs_in.c:206:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (col->name, name);
data/spatialite-5.0.0/src/wfs/wfs_in.c:233:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (geo->geometry_name, name);
data/spatialite-5.0.0/src/wfs/wfs_in.c:325:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (ptr->layer_name, layer_name);
data/spatialite-5.0.0/src/wfs/wfs_in.c:458:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (ptr->srs_name, srs_name);
data/spatialite-5.0.0/src/wfs/wfs_in.c:471:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (ptr->keyword, keyword);
data/spatialite-5.0.0/src/wfs/wfs_in.c:484:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (lyr->name, name);
data/spatialite-5.0.0/src/wfs/wfs_in.c:491:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (lyr->title, title);
data/spatialite-5.0.0/src/wfs/wfs_in.c:499:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (lyr->abstract, abstract);
data/spatialite-5.0.0/src/wfs/wfs_in.c:832:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (ptr->version, version);
data/spatialite-5.0.0/src/wfs/wfs_in.c:926:5: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf (out, 65536, msg, args);
data/spatialite-5.0.0/src/wfs/wfs_in.c:942:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (string, (char *) (node->content));
data/spatialite-5.0.0/src/wfs/wfs_in.c:960:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (*describe_uri, p_base);
data/spatialite-5.0.0/src/wfs/wfs_in.c:1302:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (*err_msg, errBuf.Buffer);
data/spatialite-5.0.0/src/wfs/wfs_in.c:1317:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (*err_msg, msg);
data/spatialite-5.0.0/src/wfs/wfs_in.c:1927:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (*err_msg, err);
data/spatialite-5.0.0/src/wfs/wfs_in.c:1948:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (attr->value, col->pValue);
data/spatialite-5.0.0/src/wfs/wfs_in.c:1972:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (geometry->geometry_value, geo->geometry_value);
data/spatialite-5.0.0/src/wfs/wfs_in.c:2258:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (pk_candidate, auto_pk_name);
data/spatialite-5.0.0/src/wfs/wfs_in.c:2276:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (auto_pk_name, pk_candidate);
data/spatialite-5.0.0/src/wfs/wfs_in.c:2279:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (pk_candidate, "%s_%d", auto_pk_name, num);
data/spatialite-5.0.0/src/wfs/wfs_in.c:2319:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (auto_pk_name, pk_column_name);
data/spatialite-5.0.0/src/wfs/wfs_in.c:2406:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (*err_msg, errMsg);
data/spatialite-5.0.0/src/wfs/wfs_in.c:2459:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (*err_msg, errMsg);
data/spatialite-5.0.0/src/wfs/wfs_in.c:2483:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (*err_msg, errMsg);
data/spatialite-5.0.0/src/wfs/wfs_in.c:2569:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (*err_msg, errMsg);
data/spatialite-5.0.0/src/wfs/wfs_in.c:2587:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (*err_msg, errMsg);
data/spatialite-5.0.0/src/wfs/wfs_in.c:3497:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (*err_msg, errBuf.Buffer);
data/spatialite-5.0.0/src/wfs/wfs_in.c:3509:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (describe_uri, alt_describe_uri);
data/spatialite-5.0.0/src/wfs/wfs_in.c:3526:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (*err_msg, msg);
data/spatialite-5.0.0/src/wfs/wfs_in.c:3574:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (*err_msg, err);
data/spatialite-5.0.0/src/wfs/wfs_in.c:3731:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (string, (const char *) (node->content));
data/spatialite-5.0.0/src/wfs/wfs_in.c:4167:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (*err_msg, errBuf.Buffer);
data/spatialite-5.0.0/src/wfs/wfs_in.c:4457:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (url2, url);
data/spatialite-5.0.0/src/wfs/wfs_in.c:4510:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (url2, url);
data/spatialite-5.0.0/src/wfs/wfs_in.c:4702:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (*err_msg, msg);
data/spatialite-5.0.0/src/wfs/wfs_in.c:4722:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (*err_msg, msg);
data/spatialite-5.0.0/src/wfs/wfs_in.c:4900:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (*err_msg, msg);
data/spatialite-5.0.0/test/check_bufovflw.c:1146:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (string, value);
data/spatialite-5.0.0/test/check_bufovflw.c:1201:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (string, value);
data/spatialite-5.0.0/test/check_bufovflw.c:1256:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (string, value);
data/spatialite-5.0.0/test/check_bufovflw.c:1311:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (string, value);
data/spatialite-5.0.0/test/check_bufovflw.c:1364:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (string, value);
data/spatialite-5.0.0/test/check_bufovflw.c:1419:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (string, value);
data/spatialite-5.0.0/test/check_bufovflw.c:1474:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (string, value);
data/spatialite-5.0.0/test/check_bufovflw.c:1530:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (string, value);
data/spatialite-5.0.0/test/check_bufovflw.c:1584:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (string, value);
data/spatialite-5.0.0/test/check_bufovflw.c:1642:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (string, value);
data/spatialite-5.0.0/test/check_bufovflw.c:1701:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (string, value);
data/spatialite-5.0.0/test/check_dxf.c:888:11: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
ret = system ("cp test-legacy-3.0.1.sqlite copy-dxf-legacy-3.0.1.sqlite");
data/spatialite-5.0.0/test/check_dxf.c:1099:11: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
ret = system ("cp test-legacy-3.0.1.sqlite copy-dxf-legacy-3.0.1.sqlite");
data/spatialite-5.0.0/test/check_dxf.c:1307:11: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
ret = system ("cp test-legacy-3.0.1.sqlite copy-dxf-legacy-3.0.1.sqlite");
data/spatialite-5.0.0/test/check_fdo1.c:83:11: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
ret = system ("cp sql_stmt_tests/testFDO.sqlite testFDO.sqlite");
data/spatialite-5.0.0/test/check_fdo3.c:73:11: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
ret = system ("cp sql_stmt_tests/testFGF.sqlite testFGF.sqlite");
data/spatialite-5.0.0/test/check_gpkgConvert.c:219:11: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
ret = system ("cp ./gpkg_test.sqlite copy-gpkg_test.sqlite");
data/spatialite-5.0.0/test/check_gpkgConvert.c:272:2: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system ("cp ./test-legacy-3.0.1.sqlite copy-test-legacy-3.0.1.sqlite");
data/spatialite-5.0.0/test/check_gpkgVirtual.c:482:11: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
ret = system ("cp ./gpkg_test.gpkg copy-gpkg_test.gpkg");
data/spatialite-5.0.0/test/check_gpkg_base_core_contents_data_table_def.c:268:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (fulltoken, token);
data/spatialite-5.0.0/test/check_gpkg_base_core_contents_data_table_def.c:270:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (fulltoken, nexttoken);
data/spatialite-5.0.0/test/check_gpkg_opt_extension_mechanism_extensions_data_table_def.c:191:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (fulltoken, token);
data/spatialite-5.0.0/test/check_gpkg_opt_extension_mechanism_extensions_data_table_def.c:193:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (fulltoken, nexttoken1);
data/spatialite-5.0.0/test/check_gpkg_opt_extension_mechanism_extensions_data_table_def.c:195:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (fulltoken, nexttoken2);
data/spatialite-5.0.0/test/check_spatialindex.c:1777:2: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system
data/spatialite-5.0.0/test/check_spatialindex.c:1843:2: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system
data/spatialite-5.0.0/test/check_sql_stmt.h:146:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (conn->db_path, database_name);
data/spatialite-5.0.0/test/check_sql_stmt.h:865:2: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system
data/spatialite-5.0.0/test/check_virtual_ovflw.c:347:11: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
ret = system ("cp sql_stmt_tests/testdb1.sqlite testdb1.sqlite");
data/spatialite-5.0.0/test/check_virtualtable2.c:1191:11: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
ret = system ("cp test-legacy-3.0.1.sqlite copy-virt2-legacy-3.0.1.sqlite");
data/spatialite-5.0.0/test/routing_test.c:1157:11: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
ret = system ("cp orbetello.sqlite copy-orbetello.sqlite");
data/spatialite-5.0.0/test/scandir4win.h:71:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (path, dirname);
data/spatialite-5.0.0/test/shape_primitives.c:999:2: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system
data/spatialite-5.0.0/test/shape_primitives.c:1038:11: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
ret = system ("cp test-invalid.sqlite copy-invalid.sqlite");
data/spatialite-5.0.0/test/shape_primitives.c:1086:11: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
ret = system ("cp test-invalid.sqlite copy-invalid.sqlite");
data/spatialite-5.0.0/test/shape_primitives.c:1131:11: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
ret = system ("cp test-legacy-2.3.1.sqlite copy-legacy-2.3.1.sqlite");
data/spatialite-5.0.0/test/shape_utf8_1.c:426:2: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system ("cp test-legacy-3.0.1.sqlite copy-utf8_1-legacy-3.0.1.sqlite");
data/spatialite-5.0.0/test/shape_utf8_1ex.c:431:2: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system
data/spatialite-5.0.0/src/connection_cache/alloc_cache.c:410:17: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
tinyPoint = getenv ("SPATIALITE_TINYPOINT");
data/spatialite-5.0.0/src/connection_cache/alloc_cache.c:514:9: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv ("PROJ_LIB") != NULL)
data/spatialite-5.0.0/src/connection_cache/alloc_cache.c:515:43: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
proj_db = sqlite3_mprintf ("%s/proj.db", getenv ("PROJ_LIB"));
data/spatialite-5.0.0/src/connection_cache/alloc_cache.c:561:48: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
sqlite3_mprintf ("%s\\spatialite\\proj", getenv ("PUBLIC"));
data/spatialite-5.0.0/src/connection_cache/alloc_cache.c:564:10: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
getenv ("PUBLIC"));
data/spatialite-5.0.0/src/connection_cache/alloc_cache.c:578:10: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
getenv ("USERPROFILE"));
data/spatialite-5.0.0/src/connection_cache/alloc_cache.c:581:10: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
getenv ("USERPROFILE"));
data/spatialite-5.0.0/src/connection_cache/alloc_cache.c:1264:5: [3] (misc) EnterCriticalSection:
On some versions of Windows, exceptions can be thrown in low-memory
situations. Use InitializeCriticalSectionAndSpinCount instead.
EnterCriticalSection (&gaia_cache_semaphore);
data/spatialite-5.0.0/src/connection_cache/alloc_cache.c:1289:5: [3] (misc) InitializeCriticalSection:
Exceptions can be thrown in low-memory situations. Use
InitializeCriticalSectionAndSpinCount instead.
InitializeCriticalSection (&gaia_cache_semaphore);
data/spatialite-5.0.0/src/gaiageo/lemon/lemon_src/lemon.c:3337:16: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
pathlist = getenv("PATH");
data/spatialite-5.0.0/src/spatialite/spatialite.c:428:10: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
char random[40];
data/spatialite-5.0.0/src/spatialite/spatialite.c:429:15: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
char *p = random;
data/spatialite-5.0.0/src/spatialite/spatialite.c:440:40: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
table = sqlite3_mprintf ("tmp_%s", random);
data/spatialite-5.0.0/src/spatialite/spatialite.c:50792:22: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
security_level = getenv ("SPATIALITE_SECURITY");
data/spatialite-5.0.0/test/check_add_tile_triggers.c:66:35: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
old_SPATIALITE_SECURITY_ENV = getenv ("SPATIALITE_SECURITY");
data/spatialite-5.0.0/test/check_get_normal_row.c:69:35: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
old_SPATIALITE_SECURITY_ENV = getenv ("SPATIALITE_SECURITY");
data/spatialite-5.0.0/test/check_gpkgCreateTilesZoomLevel.c:66:35: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
old_SPATIALITE_SECURITY_ENV = getenv ("SPATIALITE_SECURITY");
data/spatialite-5.0.0/test/check_gpkgGetImageFormat.c:67:35: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
old_SPATIALITE_SECURITY_ENV = getenv ("SPATIALITE_SECURITY");
data/spatialite-5.0.0/test/check_gpkgGetImageFormat_png.c:67:35: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
old_SPATIALITE_SECURITY_ENV = getenv ("SPATIALITE_SECURITY");
data/spatialite-5.0.0/test/check_gpkgGetImageFormat_tiff.c:67:35: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
old_SPATIALITE_SECURITY_ENV = getenv ("SPATIALITE_SECURITY");
data/spatialite-5.0.0/test/check_gpkgGetImageFormat_webp.c:67:35: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
old_SPATIALITE_SECURITY_ENV = getenv ("SPATIALITE_SECURITY");
data/spatialite-5.0.0/test/check_multithread.c:441:22: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
security_level = getenv ("SPATIALITE_SECURITY");
data/spatialite-5.0.0/test/check_multithread.c:633:22: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
security_level = getenv ("SPATIALITE_SECURITY");
data/spatialite-5.0.0/test/check_multithread.c:793:8: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
x = random () % list->count;
data/spatialite-5.0.0/test/check_multithread.c:881:15: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
env_var = getenv ("SPATIALITE_MULTITHREAD_TEST");
data/spatialite-5.0.0/test/check_multithread.c:892:15: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
env_var = getenv ("SPATIALITE_NUM_THREADS");
data/spatialite-5.0.0/test/check_multithread.c:907:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand (getpid ());
data/spatialite-5.0.0/test/check_multithread.c:909:5: [3] (random) srandom:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srandom (getpid ());
data/spatialite-5.0.0/test/check_sql_stmt.h:586:22: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
security_level = getenv ("SPATIALITE_SECURITY");
data/spatialite-5.0.0/test/check_sql_stmt.h:892:22: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
security_level = getenv ("SPATIALITE_SECURITY");
data/spatialite-5.0.0/test/check_sql_stmt.h:955:22: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
security_level = getenv ("SPATIALITE_SECURITY");
data/spatialite-5.0.0/test/check_stored_proc.c:2118:35: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
old_SPATIALITE_SECURITY_ENV = getenv ("SPATIALITE_SECURITY");
data/spatialite-5.0.0/test/check_toponoface2d.c:799:35: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
old_SPATIALITE_SECURITY_ENV = getenv ("SPATIALITE_SECURITY");
data/spatialite-5.0.0/test/check_topoplus.c:4285:35: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
old_SPATIALITE_SECURITY_ENV = getenv ("SPATIALITE_SECURITY");
data/spatialite-5.0.0/test/check_zipshp.c:70:35: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
old_SPATIALITE_SECURITY_ENV = getenv ("SPATIALITE_SECURITY");
data/spatialite-5.0.0/test/geojson_test.c:149:35: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
old_SPATIALITE_SECURITY_ENV = getenv ("SPATIALITE_SECURITY");
data/spatialite-5.0.0/examples/demo1.c:38:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sql[256];
data/spatialite-5.0.0/examples/demo1.c:123:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql,
data/spatialite-5.0.0/examples/demo3.c:36:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sql[256];
data/spatialite-5.0.0/examples/demo3.c:90:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "SELECT InitSpatialMetadata(1)");
data/spatialite-5.0.0/examples/demo3.c:105:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "CREATE TABLE test (");
data/spatialite-5.0.0/examples/demo3.c:106:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "PK INTEGER NOT NULL PRIMARY KEY)");
data/spatialite-5.0.0/examples/demo3.c:120:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "SELECT AddGeometryColumn('test', 'geom', 3003, 'POINT', 2)");
data/spatialite-5.0.0/examples/demo3.c:134:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "SELECT CreateSpatialIndex('test', 'geom')");
data/spatialite-5.0.0/examples/demo3.c:157:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "BEGIN");
data/spatialite-5.0.0/examples/demo3.c:173:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "INSERT INTO test (pk, geom) VALUES (?, ?)");
data/spatialite-5.0.0/examples/demo3.c:246:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "COMMIT");
data/spatialite-5.0.0/examples/demo3.c:261:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "ANALYZE test");
data/spatialite-5.0.0/examples/demo3.c:279:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "SELECT Count(*) FROM test ");
data/spatialite-5.0.0/examples/demo3.c:280:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE MbrWithin(geom, BuildMbr(");
data/spatialite-5.0.0/examples/demo3.c:281:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "1000400.5, 4000400.5, ");
data/spatialite-5.0.0/examples/demo3.c:282:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "1000450.5, 4000450.5))");
data/spatialite-5.0.0/examples/demo3.c:299:56: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
printf ("Count(*) = %d\t\t[elapsed time: %1.4f]\n", atoi (count),
data/spatialite-5.0.0/examples/demo3.c:314:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "SELECT Count(*) FROM test ");
data/spatialite-5.0.0/examples/demo3.c:315:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE MbrWithin(geom, BuildMbr(");
data/spatialite-5.0.0/examples/demo3.c:316:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "1000400.5, 4000400.5, ");
data/spatialite-5.0.0/examples/demo3.c:317:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "1000450.5, 4000450.5)) AND ROWID IN (");
data/spatialite-5.0.0/examples/demo3.c:318:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "SELECT pkid FROM idx_test_geom WHERE ");
data/spatialite-5.0.0/examples/demo3.c:319:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "xmin > 1000400.5 AND ");
data/spatialite-5.0.0/examples/demo3.c:320:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "xmax < 1000450.5 AND ");
data/spatialite-5.0.0/examples/demo3.c:321:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "ymin > 4000400.5 AND ");
data/spatialite-5.0.0/examples/demo3.c:322:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "ymax < 4000450.5)");
data/spatialite-5.0.0/examples/demo3.c:343:56: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
printf ("Count(*) = %d\t\t[elapsed time: %1.4f]\n", atoi (count),
data/spatialite-5.0.0/examples/demo4.c:36:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sql[256];
data/spatialite-5.0.0/examples/demo4.c:90:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "SELECT InitSpatialMetadata(1)");
data/spatialite-5.0.0/examples/demo4.c:105:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "CREATE TABLE test (");
data/spatialite-5.0.0/examples/demo4.c:106:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "PK INTEGER NOT NULL PRIMARY KEY)");
data/spatialite-5.0.0/examples/demo4.c:120:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "SELECT AddGeometryColumn('test', 'geom', 3003, 'POINT', 2)");
data/spatialite-5.0.0/examples/demo4.c:134:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "SELECT CreateMbrCache('test', 'geom')");
data/spatialite-5.0.0/examples/demo4.c:157:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "BEGIN");
data/spatialite-5.0.0/examples/demo4.c:173:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "INSERT INTO test (pk, geom) VALUES (?, ?)");
data/spatialite-5.0.0/examples/demo4.c:246:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "COMMIT");
data/spatialite-5.0.0/examples/demo4.c:261:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "ANALYZE test");
data/spatialite-5.0.0/examples/demo4.c:279:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "SELECT Count(*) FROM test ");
data/spatialite-5.0.0/examples/demo4.c:280:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE MbrWithin(geom, BuildMbr(");
data/spatialite-5.0.0/examples/demo4.c:281:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "1000400.5, 4000400.5, ");
data/spatialite-5.0.0/examples/demo4.c:282:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "1000450.5, 4000450.5))");
data/spatialite-5.0.0/examples/demo4.c:299:56: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
printf ("Count(*) = %d\t\t[elapsed time: %1.4f]\n", atoi (count),
data/spatialite-5.0.0/examples/demo4.c:314:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "SELECT Count(*) FROM test ");
data/spatialite-5.0.0/examples/demo4.c:315:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE ROWID IN (");
data/spatialite-5.0.0/examples/demo4.c:316:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "SELECT rowid FROM cache_test_geom WHERE ");
data/spatialite-5.0.0/examples/demo4.c:317:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/examples/demo4.c:340:56: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
printf ("Count(*) = %d\t\t[elapsed time: %1.4f]\n", atoi (count),
data/spatialite-5.0.0/src/connection_cache/alloc_cache.c:413:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
else if (atoi (tinyPoint) != 0)
data/spatialite-5.0.0/src/connection_cache/alloc_cache.c:1163:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (res, str, len);
data/spatialite-5.0.0/src/connection_cache/alloc_cache.c:1518:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (blob, value, size);
data/spatialite-5.0.0/src/connection_cache/generator/code_generator.c:55:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
max = atoi (argv[1]);
data/spatialite-5.0.0/src/connection_cache/generator/code_generator.c:68:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out = fopen ("cache_aux_1.h", "w");
data/spatialite-5.0.0/src/connection_cache/generator/code_generator.c:91:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out = fopen ("cache_aux_2.h", "w");
data/spatialite-5.0.0/src/connection_cache/generator/code_generator.c:118:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out = fopen ("cache_aux_3.h", "w");
data/spatialite-5.0.0/src/cutter/gaia_cutter.c:690:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (value) > 0)
data/spatialite-5.0.0/src/cutter/gaia_cutter.c:738:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
geom_srid = atoi (value);
data/spatialite-5.0.0/src/cutter/gaia_cutter.c:740:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
geom_type = atoi (value);
data/spatialite-5.0.0/src/cutter/gaia_cutter.c:845:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (value) > 0)
data/spatialite-5.0.0/src/cutter/gaia_cutter.c:893:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
geom_srid = atoi (value);
data/spatialite-5.0.0/src/cutter/gaia_cutter.c:895:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
geom_type = atoi (value);
data/spatialite-5.0.0/src/cutter/gaia_cutter.c:989:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (value) > 0)
data/spatialite-5.0.0/src/cutter/gaia_cutter.c:1110:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
count = atoi (value);
data/spatialite-5.0.0/src/cutter/gaia_cutter.c:1228:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (value) == 1)
data/spatialite-5.0.0/src/cutter/gaia_cutter.c:1293:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (idx_prefix, "TEMP");
data/spatialite-5.0.0/src/cutter/gaia_cutter.c:1459:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (value) > 0)
data/spatialite-5.0.0/src/cutter/gaia_cutter.c:1462:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
(tbl, name, type, atoi (notnull), GAIA_CUTTER_INPUT_PK,
data/spatialite-5.0.0/src/cutter/gaia_cutter.c:1463:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
atoi (value)) == NULL)
data/spatialite-5.0.0/src/cutter/gaia_cutter.c:1517:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (value) > 0)
data/spatialite-5.0.0/src/cutter/gaia_cutter.c:1520:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
(tbl, name, type, atoi (notnull), GAIA_CUTTER_BLADE_PK,
data/spatialite-5.0.0/src/cutter/gaia_cutter.c:1521:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
atoi (value)) == NULL)
data/spatialite-5.0.0/src/dxf/dxf_loader.c:355:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (results[(i * n_columns) + 0]) == srid)
data/spatialite-5.0.0/src/dxf/dxf_loader.c:394:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (results[(i * n_columns) + 0]) == srid)
data/spatialite-5.0.0/src/dxf/dxf_loader.c:396:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (results[(i * n_columns) + 1]) == 1 && !is3D)
data/spatialite-5.0.0/src/dxf/dxf_loader.c:398:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (results[(i * n_columns) + 1]) == 1001 && is3D)
data/spatialite-5.0.0/src/dxf/dxf_loader.c:485:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (results[(i * n_columns) + 0]) == srid)
data/spatialite-5.0.0/src/dxf/dxf_loader.c:524:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (results[(i * n_columns) + 0]) == srid)
data/spatialite-5.0.0/src/dxf/dxf_loader.c:526:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (results[(i * n_columns) + 1]) == 1 && !is3D)
data/spatialite-5.0.0/src/dxf/dxf_loader.c:528:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (results[(i * n_columns) + 1]) == 1001 && is3D)
data/spatialite-5.0.0/src/dxf/dxf_loader.c:608:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (results[(i * n_columns) + 0]) == srid)
data/spatialite-5.0.0/src/dxf/dxf_loader.c:648:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (results[(i * n_columns) + 0]) == srid)
data/spatialite-5.0.0/src/dxf/dxf_loader.c:650:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (results[(i * n_columns) + 1]) == 2 && !is3D)
data/spatialite-5.0.0/src/dxf/dxf_loader.c:652:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (results[(i * n_columns) + 1]) == 1002 && is3D)
data/spatialite-5.0.0/src/dxf/dxf_loader.c:732:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (results[(i * n_columns) + 0]) == srid)
data/spatialite-5.0.0/src/dxf/dxf_loader.c:771:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (results[(i * n_columns) + 0]) == srid)
data/spatialite-5.0.0/src/dxf/dxf_loader.c:773:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (results[(i * n_columns) + 1]) == 3 && !is3D)
data/spatialite-5.0.0/src/dxf/dxf_loader.c:775:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (results[(i * n_columns) + 1]) == 1003 && is3D)
data/spatialite-5.0.0/src/dxf/dxf_loader.c:861:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (results[(i * n_columns) + 0]) == srid)
data/spatialite-5.0.0/src/dxf/dxf_loader.c:887:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (results[(i * n_columns) + 0]) == srid)
data/spatialite-5.0.0/src/dxf/dxf_loader.c:925:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (results[(i * n_columns) + 0]) == srid)
data/spatialite-5.0.0/src/dxf/dxf_loader.c:927:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (results[(i * n_columns) + 1]) == 6)
data/spatialite-5.0.0/src/dxf/dxf_loader.c:948:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (results[(i * n_columns) + 0]) == srid)
data/spatialite-5.0.0/src/dxf/dxf_loader.c:950:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (results[(i * n_columns) + 1]) == 5)
data/spatialite-5.0.0/src/dxf/dxf_loader.c:1357:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (results[(i * n_columns) + 0]) == srid)
data/spatialite-5.0.0/src/dxf/dxf_loader.c:1396:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (results[(i * n_columns) + 0]) == srid)
data/spatialite-5.0.0/src/dxf/dxf_loader.c:1398:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (results[(i * n_columns) + 1]) == 1 && !is3D)
data/spatialite-5.0.0/src/dxf/dxf_loader.c:1400:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (results[(i * n_columns) + 1]) == 1001 && is3D)
data/spatialite-5.0.0/src/dxf/dxf_loader.c:2202:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (results[(i * n_columns) + 0]) == srid)
data/spatialite-5.0.0/src/dxf/dxf_loader.c:2241:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (results[(i * n_columns) + 0]) == srid)
data/spatialite-5.0.0/src/dxf/dxf_loader.c:2243:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (results[(i * n_columns) + 1]) == 1 && !is3D)
data/spatialite-5.0.0/src/dxf/dxf_loader.c:2245:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (results[(i * n_columns) + 1]) == 1001 && is3D)
data/spatialite-5.0.0/src/dxf/dxf_loader.c:2328:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (results[(i * n_columns) + 0]) == srid)
data/spatialite-5.0.0/src/dxf/dxf_loader.c:2368:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (results[(i * n_columns) + 0]) == srid)
data/spatialite-5.0.0/src/dxf/dxf_loader.c:2370:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (results[(i * n_columns) + 1]) == 2 && !is3D)
data/spatialite-5.0.0/src/dxf/dxf_loader.c:2372:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (results[(i * n_columns) + 1]) == 1002 && is3D)
data/spatialite-5.0.0/src/dxf/dxf_loader.c:2455:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (results[(i * n_columns) + 0]) == srid)
data/spatialite-5.0.0/src/dxf/dxf_loader.c:2494:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (results[(i * n_columns) + 0]) == srid)
data/spatialite-5.0.0/src/dxf/dxf_loader.c:2496:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (results[(i * n_columns) + 1]) == 3 && !is3D)
data/spatialite-5.0.0/src/dxf/dxf_loader.c:2498:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (results[(i * n_columns) + 1]) == 1003 && is3D)
data/spatialite-5.0.0/src/dxf/dxf_loader.c:2587:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (results[(i * n_columns) + 0]) == srid)
data/spatialite-5.0.0/src/dxf/dxf_loader.c:2613:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (results[(i * n_columns) + 0]) == srid)
data/spatialite-5.0.0/src/dxf/dxf_loader.c:2651:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (results[(i * n_columns) + 0]) == srid)
data/spatialite-5.0.0/src/dxf/dxf_loader.c:2653:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (results[(i * n_columns) + 1]) == 6)
data/spatialite-5.0.0/src/dxf/dxf_loader.c:2674:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (results[(i * n_columns) + 0]) == srid)
data/spatialite-5.0.0/src/dxf/dxf_loader.c:2676:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (results[(i * n_columns) + 1]) == 5)
data/spatialite-5.0.0/src/dxf/dxf_parser.c:2700:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dxf->op_code = atoi (line);
data/spatialite-5.0.0/src/dxf/dxf_parser.c:3181:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ((atoi (line) & 0x01) == 0x01)
data/spatialite-5.0.0/src/dxf/dxf_parser.c:3203:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ((atoi (line) & 0x01) == 0x01)
data/spatialite-5.0.0/src/dxf/dxf_parser.c:3488:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (dxf->filename, start, len);
data/spatialite-5.0.0/src/dxf/dxf_parser.c:3503:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[4192];
data/spatialite-5.0.0/src/dxf/dxf_parser.c:3514:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fl = fopen (path, "rb");
data/spatialite-5.0.0/src/dxf/dxf_writer.c:110:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char format[128];
data/spatialite-5.0.0/src/dxf/dxf_writer.c:120:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (format,
data/spatialite-5.0.0/src/dxf/dxf_writer.c:125:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (format,
data/spatialite-5.0.0/src/dxf/dxf_writer.c:213:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char format[128];
data/spatialite-5.0.0/src/dxf/dxf_writer.c:221:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (format,
data/spatialite-5.0.0/src/dxf/dxf_writer.c:234:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char format[128];
data/spatialite-5.0.0/src/dxf/dxf_writer.c:242:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (format,
data/spatialite-5.0.0/src/dxf/dxf_writer.c:263:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char format[128];
data/spatialite-5.0.0/src/dxf/dxf_writer.c:295:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (format,
data/spatialite-5.0.0/src/dxf/dxf_writer.c:314:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char format[128];
data/spatialite-5.0.0/src/dxf/dxf_writer.c:351:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (format,
data/spatialite-5.0.0/src/gaiaaux/gg_sqlaux.c:724:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char new_value[1024];
data/spatialite-5.0.0/src/gaiaaux/gg_sqlaux.c:780:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dummy[64];
data/spatialite-5.0.0/src/gaiaaux/gg_sqlaux.c:921:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (buf, p_start, len);
data/spatialite-5.0.0/src/gaiaaux/gg_sqlaux.c:923:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*value = atoi (buf);
data/spatialite-5.0.0/src/gaiaaux/gg_sqlaux.c:962:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (buf, p_start, len);
data/spatialite-5.0.0/src/gaiaaux/gg_sqlaux.c:1214:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char format[256];
data/spatialite-5.0.0/src/gaiaaux/gg_sqlaux.c:1215:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (format,
data/spatialite-5.0.0/src/gaiaaux/gg_sqlaux.c:1369:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (name, path, dirlen);
data/spatialite-5.0.0/src/gaiaexif/gaia_exif.c:886:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (str, name, len - 1);
data/spatialite-5.0.0/src/gaiaexif/gaia_exif.c:897:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char byte[2];
data/spatialite-5.0.0/src/gaiaexif/gaia_exif.c:942:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char byte[4];
data/spatialite-5.0.0/src/gaiaexif/gaia_exif.c:995:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char byte[4];
data/spatialite-5.0.0/src/gaiaexif/gaia_exif.c:1080:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (tag->ByteValue, ptr, tag->Count);
data/spatialite-5.0.0/src/gaiaexif/gaia_exif.c:1086:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (tag->StringValue, ptr, tag->Count);
data/spatialite-5.0.0/src/gaiaexif/gaia_exif.c:1204:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (tag->TagOffset, blob + offset + 8, 4);
data/spatialite-5.0.0/src/gaiaexif/gaia_exif.c:1501:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[128];
data/spatialite-5.0.0/src/gaiaexif/gaia_exif.c:1578:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (str, tag->StringValue, len - 1);
data/spatialite-5.0.0/src/gaiaexif/gaia_exif.c:1760:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dummy[1024];
data/spatialite-5.0.0/src/gaiaexif/gaia_exif.c:2229:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (dummy, "%u ISO", *(tag->ShortValues + 0));
data/spatialite-5.0.0/src/gaiaexif/gaia_exif.c:2237:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (dummy, "%u pixels", *(tag->ShortValues + 0));
data/spatialite-5.0.0/src/gaiaexif/gaia_exif.c:2242:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (dummy, "%u pixels", *(tag->LongValues + 0));
data/spatialite-5.0.0/src/gaiaexif/gaia_exif.c:2255:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (dummy, "1/%1.0f sec", dblval);
data/spatialite-5.0.0/src/gaiaexif/gaia_exif.c:2260:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (dummy, "%1.0f sec", dblval);
data/spatialite-5.0.0/src/gaiaexif/gaia_exif.c:2278:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (dummy, "%1.0f sec", dblval);
data/spatialite-5.0.0/src/gaiaexif/gaia_exif.c:2283:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (dummy, "1/%1.0f sec", dblval);
data/spatialite-5.0.0/src/gaiaexif/gaia_exif.c:2295:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (dummy, "F %1.1f", dblval);
data/spatialite-5.0.0/src/gaiaexif/gaia_exif.c:2308:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (dummy, "F %1.1f", dblval);
data/spatialite-5.0.0/src/gaiaexif/gaia_exif.c:2319:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (dummy, "%1.1f mm", dblval);
data/spatialite-5.0.0/src/gaiaexif/gaia_exif.c:2327:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (dummy, "%u mm", *(tag->ShortValues + 0));
data/spatialite-5.0.0/src/gaiaexif/gaia_exif.c:2337:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (dummy, "%1.2f EV", dblval);
data/spatialite-5.0.0/src/gaiaexif/gaia_exif.c:2351:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (str, human, len - 1);
data/spatialite-5.0.0/src/gaiaexif/gaia_exif.c:2604:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char jpeg1_signature[2];
data/spatialite-5.0.0/src/gaiaexif/gaia_exif.c:2605:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char jpeg2_signature[2];
data/spatialite-5.0.0/src/gaiaexif/gaia_exif.c:2606:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char jpeg3_signature[4];
data/spatialite-5.0.0/src/gaiaexif/gaia_exif.c:2607:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char jfif_signature[4];
data/spatialite-5.0.0/src/gaiaexif/gaia_exif.c:2608:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char exif_signature[4];
data/spatialite-5.0.0/src/gaiaexif/gaia_exif.c:2609:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char png_signature[8];
data/spatialite-5.0.0/src/gaiaexif/gaia_exif.c:2610:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char zip_signature[4];
data/spatialite-5.0.0/src/gaiaexif/gaia_exif.c:2611:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tiff_signature_little[4];
data/spatialite-5.0.0/src/gaiaexif/gaia_exif.c:2612:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tiff_signature_big[4];
data/spatialite-5.0.0/src/gaiaexif/gaia_exif.c:2613:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char riff_signature[4];
data/spatialite-5.0.0/src/gaiaexif/gaia_exif.c:2614:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char webp_signature[8];
data/spatialite-5.0.0/src/gaiaexif/gaia_exif.c:2615:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char jp2_little[12];
data/spatialite-5.0.0/src/gaiaexif/gaia_exif.c:2616:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char jp2_big[12];
data/spatialite-5.0.0/src/gaiaexif/gaia_exif.c:3004:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ll[1024];
data/spatialite-5.0.0/src/gaiaexif/gaia_exif.c:3074:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (ll, "%02d°%02d′%02d″%c %03d°%02d′%02d″%c",
data/spatialite-5.0.0/src/gaiaexif/gaia_exif.c:3082:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (latlong, ll, ll_size - 1);
data/spatialite-5.0.0/src/gaiageo/Ewkt.c:1174:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char yycoverage[YYNSTATE][YYNTOKEN];
data/spatialite-5.0.0/src/gaiageo/Gml.c:624:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char yycoverage[YYNSTATE][YYNTOKEN];
data/spatialite-5.0.0/src/gaiageo/Kml.c:624:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char yycoverage[YYNSTATE][YYNTOKEN];
data/spatialite-5.0.0/src/gaiageo/geoJSON.c:1191:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char yycoverage[YYNSTATE][YYNTOKEN];
data/spatialite-5.0.0/src/gaiageo/gg_endian.c:66:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char byte[4];
data/spatialite-5.0.0/src/gaiageo/gg_endian.c:81:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char byte[2];
data/spatialite-5.0.0/src/gaiageo/gg_endian.c:125:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char byte[4];
data/spatialite-5.0.0/src/gaiageo/gg_endian.c:178:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char byte[4];
data/spatialite-5.0.0/src/gaiageo/gg_endian.c:231:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char byte[4];
data/spatialite-5.0.0/src/gaiageo/gg_endian.c:283:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char byte[8];
data/spatialite-5.0.0/src/gaiageo/gg_endian.c:352:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char byte[8];
data/spatialite-5.0.0/src/gaiageo/gg_endian.c:421:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char byte[2];
data/spatialite-5.0.0/src/gaiageo/gg_endian.c:466:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char byte[4];
data/spatialite-5.0.0/src/gaiageo/gg_endian.c:519:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char byte[4];
data/spatialite-5.0.0/src/gaiageo/gg_endian.c:572:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char byte[4];
data/spatialite-5.0.0/src/gaiageo/gg_endian.c:625:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char byte[8];
data/spatialite-5.0.0/src/gaiageo/gg_endian.c:694:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char byte[8];
data/spatialite-5.0.0/src/gaiageo/gg_ewkt.c:1833:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dummy[1024];
data/spatialite-5.0.0/src/gaiageo/gg_ewkt.c:1880:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
return atoi (dummy + 5);
data/spatialite-5.0.0/src/gaiageo/gg_geometries.c:2015:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (p->Interiors, save, (sizeof (gaiaRing) * p->NumInteriors));
data/spatialite-5.0.0/src/gaiageo/gg_geometries.c:2050:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (polyg->Interiors, old_interiors,
data/spatialite-5.0.0/src/gaiageo/gg_geometries.c:2052:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (polyg->Interiors + polyg->NumInteriors, ring,
data/spatialite-5.0.0/src/gaiageo/gg_gml.c:519:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (a->Value, startingPointForCopy, bytesToCopy);
data/spatialite-5.0.0/src/gaiageo/gg_gml.c:677:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
return atoi (attr->Value + 5);
data/spatialite-5.0.0/src/gaiageo/gg_gml.c:688:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
return atoi (attr->Value + i + 1);
data/spatialite-5.0.0/src/gaiageo/gg_gml.c:702:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
return atoi (attr->Value + i + 1);
data/spatialite-5.0.0/src/gaiageo/gg_gml.c:738:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (attr->Value) == 3)
data/spatialite-5.0.0/src/gaiageo/gg_gml.c:745:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (attr->Value) == 3)
data/spatialite-5.0.0/src/gaiageo/gg_gml.c:799:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/spatialite-5.0.0/src/gaiageo/gg_gml.c:986:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/spatialite-5.0.0/src/gaiageo/gg_gml.c:1216:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/spatialite-5.0.0/src/gaiageo/gg_kml.c:509:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (a->Value, v_tok->value + 1, len - 1);
data/spatialite-5.0.0/src/gaiageo/gg_kml.c:712:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/spatialite-5.0.0/src/gaiageo/gg_kml.c:873:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/spatialite-5.0.0/src/gaiageo/gg_relations.c:646:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (p1->gaiaBlob, p_blob1, 46);
data/spatialite-5.0.0/src/gaiageo/gg_relations.c:657:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (p2->gaiaBlob, p_blob2, 46);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:478:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char xpath[1024];
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:480:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf_shx[256];
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:484:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char bf[1024];
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:489:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char field_name[2048];
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:491:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errMsg[4192];
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:493:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char utf8buf[2048];
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:517:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (errMsg, "a NULL charset-name was passed\n");
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:522:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (errMsg,
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:529:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fl_shx = fopen (xpath, "rb");
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:541:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fl_shp = fopen (xpath, "rb");
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:553:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fl_dbf = fopen (xpath, "rb");
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:667:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (field_name, bf, 11);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:675:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (field_name, bf, 11);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:690:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (field_name, utf8buf, 2048 - utf8len);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:914:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[16];
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:917:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (buf, xfld->Name, 9);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:1039:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char xpath[1024];
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:1045:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errMsg[4192];
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:1052:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[2048];
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:1053:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char utf8buf[2048];
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:1077:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (errMsg, "a NULL charset-name was passed\n");
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:1082:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (errMsg,
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:1089:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fl_shx = fopen (xpath, "wb");
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:1098:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fl_shp = fopen (xpath, "wb");
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:1107:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fl_dbf = fopen (xpath, "wb");
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:1156:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buf, "FLD#%d", defaultId++);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:1159:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (buf, utf8buf, 2048 - utf8len);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:1162:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buf, "FLD#%d", defaultId++);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:1165:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (buf_shp, buf, strlen (buf));
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:1415:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[512];
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:1416:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char utf8buf[2048];
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:1426:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (buf, buf_dbf + pFld->Offset + 1, pFld->Length);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:1466:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char date[5];
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:1475:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
year = atoi (date);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:1479:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
month = atoi (date);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:1483:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
day = atoi (date);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:1525:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (buf, utf8buf, 2048 - utf8len);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:1753:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[512];
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:1778:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errMsg[1024];
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:2745:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (text, shp->BufDbf + pFld->Offset + 1, pFld->Length);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:2782:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (errMsg, "Invalid character sequence at DBF line %d", current_row);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:2924:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dummy[128];
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:2925:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fmt[16];
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:2952:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char utf8buf[2048];
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:2982:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (shp->BufDbf + fld->Offset + 1,
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:3014:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (dynbuf, utf8buf, 2048 - utf8len);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:3017:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (shp->BufDbf + fld->Offset + 1, dynbuf,
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:3020:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (shp->BufDbf + fld->Offset + 1, dynbuf,
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:3034:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (shp->BufDbf + fld->Offset + 1,
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:3039:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (fmt, "%%1.%df", fld->Decimals);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:3042:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (shp->BufDbf + fld->Offset + 1,
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:3081:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (dummy,
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:3110:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (dummy,
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:3141:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (dummy,
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:3181:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (dummy,
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:3284:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (dummy,
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:3477:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (dummy,
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:3629:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (dummy,
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:3790:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (dummy,
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:4113:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (dummy,
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:4333:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (dummy,
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:4399:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (dummy,
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:4506:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (dummy,
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:4580:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (dummy, "Invalid character sequence");
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:4666:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[512];
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:4947:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char bf[1024];
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:4952:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char field_name[2048];
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:4954:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errMsg[1024];
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:4956:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char utf8buf[2048];
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:4981:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (errMsg, "a NULL charset-name was passed\n");
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:4986:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (errMsg, "attempting to reopen an already opened DBF\n");
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:4991:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fl_dbf = fopen (path, "rb");
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:5072:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (field_name, bf, 11);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:5080:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (field_name, bf, 11);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:5095:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (field_name, utf8buf, 2048 - utf8len);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:5198:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char bf[1024];
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:5202:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errMsg[1024];
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:5206:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[2048];
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:5207:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char utf8buf[2048];
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:5231:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (errMsg, "a NULL charset-name was passed\n");
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:5236:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (errMsg, "attempting to reopen an already opened DBF file\n");
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:5240:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fl_dbf = fopen (path, "wb");
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:5281:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buf, "FLD#%d", defaultId++);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:5284:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (buf, utf8buf, 2048 - utf8len);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:5287:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buf, "FLD#%d", defaultId++);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:5290:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (bf, buf, strlen (buf));
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:5335:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dummy[128];
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:5336:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fmt[16];
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:5347:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char utf8buf[2048];
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:5377:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (dbf->BufDbf + fld->Offset + 1,
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:5409:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (dynbuf, utf8buf, 2048 - utf8len);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:5412:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (dbf->BufDbf + fld->Offset + 1, dynbuf,
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:5415:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (dbf->BufDbf + fld->Offset + 1, dynbuf,
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:5429:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (dbf->BufDbf + fld->Offset + 1,
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:5434:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (fmt, "%%1.%df", fld->Decimals);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:5437:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (dbf->BufDbf + fld->Offset + 1,
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:5452:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (dummy, "Invalid character sequence");
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:5468:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char bf[64];
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:5499:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errMsg[1024];
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:5537:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (text, dbf->BufDbf + pFld->Offset + 1, pFld->Length);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:5559:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (errMsg, "Invalid character sequence");
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:5560:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (errMsg, "Invalid character sequence at DBF line %d", current_row);
data/spatialite-5.0.0/src/gaiageo/gg_transform.c:2700:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char xsrid[64];
data/spatialite-5.0.0/src/gaiageo/gg_transform.c:2702:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (xsrid, "%d", auth_srid);
data/spatialite-5.0.0/src/gaiageo/gg_transform.c:2734:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char xsrid[64];
data/spatialite-5.0.0/src/gaiageo/gg_transform.c:2735:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dummy[64];
data/spatialite-5.0.0/src/gaiageo/gg_transform.c:2736:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *options[4];
data/spatialite-5.0.0/src/gaiageo/gg_transform.c:2741:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (xsrid, "%d", auth_srid);
data/spatialite-5.0.0/src/gaiageo/gg_transform.c:2771:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (dummy, "INDENTATION_WIDTH=%d", indentation);
data/spatialite-5.0.0/src/gaiageo/gg_transform.c:2831:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dummy[64];
data/spatialite-5.0.0/src/gaiageo/gg_transform.c:2836:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (dummy, "%d", auth_srid);
data/spatialite-5.0.0/src/gaiageo/gg_wkb.c:3881:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hex[16];
data/spatialite-5.0.0/src/gaiageo/gg_wkb.c:3890:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (hex, "%02X", *(wkb + i));
data/spatialite-5.0.0/src/gaiageo/gg_wkb.c:4716:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char xtype[4];
data/spatialite-5.0.0/src/gaiageo/gg_wkb.c:4727:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (xtype, blob + offset + 1, 4);
data/spatialite-5.0.0/src/gaiageo/gg_wkb.c:4937:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char xtype[4];
data/spatialite-5.0.0/src/gaiageo/gg_wkb.c:4960:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (xtype, blob + 1, 4);
data/spatialite-5.0.0/src/gaiageo/gg_wkb.c:5037:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[2048];
data/spatialite-5.0.0/src/gaiageo/gg_wkb.c:5038:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char endian_buf[16];
data/spatialite-5.0.0/src/gaiageo/gg_wkb.c:5039:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char byte[3];
data/spatialite-5.0.0/src/gaiageo/gg_wkb.c:5212:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (byte, "%02X", endian_buf[i]);
data/spatialite-5.0.0/src/gaiageo/gg_wkb.c:5240:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (byte, "%02X", endian_buf[i]);
data/spatialite-5.0.0/src/gaiageo/gg_wkb.c:5253:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (byte, "%02X", endian_buf[i]);
data/spatialite-5.0.0/src/gaiageo/gg_wkb.c:5277:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (byte, "%02X", endian_buf[i]);
data/spatialite-5.0.0/src/gaiageo/gg_wkb.c:5295:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (byte, "%02X", endian_buf[i]);
data/spatialite-5.0.0/src/gaiageo/gg_wkb.c:5302:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (byte, "%02X", endian_buf[i]);
data/spatialite-5.0.0/src/gaiageo/gg_wkb.c:5311:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (byte, "%02X", endian_buf[i]);
data/spatialite-5.0.0/src/gaiageo/gg_wkb.c:5321:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (byte, "%02X", endian_buf[i]);
data/spatialite-5.0.0/src/gaiageo/gg_wkb.c:5331:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (byte, "%02X", endian_buf[i]);
data/spatialite-5.0.0/src/gaiageo/gg_wkb.c:5338:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (byte, "%02X", endian_buf[i]);
data/spatialite-5.0.0/src/gaiageo/gg_wkb.c:5364:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (byte, "%02X", endian_buf[i]);
data/spatialite-5.0.0/src/gaiageo/gg_wkb.c:5382:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (byte, "%02X", endian_buf[i]);
data/spatialite-5.0.0/src/gaiageo/gg_wkb.c:5399:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (byte, "%02X", endian_buf[i]);
data/spatialite-5.0.0/src/gaiageo/gg_wkb.c:5406:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (byte, "%02X", endian_buf[i]);
data/spatialite-5.0.0/src/gaiageo/gg_wkb.c:5415:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (byte, "%02X", endian_buf[i]);
data/spatialite-5.0.0/src/gaiageo/gg_wkb.c:5425:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (byte, "%02X", endian_buf[i]);
data/spatialite-5.0.0/src/gaiageo/gg_wkb.c:5435:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (byte, "%02X", endian_buf[i]);
data/spatialite-5.0.0/src/gaiageo/gg_wkb.c:5442:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (byte, "%02X", endian_buf[i]);
data/spatialite-5.0.0/src/gaiageo/gg_wkb.c:5469:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (byte, "%02X", endian_buf[i]);
data/spatialite-5.0.0/src/gaiageo/gg_wkb.c:5487:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (byte, "%02X", endian_buf[i]);
data/spatialite-5.0.0/src/gaiageo/gg_wkb.c:5495:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (byte, "%02X", endian_buf[i]);
data/spatialite-5.0.0/src/gaiageo/gg_wkb.c:5512:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (byte, "%02X", endian_buf[i]);
data/spatialite-5.0.0/src/gaiageo/gg_wkb.c:5519:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (byte, "%02X", endian_buf[i]);
data/spatialite-5.0.0/src/gaiageo/gg_wkb.c:5528:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (byte, "%02X", endian_buf[i]);
data/spatialite-5.0.0/src/gaiageo/gg_wkb.c:5538:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (byte, "%02X", endian_buf[i]);
data/spatialite-5.0.0/src/gaiageo/gg_wkb.c:5548:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (byte, "%02X", endian_buf[i]);
data/spatialite-5.0.0/src/gaiageo/gg_wkb.c:5555:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (byte, "%02X", endian_buf[i]);
data/spatialite-5.0.0/src/gaiageo/gg_wkb.c:5567:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (byte, "%02X", endian_buf[i]);
data/spatialite-5.0.0/src/gaiageo/gg_wkb.c:5584:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (byte, "%02X", endian_buf[i]);
data/spatialite-5.0.0/src/gaiageo/gg_wkb.c:5591:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (byte, "%02X", endian_buf[i]);
data/spatialite-5.0.0/src/gaiageo/gg_wkb.c:5600:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (byte, "%02X", endian_buf[i]);
data/spatialite-5.0.0/src/gaiageo/gg_wkb.c:5610:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (byte, "%02X", endian_buf[i]);
data/spatialite-5.0.0/src/gaiageo/gg_wkb.c:5620:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (byte, "%02X", endian_buf[i]);
data/spatialite-5.0.0/src/gaiageo/gg_wkb.c:5627:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (byte, "%02X", endian_buf[i]);
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:88:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (buffer, "nan");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:139:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (new_buf, buf->Buffer, buf->WriteOffset);
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:1991:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:2000:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buf, "SRID=%d;", geom->Srid);
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3239:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[2048];
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3259:8: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (buf, "<gml:MultiPoint>");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3261:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buf, "<gml:MultiPoint srsName=\"EPSG:%d\">", geom->Srid);
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3267:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (buf, "<gml:MultiCurve>");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3269:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buf, "<gml:MultiCurve srsName=\"EPSG:%d\">",
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3275:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (buf, "<gml:MultiLineString>");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3277:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buf,
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3286:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (buf, "<gml:MultiSurface>");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3288:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buf, "<gml:MultiSurface srsName=\"EPSG:%d\">",
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3294:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (buf, "<gml:MultiPolygon>");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3296:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buf, "<gml:MultiPolygon srsName=\"EPSG:%d\">",
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3302:8: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (buf, "<gml:MultiGeometry>");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3304:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buf, "<gml:MultiGeometry srsName=\"EPSG:%d\">",
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3317:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (buf, "<gml:geometryMember>");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3319:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (buf, "<gml:pointMember>");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3320:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (buf, "<gml:Point>");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3325:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (buf, "<gml:Point>");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3327:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buf, "<gml:Point srsName=\"EPSG:%d\">",
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3334:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (buf, "<gml:pos srsDimension=\"3\">");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3336:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (buf, "<gml:pos srsDimension=\"2\">");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3339:8: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (buf, "<gml:coordinates>");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3383:8: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (buf, "</gml:pos>");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3385:8: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (buf, "</gml:coordinates>");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3388:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (buf, "</gml:Point>");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3390:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (buf, "</gml:geometryMember>");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3392:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (buf, "</gml:pointMember>");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3395:8: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (buf, "</gml:Point>");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3408:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (buf, "<gml:geometryMember>");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3410:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (buf, "<gml:curveMember>");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3411:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (buf, "<gml:Curve>");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3412:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (buf, "<gml:segments>");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3413:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (buf, "<gml:LineStringSegment>");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3416:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (buf, "<gml:posList srsDimension=\"3\">");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3418:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (buf, "<gml:posList srsDimension=\"2\">");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3423:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (buf, "<gml:geometryMember>");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3425:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (buf, "<gml:lineStringMember>");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3426:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (buf, "<gml:LineString>");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3427:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (buf, "<gml:coordinates>");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3435:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (buf, "<gml:Curve>");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3437:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buf, "<gml:Curve srsName=\"EPSG:%d\">",
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3439:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (buf, "<gml:segments>");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3440:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (buf, "<gml:LineStringSegment>");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3443:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (buf, "<gml:posList srsDimension=\"3\">");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3445:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (buf, "<gml:posList srsDimension=\"2\">");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3450:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (buf, "<gml:LineString>");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3452:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buf, "<gml:LineString srsName=\"EPSG:%d\">",
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3454:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (buf, "<gml:coordinates>");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3540:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (buf, "</gml:posList>");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3541:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (buf, "</gml:LineStringSegment>");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3542:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (buf, "</gml:segments>");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3543:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (buf, "</gml:Curve>");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3545:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (buf, "</gml:geometryMember>");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3547:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (buf, "</gml:curveMember>");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3551:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (buf, "</gml:coordinates>");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3552:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (buf, "</gml:LineString>");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3554:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (buf, "</gml:geometryMember>");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3556:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (buf, "</gml:lineStringMember>");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3563:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (buf, "</gml:posList>");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3564:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (buf, "</gml:LineStringSegment>");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3565:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (buf, "</gml:segments>");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3566:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (buf, "</gml:Curve>");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3570:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (buf, "</gml:coordinates>");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3571:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (buf, "</gml:LineString>");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3587:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (buf, "<gml:geometryMember>");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3589:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (buf, "<gml:surfaceMember>");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3590:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (buf, "<gml:Polygon>");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3591:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (buf, "<gml:exterior>");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3592:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (buf, "<gml:LinearRing>");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3595:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (buf, "<gml:posList srsDimension=\"3\">");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3597:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (buf, "<gml:posList srsDimension=\"2\">");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3602:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (buf, "<gml:geometryMember>");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3604:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (buf, "<gml:polygonMember>");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3605:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (buf, "<gml:Polygon>");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3606:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (buf, "<gml:outerBoundaryIs>");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3607:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (buf, "<gml:LinearRing>");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3608:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (buf, "<gml:coordinates>");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3614:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (buf, "<gml:Polygon>");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3616:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buf, "<gml:Polygon srsName=\"EPSG:%d\">",
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3620:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (buf, "<gml:exterior>");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3621:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (buf, "<gml:LinearRing>");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3624:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (buf, "<gml:posList srsDimension=\"3\">");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3626:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (buf, "<gml:posList srsDimension=\"2\">");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3630:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (buf, "<gml:outerBoundaryIs>");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3631:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (buf, "<gml:LinearRing>");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3632:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (buf, "<gml:coordinates>");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3717:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (buf, "</gml:posList>");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3718:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (buf, "</gml:LinearRing>");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3719:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (buf, "</gml:exterior>");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3723:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (buf, "</gml:coordinates>");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3724:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (buf, "</gml:LinearRing>");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3725:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (buf, "</gml:outerBoundaryIs>");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3734:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (buf, "<gml:interior>");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3735:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (buf, "<gml:LinearRing>");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3738:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (buf, "<gml:posList srsDimension=\"3\">");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3740:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (buf, "<gml:posList srsDimension=\"2\">");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3744:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (buf, "<gml:innerBoundaryIs>");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3745:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (buf, "<gml:LinearRing>");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3746:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (buf, "<gml:coordinates>");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3832:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (buf, "</gml:posList>");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3833:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (buf, "</gml:LinearRing>");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3834:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (buf, "</gml:interior>");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3838:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (buf, "</gml:coordinates>");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3839:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (buf, "</gml:LinearRing>");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3840:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (buf, "</gml:innerBoundaryIs>");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3849:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (buf, "</gml:Polygon>");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3851:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (buf, "</gml:geometryMember>");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3853:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (buf, "</gml:surfaceMember>");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3857:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (buf, "</gml:Polygon>");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3859:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (buf, "</gml:geometryMember>");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3861:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (buf, "</gml:polygonMember>");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3865:8: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (buf, "</gml:Polygon>");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3877:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buf, "</gml:MultiPoint>");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3881:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buf, "</gml:MultiCurve>");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3883:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buf, "</gml:MultiLineString>");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3887:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buf, "</gml:MultiSurface>");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3889:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buf, "</gml:MultiPolygon>");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3892:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buf, "</gml:MultiGeometry>");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3920:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char crs[2048];
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3926:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char endJson[16];
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3941:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (crs,
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3948:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (crs,
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3999:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (endJson, "]}");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:4006:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (endJson, "]}");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:4013:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (endJson, "]}");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:4020:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (endJson, "]}");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:4051:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (endJson, "]}");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:4057:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (endJson, "]}");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:4063:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (endJson, "]}");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:4069:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (endJson, "]}");
data/spatialite-5.0.0/src/gaiageo/gg_xml.c:113:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (ptr->prefix, prefix, len + 1);
data/spatialite-5.0.0/src/gaiageo/gg_xml.c:121:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (ptr->href, href, len + 1);
data/spatialite-5.0.0/src/gaiageo/gg_xml.c:230:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char out[65536];
data/spatialite-5.0.0/src/gaiageo/gg_xml.c:251:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char out[65536];
data/spatialite-5.0.0/src/gaiageo/gg_xml.c:559:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (open)
data/spatialite-5.0.0/src/gaiageo/gg_xml.c:666:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (open)
data/spatialite-5.0.0/src/gaiageo/gg_xml.c:754:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (open)
data/spatialite-5.0.0/src/gaiageo/gg_xml.c:803:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (open)
data/spatialite-5.0.0/src/gaiageo/gg_xml.c:1850:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (ptr, schemaURI, uri_len);
data/spatialite-5.0.0/src/gaiageo/gg_xml.c:1860:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (ptr, fileIdentifier, fileid_len);
data/spatialite-5.0.0/src/gaiageo/gg_xml.c:1871:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (ptr, parentIdentifier, parentid_len);
data/spatialite-5.0.0/src/gaiageo/gg_xml.c:1882:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (ptr, name, name_len);
data/spatialite-5.0.0/src/gaiageo/gg_xml.c:1893:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (ptr, title, title_len);
data/spatialite-5.0.0/src/gaiageo/gg_xml.c:1904:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (ptr, abstract, abstract_len);
data/spatialite-5.0.0/src/gaiageo/gg_xml.c:1915:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (ptr, geometry, geometry_len);
data/spatialite-5.0.0/src/gaiageo/gg_xml.c:1924:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (ptr, zip_buf, zip_len);
data/spatialite-5.0.0/src/gaiageo/gg_xml.c:1931:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (ptr, xml, xml_len);
data/spatialite-5.0.0/src/gaiageo/gg_xml.c:2188:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (ptr, schemaURI, uri_len);
data/spatialite-5.0.0/src/gaiageo/gg_xml.c:2198:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (ptr, fileIdentifier, fileid_len);
data/spatialite-5.0.0/src/gaiageo/gg_xml.c:2208:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (ptr, parentIdentifier, parentid_len);
data/spatialite-5.0.0/src/gaiageo/gg_xml.c:2218:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (ptr, name, name_len);
data/spatialite-5.0.0/src/gaiageo/gg_xml.c:2228:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (ptr, title, title_len);
data/spatialite-5.0.0/src/gaiageo/gg_xml.c:2238:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (ptr, abstract, abstract_len);
data/spatialite-5.0.0/src/gaiageo/gg_xml.c:2248:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (ptr, geometry, geometry_len);
data/spatialite-5.0.0/src/gaiageo/gg_xml.c:2257:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (ptr, zip_buf, out_zip_len);
data/spatialite-5.0.0/src/gaiageo/gg_xml.c:2263:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (ptr, zip_buf, out_zip_len);
data/spatialite-5.0.0/src/gaiageo/gg_xml.c:2270:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (ptr, xml, out_xml_len);
data/spatialite-5.0.0/src/gaiageo/gg_xml.c:2506:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char xx[2];
data/spatialite-5.0.0/src/gaiageo/gg_xml.c:2729:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (output, buf.Buffer, buf.WriteOffset);
data/spatialite-5.0.0/src/gaiageo/gg_xml.c:2828:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (xml, ptr, xml_len);
data/spatialite-5.0.0/src/gaiageo/gg_xml.c:2852:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy ((char *) encoding, "UTF-8");
data/spatialite-5.0.0/src/gaiageo/gg_xml.c:2979:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (xml, ptr, xml_len);
data/spatialite-5.0.0/src/gaiageo/gg_xml.c:3077:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fl = fopen (path, "wb");
data/spatialite-5.0.0/src/gaiageo/gg_xml.c:3283:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (uri, blob + 14, uri_len);
data/spatialite-5.0.0/src/gaiageo/gg_xml.c:3418:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (file_identifier, ptr, fileid_len);
data/spatialite-5.0.0/src/gaiageo/gg_xml.c:3453:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (parent_identifier, ptr, parentid_len);
data/spatialite-5.0.0/src/gaiageo/gg_xml.c:3574:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (schemaURI, blob + 14, uri_len);
data/spatialite-5.0.0/src/gaiageo/gg_xml.c:3614:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (xml, ptr, xml_len);
data/spatialite-5.0.0/src/gaiageo/gg_xml.c:3701:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (schemaURI, blob + 14, uri_len);
data/spatialite-5.0.0/src/gaiageo/gg_xml.c:3741:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (xml, ptr, xml_len);
data/spatialite-5.0.0/src/gaiageo/gg_xml.c:3923:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (schemaURI, blob + 14, uri_len);
data/spatialite-5.0.0/src/gaiageo/gg_xml.c:3963:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (xml, ptr, xml_len);
data/spatialite-5.0.0/src/gaiageo/gg_xml.c:4053:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (schemaURI, blob + 14, uri_len);
data/spatialite-5.0.0/src/gaiageo/gg_xml.c:4093:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (xml, ptr, xml_len);
data/spatialite-5.0.0/src/gaiageo/gg_xml.c:4163:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (name, ptr, name_len);
data/spatialite-5.0.0/src/gaiageo/gg_xml.c:4210:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (title, ptr, title_len);
data/spatialite-5.0.0/src/gaiageo/gg_xml.c:4260:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (abstract, ptr, abstract_len);
data/spatialite-5.0.0/src/gaiageo/gg_xml.c:4317:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (geometry, ptr, geometry_len);
data/spatialite-5.0.0/src/gaiageo/gg_xml.c:4396:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (xml, ptr, xml_len);
data/spatialite-5.0.0/src/gaiageo/gg_xml.c:4710:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (xml, ptr, xml_len);
data/spatialite-5.0.0/src/gaiageo/lemon/lemon_src/lemon.c:88:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&zBuf[*pnUsed], zIn, nIn);
data/spatialite-5.0.0/src/gaiageo/lemon/lemon_src/lemon.c:97:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zTemp[50];
data/spatialite-5.0.0/src/gaiageo/lemon/lemon_src/lemon.c:1522:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
azDefine = (char **) realloc(azDefine, sizeof(azDefine[0])*nDefine);
data/spatialite-5.0.0/src/gaiageo/lemon/lemon_src/lemon.c:1875:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *set[LISTSIZE];
data/spatialite-5.0.0/src/gaiageo/lemon/lemon_src/lemon.c:1969:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(*(void(*)(char *))(op[j].arg))(&argv[i][2]);
data/spatialite-5.0.0/src/gaiageo/lemon/lemon_src/lemon.c:2063:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(*(void(*)(char *))(op[j].arg))(sv);
data/spatialite-5.0.0/src/gaiageo/lemon/lemon_src/lemon.c:2214:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *alias[MAXRHS]; /* Aliases for each RHS symbol (or NULL) */
data/spatialite-5.0.0/src/gaiageo/lemon/lemon_src/lemon.c:2596:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zLine[50];
data/spatialite-5.0.0/src/gaiageo/lemon/lemon_src/lemon.c:2623:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zBuf, zLine, nLine);
data/spatialite-5.0.0/src/gaiageo/lemon/lemon_src/lemon.c:2638:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zBuf, zNew, nNew);
data/spatialite-5.0.0/src/gaiageo/lemon/lemon_src/lemon.c:2826:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(ps.filename,"rb");
data/spatialite-5.0.0/src/gaiageo/lemon/lemon_src/lemon.c:3054:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(lemp->outname,mode);
data/spatialite-5.0.0/src/gaiageo/lemon/lemon_src/lemon.c:3267:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[20];
data/spatialite-5.0.0/src/gaiageo/lemon/lemon_src/lemon.c:3402:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[LINESIZE];
data/spatialite-5.0.0/src/gaiageo/lemon/lemon_src/lemon.c:3427:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1000];
data/spatialite-5.0.0/src/gaiageo/lemon/lemon_src/lemon.c:3440:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
in = fopen(user_templatename,"rb");
data/spatialite-5.0.0/src/gaiageo/lemon/lemon_src/lemon.c:3469:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
in = fopen(tpltname,"rb");
data/spatialite-5.0.0/src/gaiageo/lemon/lemon_src/lemon.c:3583:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char empty[1] = { 0 };
data/spatialite-5.0.0/src/gaiageo/lemon/lemon_src/lemon.c:3588:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zInt[40];
data/spatialite-5.0.0/src/gaiageo/lemon/lemon_src/lemon.c:3638:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char used[MAXRHS]; /* True for each RHS element which is used */
data/spatialite-5.0.0/src/gaiageo/lemon/lemon_src/lemon.c:3639:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zLhs[50]; /* Convert the LHS symbol into this string */
data/spatialite-5.0.0/src/gaiageo/lemon/lemon_src/lemon.c:3640:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zOvwrt[900]; /* Comment that to allow LHS to overwrite RHS */
data/spatialite-5.0.0/src/gaiageo/lemon/lemon_src/lemon.c:3646:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char newlinestr[2] = { '\n', '\0' };
data/spatialite-5.0.0/src/gaiageo/lemon/lemon_src/lemon.c:3698:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(zLhs, "yymsp[%d].minor.yy%d",1-rp->nrhs,rp->lhs->dtnum);
data/spatialite-5.0.0/src/gaiageo/lemon/lemon_src/lemon.c:3701:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(zLhs, "yylhsminor.yy%d",rp->lhs->dtnum);
data/spatialite-5.0.0/src/gaiageo/lemon/lemon_src/lemon.c:4077:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[LINESIZE];
data/spatialite-5.0.0/src/gaiageo/lemon/lemon_src/lemon.c:4589:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[LINESIZE];
data/spatialite-5.0.0/src/gaiageo/lemon/lemon_src/lemon.c:4590:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pattern[LINESIZE];
data/spatialite-5.0.0/src/gaiageo/lemon/lemon_src/lempar.c:465:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char yycoverage[YYNSTATE][YYNTOKEN];
data/spatialite-5.0.0/src/gaiageo/lex.GeoJson.c:1145:118: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
{ GeoJsonget_extra(yyscanner)->geoJson_col += (int) strlen(yytext); GeoJsonget_extra(yyscanner)->GeoJsonLval.ival = atoi(yytext+6); return GEOJSON_SHORT_SRID; }
data/spatialite-5.0.0/src/gaiageo/lex.GeoJson.c:1149:118: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
{ GeoJsonget_extra(yyscanner)->geoJson_col += (int) strlen(yytext); GeoJsonget_extra(yyscanner)->GeoJsonLval.ival = atoi(yytext+22); return GEOJSON_LONG_SRID; }
data/spatialite-5.0.0/src/gaiageo/vanuatuWkt.c:1176:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char yycoverage[YYNSTATE][YYNTOKEN];
data/spatialite-5.0.0/src/geopackage/gaia_cvt_gpkg.c:293:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ok = atoi (results[(i * columns) + 0]);
data/spatialite-5.0.0/src/geopackage/gaia_cvt_gpkg.c:348:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
not_null = atoi (results[(i * columns) + 3]);
data/spatialite-5.0.0/src/geopackage/gaia_cvt_gpkg.c:349:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pk_idx = atoi (results[(i * columns) + 5]);
data/spatialite-5.0.0/src/geopackage/gaia_cvt_gpkg.c:961:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
srid = atoi (results[(i * columns) + 4]);
data/spatialite-5.0.0/src/geopackage/gaia_cvt_gpkg.c:962:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
spatial_index = atoi (results[(i * columns) + 5]);
data/spatialite-5.0.0/src/geopackage/gaia_cvt_gpkg.c:966:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int gtype = atoi (results[(i * columns) + 2]);
data/spatialite-5.0.0/src/geopackage/gaia_cvt_gpkg.c:1052:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
srid = atoi (results[(i * columns) + 3]);
data/spatialite-5.0.0/src/geopackage/gaia_cvt_gpkg.c:1053:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
spatial_index = atoi (results[(i * columns) + 4]);
data/spatialite-5.0.0/src/geopackage/gaia_cvt_gpkg.c:1142:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
srid = atoi (results[(i * columns) + 3]);
data/spatialite-5.0.0/src/geopackage/gaia_cvt_gpkg.c:1143:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
has_z = atoi (results[(i * columns) + 4]);
data/spatialite-5.0.0/src/geopackage/gaia_cvt_gpkg.c:1144:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
has_m = atoi (results[(i * columns) + 5]);
data/spatialite-5.0.0/src/geopackage/gaia_cvt_gpkg.c:1217:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
result = atoi (results[(i * columns) + 0]);
data/spatialite-5.0.0/src/geopackage/gaia_cvt_gpkg.c:1237:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
result = atoi (results[(i * columns) + 0]);
data/spatialite-5.0.0/src/geopackage/gaia_cvt_gpkg.c:1268:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
result = atoi (results[(i * columns) + 0]);
data/spatialite-5.0.0/src/geopackage/gaia_cvt_gpkg.c:1294:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
result = atoi (results[(i * columns) + 0]);
data/spatialite-5.0.0/src/geopackage/gaia_cvt_gpkg.c:1346:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
result = atoi (results[(i * columns) + 0]);
data/spatialite-5.0.0/src/geopackage/gpkgAddGeometryColumn.c:133:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((const char *) sqlite3_value_text (argv[2]),
data/spatialite-5.0.0/src/geopackage/gpkgAddGeometryColumn.c:137:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(const unsigned char *) SUPPORTED_GEOMETRY_TYPES[i];
data/spatialite-5.0.0/src/geopackage/gpkgBinary.c:110:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (ptr + GEOPACKAGE_HEADER_LEN +
data/spatialite-5.0.0/src/geopackage/gpkgBinary.c:137:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/geopackage/gpkgBinary.c:480:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
expected = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/geopackage/gpkgBinary.c:481:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
actual = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/geopackage/gpkgGetImageType.c:86:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/geopackage/gpkg_add_geometry_triggers.c:133:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
table = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/geopackage/gpkg_add_geometry_triggers.c:134:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
column = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/geopackage/gpkg_add_spatial_index.c:140:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
table = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/geopackage/gpkg_add_spatial_index.c:141:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
column = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/headers/spatialite/gaiaexif.h:136:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char TagOffset[4];
data/spatialite-5.0.0/src/headers/spatialite/geojson.h:298:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cast_type[64];
data/spatialite-5.0.0/src/headers/spatialite/geojson.h:300:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cast_dims[64];
data/spatialite-5.0.0/src/headers/spatialite/geojson.h:357:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[GEOJSON_MAX];
data/spatialite-5.0.0/src/headers/spatialite/geojson.h:361:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[GEOJSON_MAX];
data/spatialite-5.0.0/src/headers/spatialite/geojson.h:365:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char numvalue[GEOJSON_MAX];
data/spatialite-5.0.0/src/headers/spatialite_private.h:115:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char gaiaBlob[64];
data/spatialite-5.0.0/src/md5/gaia_md5.c:76:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char result[32];
data/spatialite-5.0.0/src/md5/gaia_md5.c:100:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hex_byte[8];
data/spatialite-5.0.0/src/md5/gaia_md5.c:101:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char result[32];
data/spatialite-5.0.0/src/md5/gaia_md5.c:112:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (hex_byte, "%02x", result[i]);
data/spatialite-5.0.0/src/md5/md5.c:235:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (&ctx->buffer[used], data, size);
data/spatialite-5.0.0/src/md5/md5.c:239:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (&ctx->buffer[used], data, free);
data/spatialite-5.0.0/src/md5/md5.c:251:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (ctx->buffer, data, size);
data/spatialite-5.0.0/src/md5/md5.h:56:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[64];
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:329:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (value->txt_blob_value, p, size);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:723:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *alt_pk[10] =
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:874:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char extra[512];
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:1817:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *alt_pk[10] =
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:1889:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char extra[512];
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:2582:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char suffix[6];
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:2583:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[256];
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:2660:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[256];
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:2768:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[256];
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:3004:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dummy[64];
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:3007:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *options[4];
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:3020:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (dummy, "%d", srid);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:3033:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out = fopen (prj_path, "wb");
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:3087:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
srid = atoi (results[(i * columns) + 0]);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:3110:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
srid = atoi (results[(i * columns) + 0]);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:3204:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out = fopen (sql, "wb");
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:3276:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
length = atoi (type + 8);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:3278:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
length = atoi (type + 5);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:3447:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (*db_prefix, tn, l_db);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:4555:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:5063:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (err_msg, "Exported %d rows into SHAPEFILE", rows);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:5184:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:5425:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (err_msg, "Exported %d rows into the DBF file\n", rows);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:5492:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (err_msg,
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:5565:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out = fopen (kml_path, "wb");
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:5701:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out = fopen (outfile_path, "wb");
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:5826:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*srid = atoi (results[(i * columns) + 1]);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:5827:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
gtype = atoi (results[(i * columns) + 2]);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:6102:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out = fopen (outfile_path, "wb");
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:6335:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
in = fopen (path, "rb");
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:6589:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (wkt, mem_shape->prj.buf, mem_shape->prj.size);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:6871:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pk = atoi (results[(i * columns) + 5]);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:7126:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pk = atoi (results[(i * columns) + 5]);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:7251:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
switch (atoi (results[(i * columns) + 0]))
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:7382:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*srid = atoi (results[(i * columns) + 1]);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:7389:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*srid = atoi (results[(i * columns) + 2]);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:7393:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (type, "POINT");
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:7396:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (type, "LINESTRING");
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:7399:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (type, "POLYGON");
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:7401:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (type, "GEOMETRY");
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:7480:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (results[(i * columns) + 0]) != 0)
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:7763:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type[128];
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:7765:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dims[64];
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:7897:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (results[(i * columns) + 3]) != 0)
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:7929:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char multi_type[128];
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:7931:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (multi_type, "MULTIPOINT");
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:7933:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (multi_type, "MULTILINESTRING");
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:7935:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (multi_type, "MULTIPOLYGON");
data/spatialite-5.0.0/src/shapefiles/validator.c:152:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
spatial_type = atoi (results[(i * columns) + 0]);
data/spatialite-5.0.0/src/shapefiles/validator.c:284:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*srid = atoi (results[(i * columns) + 1]);
data/spatialite-5.0.0/src/shapefiles/validator.c:288:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*gtype = atoi (results[(i * columns) + 0]);
data/spatialite-5.0.0/src/shapefiles/validator.c:289:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*srid = atoi (results[(i * columns) + 1]);
data/spatialite-5.0.0/src/shapefiles/validator.c:1070:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
spatial_type = atoi (results[(i * columns) + 0]);
data/spatialite-5.0.0/src/shapefiles/validator.c:1692:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char num[256];
data/spatialite-5.0.0/src/shapefiles/validator.c:1696:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char summary[1024];
data/spatialite-5.0.0/src/shapefiles/validator.c:1960:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out = fopen (report_path, "wb");
data/spatialite-5.0.0/src/shapefiles/validator.c:2481:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out = fopen (report, "wb");
data/spatialite-5.0.0/src/shapefiles/validator.c:2916:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char num[256];
data/spatialite-5.0.0/src/shapefiles/validator.c:3110:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out = fopen (report_path, "wb");
data/spatialite-5.0.0/src/shapefiles/validator.c:3474:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out = fopen (report, "wb");
data/spatialite-5.0.0/src/spatialite/create_routing.c:1481:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char xid[64];
data/spatialite-5.0.0/src/spatialite/create_routing.c:2256:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (out, auxbuf, size);
data/spatialite-5.0.0/src/spatialite/dbobj_scopes.c:99:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (results[(i * columns) + 0]) > 0)
data/spatialite-5.0.0/src/spatialite/dbobj_scopes.c:2115:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (results[(i * columns) + 0]) > 0)
data/spatialite-5.0.0/src/spatialite/extra_tables.c:88:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sql[1024];
data/spatialite-5.0.0/src/spatialite/extra_tables.c:96:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "PRAGMA table_info(splite_metacatalog)");
data/spatialite-5.0.0/src/spatialite/extra_tables.c:115:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "PRAGMA table_info(splite_metacatalog_statistics)");
data/spatialite-5.0.0/src/spatialite/extra_tables.c:4294:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *tables[15];
data/spatialite-5.0.0/src/spatialite/extra_tables.c:4902:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *tables[4];
data/spatialite-5.0.0/src/spatialite/mbrcache.c:1254:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/mbrcache.c:1399:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(unsigned char *) sqlite3_value_blob (argv[3]);
data/spatialite-5.0.0/src/spatialite/mbrcache.c:1436:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(unsigned char *) sqlite3_value_blob (argv[3]);
data/spatialite-5.0.0/src/spatialite/metatables.c:110:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sql[1024];
data/spatialite-5.0.0/src/spatialite/metatables.c:118:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "PRAGMA table_info(spatialite_history)");
data/spatialite-5.0.0/src/spatialite/metatables.c:161:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sql[1024];
data/spatialite-5.0.0/src/spatialite/metatables.c:169:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "CREATE TABLE IF NOT EXISTS ");
data/spatialite-5.0.0/src/spatialite/metatables.c:170:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "spatialite_history (\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:171:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "event_id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:172:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "table_name TEXT NOT NULL,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:173:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "geometry_column TEXT,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:174:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "event TEXT NOT NULL,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:175:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "timestamp TEXT NOT NULL,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:176:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "ver_sqlite TEXT NOT NULL,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:177:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "ver_splite TEXT NOT NULL)");
data/spatialite-5.0.0/src/spatialite/metatables.c:193:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sql[2048];
data/spatialite-5.0.0/src/spatialite/metatables.c:200:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "INSERT INTO spatialite_history ");
data/spatialite-5.0.0/src/spatialite/metatables.c:201:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "(event_id, table_name, geometry_column, event, timestamp, ");
data/spatialite-5.0.0/src/spatialite/metatables.c:202:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "ver_sqlite, ver_splite) VALUES (NULL, ?, ?, ?, ");
data/spatialite-5.0.0/src/spatialite/metatables.c:203:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "strftime('%Y-%m-%dT%H:%M:%fZ', 'now'), ");
data/spatialite-5.0.0/src/spatialite/metatables.c:204:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "sqlite_version(), spatialite_version())");
data/spatialite-5.0.0/src/spatialite/metatables.c:232:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sql[4186];
data/spatialite-5.0.0/src/spatialite/metatables.c:243:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "CREATE TABLE IF NOT EXISTS ");
data/spatialite-5.0.0/src/spatialite/metatables.c:244:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "views_geometry_columns (\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:245:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "view_name TEXT NOT NULL,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:246:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "view_geometry TEXT NOT NULL,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:247:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "view_rowid TEXT NOT NULL,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:248:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "f_table_name TEXT NOT NULL,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:249:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "f_geometry_column TEXT NOT NULL,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:250:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "read_only INTEGER NOT NULL,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:251:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "CONSTRAINT pk_geom_cols_views PRIMARY KEY ");
data/spatialite-5.0.0/src/spatialite/metatables.c:252:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "(view_name, view_geometry),\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:253:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "CONSTRAINT fk_views_geom_cols FOREIGN KEY ");
data/spatialite-5.0.0/src/spatialite/metatables.c:254:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "(f_table_name, f_geometry_column) ");
data/spatialite-5.0.0/src/spatialite/metatables.c:255:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "REFERENCES geometry_columns ");
data/spatialite-5.0.0/src/spatialite/metatables.c:256:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "(f_table_name, f_geometry_column) ");
data/spatialite-5.0.0/src/spatialite/metatables.c:257:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "ON DELETE CASCADE,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:258:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "CONSTRAINT ck_vw_rdonly CHECK (read_only IN ");
data/spatialite-5.0.0/src/spatialite/metatables.c:259:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "(0,1)))");
data/spatialite-5.0.0/src/spatialite/metatables.c:268:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "CREATE INDEX IF NOT EXISTS ");
data/spatialite-5.0.0/src/spatialite/metatables.c:269:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "idx_viewsjoin ON views_geometry_columns\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:270:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "(f_table_name, f_geometry_column)");
data/spatialite-5.0.0/src/spatialite/metatables.c:279:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "CREATE TRIGGER IF NOT EXISTS vwgc_view_name_insert\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:280:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "BEFORE INSERT ON 'views_geometry_columns'\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:281:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "FOR EACH ROW BEGIN\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:282:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:284:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "view_name value must not contain a single quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:285:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.view_name LIKE ('%''%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:286:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:288:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "view_name value must not contain a double quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:289:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.view_name LIKE ('%\"%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:290:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:292:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "view_name value must be lower case')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:293:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.view_name <> lower(NEW.view_name);\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:294:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "END");
data/spatialite-5.0.0/src/spatialite/metatables.c:302:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "CREATE TRIGGER IF NOT EXISTS vwgc_view_name_update\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:303:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "BEFORE UPDATE OF 'view_name' ON 'views_geometry_columns'\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:304:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "FOR EACH ROW BEGIN\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:305:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:307:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "view_name value must not contain a single quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:308:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.view_name LIKE ('%''%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:309:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:311:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "view_name value must not contain a double quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:312:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.view_name LIKE ('%\"%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:313:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:315:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "view_name value must be lower case')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:316:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.view_name <> lower(NEW.view_name);\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:317:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "END");
data/spatialite-5.0.0/src/spatialite/metatables.c:325:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "CREATE TRIGGER IF NOT EXISTS vwgc_view_geometry_insert\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:326:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "BEFORE INSERT ON 'views_geometry_columns'\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:327:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "FOR EACH ROW BEGIN\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:328:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:330:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "view_geometry value must not contain a single quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:331:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.view_geometry LIKE ('%''%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:332:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:334:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "view_geometry value must not contain a double quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:335:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.view_geometry LIKE ('%\"%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:336:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:338:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "view_geometry value must be lower case')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:339:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.view_geometry <> lower(NEW.view_geometry);\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:340:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "END");
data/spatialite-5.0.0/src/spatialite/metatables.c:348:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "CREATE TRIGGER IF NOT EXISTS vwgc_view_geometry_update\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:349:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:351:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "FOR EACH ROW BEGIN\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:352:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:354:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "view_geometry value must not contain a single quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:355:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.view_geometry LIKE ('%''%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:356:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:358:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "view_geometry value must not contain a double quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:359:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.view_geometry LIKE ('%\"%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:360:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:362:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "view_geometry value must be lower case')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:363:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.view_geometry <> lower(NEW.view_geometry);\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:364:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "END");
data/spatialite-5.0.0/src/spatialite/metatables.c:372:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "CREATE TRIGGER IF NOT EXISTS vwgc_view_rowid_update\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:373:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "BEFORE UPDATE OF 'view_rowid' ON 'views_geometry_columns'\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:374:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "FOR EACH ROW BEGIN\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:375:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:377:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "view_rowid value must not contain a single quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:378:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.f_geometry_column LIKE ('%''%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:379:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:381:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "view_rowid value must not contain a double quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:382:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.view_rowid LIKE ('%\"%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:383:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:385:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "view_rowid value must be lower case')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:386:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.view_rowid <> lower(NEW.view_rowid);\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:387:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "END");
data/spatialite-5.0.0/src/spatialite/metatables.c:395:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "CREATE TRIGGER IF NOT EXISTS vwgc_view_rowid_insert\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:396:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "BEFORE INSERT ON 'views_geometry_columns'\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:397:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "FOR EACH ROW BEGIN\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:398:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:400:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "view_rowid value must not contain a single quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:401:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.view_rowid LIKE ('%''%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:402:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:404:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "view_rowid value must not contain a double quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:405:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.view_rowid LIKE ('%\"%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:406:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:408:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "view_rowid value must be lower case')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:409:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.view_rowid <> lower(NEW.view_rowid);\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:410:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "END");
data/spatialite-5.0.0/src/spatialite/metatables.c:418:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "CREATE TRIGGER IF NOT EXISTS vwgc_f_table_name_insert\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:419:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "BEFORE INSERT ON 'views_geometry_columns'\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:420:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "FOR EACH ROW BEGIN\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:421:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:423:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "f_table_name value must not contain a single quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:424:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.f_table_name LIKE ('%''%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:425:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:427:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "f_table_name value must not contain a double quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:428:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.f_table_name LIKE ('%\"%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:429:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:431:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "f_table_name value must be lower case')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:432:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.f_table_name <> lower(NEW.f_table_name);\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:433:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "END");
data/spatialite-5.0.0/src/spatialite/metatables.c:441:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "CREATE TRIGGER IF NOT EXISTS vwgc_f_table_name_update\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:442:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:444:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "FOR EACH ROW BEGIN\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:445:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:447:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "f_table_name value must not contain a single quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:448:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.f_table_name LIKE ('%''%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:449:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:451:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "f_table_name value must not contain a double quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:452:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.f_table_name LIKE ('%\"%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:453:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:455:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "f_table_name value must be lower case')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:456:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.f_table_name <> lower(NEW.f_table_name);\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:457:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "END");
data/spatialite-5.0.0/src/spatialite/metatables.c:465:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:467:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "BEFORE INSERT ON 'views_geometry_columns'\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:468:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "FOR EACH ROW BEGIN\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:469:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:471:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "f_geometry_column value must not contain a single quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:472:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.f_geometry_column LIKE ('%''%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:473:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:475:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "f_geometry_column value must not contain a double quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:476:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.f_geometry_column LIKE ('%\"%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:477:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:479:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "f_geometry_column value must be lower case')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:480:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:482:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "END");
data/spatialite-5.0.0/src/spatialite/metatables.c:490:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:492:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:494:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "FOR EACH ROW BEGIN\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:495:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:497:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "f_geometry_column value must not contain a single quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:498:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.f_geometry_column LIKE ('%''%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:499:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:501:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "f_geometry_column value must not contain a double quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:502:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.f_geometry_column LIKE ('%\"%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:503:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:505:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "f_geometry_column value must be lower case')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:506:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:508:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "END");
data/spatialite-5.0.0/src/spatialite/metatables.c:522:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sql[4186];
data/spatialite-5.0.0/src/spatialite/metatables.c:533:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "CREATE TABLE IF NOT EXISTS ");
data/spatialite-5.0.0/src/spatialite/metatables.c:534:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "virts_geometry_columns (\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:535:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "virt_name TEXT NOT NULL,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:536:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "virt_geometry TEXT NOT NULL,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:537:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "geometry_type INTEGER NOT NULL,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:538:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "coord_dimension INTEGER NOT NULL,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:539:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "srid INTEGER NOT NULL,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:540:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "CONSTRAINT pk_geom_cols_virts PRIMARY KEY ");
data/spatialite-5.0.0/src/spatialite/metatables.c:541:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "(virt_name, virt_geometry),\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:542:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "CONSTRAINT fk_vgc_srid FOREIGN KEY ");
data/spatialite-5.0.0/src/spatialite/metatables.c:543:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "(srid) REFERENCES spatial_ref_sys (srid))");
data/spatialite-5.0.0/src/spatialite/metatables.c:552:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "CREATE INDEX IF NOT EXISTS ");
data/spatialite-5.0.0/src/spatialite/metatables.c:553:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "idx_virtssrid ON virts_geometry_columns\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:554:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "(srid)");
data/spatialite-5.0.0/src/spatialite/metatables.c:563:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "CREATE TRIGGER IF NOT EXISTS vtgc_virt_name_insert\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:564:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "BEFORE INSERT ON 'virts_geometry_columns'\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:565:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "FOR EACH ROW BEGIN\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:566:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:568:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "virt_name value must not contain a single quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:569:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.virt_name LIKE ('%''%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:570:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:572:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "virt_name value must not contain a double quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:573:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.virt_name LIKE ('%\"%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:574:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:576:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "virt_name value must be lower case')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:577:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.virt_name <> lower(NEW.virt_name);\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:578:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "END");
data/spatialite-5.0.0/src/spatialite/metatables.c:586:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "CREATE TRIGGER IF NOT EXISTS vtgc_virt_name_update\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:587:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "BEFORE UPDATE OF 'virt_name' ON 'virts_geometry_columns'\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:588:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "FOR EACH ROW BEGIN\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:589:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:591:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "virt_name value must not contain a single quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:592:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.virt_name LIKE ('%''%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:593:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:595:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "virt_name value must not contain a double quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:596:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.virt_name LIKE ('%\"%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:597:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:599:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "virt_name value must be lower case')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:600:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.virt_name <> lower(NEW.virt_name);\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:601:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "END");
data/spatialite-5.0.0/src/spatialite/metatables.c:609:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "CREATE TRIGGER IF NOT EXISTS vtgc_virt_geometry_insert\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:610:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "BEFORE INSERT ON 'virts_geometry_columns'\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:611:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "FOR EACH ROW BEGIN\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:612:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:614:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "virt_geometry value must not contain a single quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:615:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.virt_geometry LIKE ('%''%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:616:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:618:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "virt_geometry value must not contain a double quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:619:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.virt_geometry LIKE ('%\"%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:620:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:622:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "virt_geometry value must be lower case')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:623:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.virt_geometry <> lower(NEW.virt_geometry);\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:624:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "END");
data/spatialite-5.0.0/src/spatialite/metatables.c:632:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "CREATE TRIGGER IF NOT EXISTS vtgc_virt_geometry_update\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:633:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:635:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "FOR EACH ROW BEGIN\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:636:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:638:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "virt_geometry value must not contain a single quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:639:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.virt_geometry LIKE ('%''%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:640:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:642:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "virt_geometry value must not contain a double quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:643:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.virt_geometry LIKE ('%\"%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:644:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:646:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "virt_geometry value must be lower case')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:647:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.virt_geometry <> lower(NEW.virt_geometry);\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:648:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "END");
data/spatialite-5.0.0/src/spatialite/metatables.c:656:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "CREATE TRIGGER IF NOT EXISTS vtgc_geometry_type_insert\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:657:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "BEFORE INSERT ON 'virts_geometry_columns'\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:658:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "FOR EACH ROW BEGIN\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:659:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "SELECT RAISE(ABORT,'geometry_type must be one of ");
data/spatialite-5.0.0/src/spatialite/metatables.c:660:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "0,1,2,3,4,5,6,7,");
data/spatialite-5.0.0/src/spatialite/metatables.c:661:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "1000,1001,1002,1003,1004,1005,1006,1007,");
data/spatialite-5.0.0/src/spatialite/metatables.c:662:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "2000,2001,2002,2003,2004,2005,2006,2007,");
data/spatialite-5.0.0/src/spatialite/metatables.c:663:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "3000,3001,3002,3003,3004,3005,3006,3007')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:664:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NOT(NEW.geometry_type IN (0,1,2,3,4,5,6,7,");
data/spatialite-5.0.0/src/spatialite/metatables.c:665:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "1000,1001,1002,1003,1004,1005,1006,1007,");
data/spatialite-5.0.0/src/spatialite/metatables.c:666:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "2000,2001,2002,2003,2004,2005,2006,2007,");
data/spatialite-5.0.0/src/spatialite/metatables.c:667:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "3000,3001,3002,3003,3004,3005,3006,3007));\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:668:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "END");
data/spatialite-5.0.0/src/spatialite/metatables.c:676:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "CREATE TRIGGER IF NOT EXISTS vtgc_geometry_type_update\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:677:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:679:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "FOR EACH ROW BEGIN\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:680:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "SELECT RAISE(ABORT,'geometry_type must be one of ");
data/spatialite-5.0.0/src/spatialite/metatables.c:681:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "0,1,2,3,4,5,6,7,");
data/spatialite-5.0.0/src/spatialite/metatables.c:682:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "1000,1001,1002,1003,1004,1005,1006,1007,");
data/spatialite-5.0.0/src/spatialite/metatables.c:683:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "2000,2001,2002,2003,2004,2005,2006,2007,");
data/spatialite-5.0.0/src/spatialite/metatables.c:684:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "3000,3001,3002,3003,3004,3005,3006,3007')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:685:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NOT(NEW.geometry_type IN (0,1,2,3,4,5,6,7,");
data/spatialite-5.0.0/src/spatialite/metatables.c:686:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "1000,1001,1002,1003,1004,1005,1006,1007,");
data/spatialite-5.0.0/src/spatialite/metatables.c:687:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "2000,2001,2002,2003,2004,2005,2006,2007,");
data/spatialite-5.0.0/src/spatialite/metatables.c:688:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "3000,3001,3002,3003,3004,3005,3006,3007));\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:689:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "END");
data/spatialite-5.0.0/src/spatialite/metatables.c:697:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "CREATE TRIGGER IF NOT EXISTS vtgc_coord_dimension_insert\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:698:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "BEFORE INSERT ON 'virts_geometry_columns'\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:699:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "FOR EACH ROW BEGIN\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:700:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:702:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NOT(NEW.coord_dimension IN (2,3,4));\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:703:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "END");
data/spatialite-5.0.0/src/spatialite/metatables.c:711:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "CREATE TRIGGER IF NOT EXISTS vtgc_coord_dimension_update\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:712:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:714:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "FOR EACH ROW BEGIN\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:715:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:717:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NOT(NEW.coord_dimension IN (2,3,4));\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:718:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "END");
data/spatialite-5.0.0/src/spatialite/metatables.c:732:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sql[4186];
data/spatialite-5.0.0/src/spatialite/metatables.c:743:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "CREATE TABLE IF NOT EXISTS ");
data/spatialite-5.0.0/src/spatialite/metatables.c:744:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "geometry_columns_statistics (\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:745:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "f_table_name TEXT NOT NULL,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:746:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "f_geometry_column TEXT NOT NULL,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:747:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "last_verified TIMESTAMP,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:748:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "row_count INTEGER,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:749:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "extent_min_x DOUBLE,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:750:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "extent_min_y DOUBLE,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:751:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "extent_max_x DOUBLE,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:752:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "extent_max_y DOUBLE,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:753:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "CONSTRAINT pk_gc_statistics PRIMARY KEY ");
data/spatialite-5.0.0/src/spatialite/metatables.c:754:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "(f_table_name, f_geometry_column),\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:755:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "CONSTRAINT fk_gc_statistics FOREIGN KEY ");
data/spatialite-5.0.0/src/spatialite/metatables.c:756:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "(f_table_name, f_geometry_column) REFERENCES ");
data/spatialite-5.0.0/src/spatialite/metatables.c:757:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "geometry_columns (f_table_name, f_geometry_column) ");
data/spatialite-5.0.0/src/spatialite/metatables.c:758:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "ON DELETE CASCADE)");
data/spatialite-5.0.0/src/spatialite/metatables.c:767:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "CREATE TRIGGER IF NOT EXISTS gcs_f_table_name_insert\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:768:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "BEFORE INSERT ON 'geometry_columns_statistics'\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:769:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "FOR EACH ROW BEGIN\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:770:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:772:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "f_table_name value must not contain a single quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:773:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.f_table_name LIKE ('%''%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:774:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:776:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "f_table_name value must not contain a double quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:777:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.f_table_name LIKE ('%\"%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:778:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:780:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "f_table_name value must be lower case')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:781:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.f_table_name <> lower(NEW.f_table_name);\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:782:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "END");
data/spatialite-5.0.0/src/spatialite/metatables.c:790:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "CREATE TRIGGER IF NOT EXISTS gcs_f_table_name_update\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:791:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:793:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "FOR EACH ROW BEGIN\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:794:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:796:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "f_table_name value must not contain a single quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:797:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.f_table_name LIKE ('%''%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:798:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:800:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "f_table_name value must not contain a double quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:801:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.f_table_name LIKE ('%\"%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:802:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:804:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "f_table_name value must be lower case')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:805:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.f_table_name <> lower(NEW.f_table_name);\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:806:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "END");
data/spatialite-5.0.0/src/spatialite/metatables.c:814:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "CREATE TRIGGER IF NOT EXISTS gcs_f_geometry_column_insert\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:815:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "BEFORE INSERT ON 'geometry_columns_statistics'\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:816:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "FOR EACH ROW BEGIN\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:817:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:819:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "f_geometry_column value must not contain a single quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:820:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.f_geometry_column LIKE ('%''%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:821:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:823:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "f_geometry_column value must not contain a double quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:824:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.f_geometry_column LIKE ('%\"%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:825:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:827:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "f_geometry_column value must be lower case')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:828:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:830:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "END");
data/spatialite-5.0.0/src/spatialite/metatables.c:838:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "CREATE TRIGGER IF NOT EXISTS gcs_f_geometry_column_update\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:839:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:841:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "FOR EACH ROW BEGIN\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:842:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:844:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "f_geometry_column value must not contain a single quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:845:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.f_geometry_column LIKE ('%''%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:846:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:848:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "f_geometry_column value must not contain a double quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:849:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.f_geometry_column LIKE ('%\"%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:850:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:852:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "f_geometry_column value must be lower case')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:853:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:855:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "END");
data/spatialite-5.0.0/src/spatialite/metatables.c:869:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sql[4186];
data/spatialite-5.0.0/src/spatialite/metatables.c:880:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "CREATE TABLE IF NOT EXISTS ");
data/spatialite-5.0.0/src/spatialite/metatables.c:881:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "views_geometry_columns_statistics (\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:882:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "view_name TEXT NOT NULL,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:883:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "view_geometry TEXT NOT NULL,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:884:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "last_verified TIMESTAMP,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:885:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "row_count INTEGER,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:886:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "extent_min_x DOUBLE,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:887:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "extent_min_y DOUBLE,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:888:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "extent_max_x DOUBLE,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:889:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "extent_max_y DOUBLE,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:890:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "CONSTRAINT pk_vwgc_statistics PRIMARY KEY ");
data/spatialite-5.0.0/src/spatialite/metatables.c:891:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "(view_name, view_geometry),\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:892:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "CONSTRAINT fk_vwgc_statistics FOREIGN KEY ");
data/spatialite-5.0.0/src/spatialite/metatables.c:893:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "(view_name, view_geometry) REFERENCES ");
data/spatialite-5.0.0/src/spatialite/metatables.c:894:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "views_geometry_columns (view_name, view_geometry) ");
data/spatialite-5.0.0/src/spatialite/metatables.c:895:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "ON DELETE CASCADE)");
data/spatialite-5.0.0/src/spatialite/metatables.c:904:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "CREATE TRIGGER IF NOT EXISTS vwgcs_view_name_insert\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:905:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "BEFORE INSERT ON 'views_geometry_columns_statistics'\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:906:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "FOR EACH ROW BEGIN\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:907:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:909:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "view_name value must not contain a single quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:910:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.view_name LIKE ('%''%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:911:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:913:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "view_name value must not contain a double quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:914:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.view_name LIKE ('%\"%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:915:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:917:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "view_name value must be lower case')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:918:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.view_name <> lower(NEW.view_name);\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:919:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "END");
data/spatialite-5.0.0/src/spatialite/metatables.c:927:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "CREATE TRIGGER IF NOT EXISTS vwgcs_view_name_update\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:928:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:930:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "FOR EACH ROW BEGIN\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:931:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:933:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "view_name value must not contain a single quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:934:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.view_name LIKE ('%''%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:935:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:937:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "view_name value must not contain a double quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:938:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.view_name LIKE ('%\"%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:939:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:941:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "view_name value must be lower case')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:942:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.view_name <> lower(NEW.view_name);\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:943:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "END");
data/spatialite-5.0.0/src/spatialite/metatables.c:951:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "CREATE TRIGGER IF NOT EXISTS vwgcs_view_geometry_insert\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:952:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "BEFORE INSERT ON 'views_geometry_columns_statistics'\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:953:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "FOR EACH ROW BEGIN\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:954:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:956:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "view_geometry value must not contain a single quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:957:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.view_geometry LIKE ('%''%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:958:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:960:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "view_geometry value must not contain a double quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:961:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.view_geometry LIKE ('%\"%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:962:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:964:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "view_geometry value must be lower case')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:965:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.view_geometry <> lower(NEW.view_geometry);\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:966:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "END");
data/spatialite-5.0.0/src/spatialite/metatables.c:974:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "CREATE TRIGGER IF NOT EXISTS vwgcs_view_geometry_update\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:975:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:977:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "FOR EACH ROW BEGIN\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:978:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:980:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "view_geometry value must not contain a single quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:981:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.view_geometry LIKE ('%''%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:982:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:984:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "view_geometry value must not contain a double quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:985:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.view_geometry LIKE ('%\"%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:986:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:988:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "view_geometry value must be lower case')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:989:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.view_geometry <> lower(NEW.view_geometry);\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:990:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "END");
data/spatialite-5.0.0/src/spatialite/metatables.c:1004:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sql[4186];
data/spatialite-5.0.0/src/spatialite/metatables.c:1015:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "CREATE TABLE IF NOT EXISTS ");
data/spatialite-5.0.0/src/spatialite/metatables.c:1016:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "virts_geometry_columns_statistics (\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1017:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "virt_name TEXT NOT NULL,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1018:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "virt_geometry TEXT NOT NULL,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1019:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "last_verified TIMESTAMP,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1020:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "row_count INTEGER,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1021:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "extent_min_x DOUBLE,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1022:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "extent_min_y DOUBLE,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1023:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "extent_max_x DOUBLE,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1024:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "extent_max_y DOUBLE,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1025:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "CONSTRAINT pk_vrtgc_statistics PRIMARY KEY ");
data/spatialite-5.0.0/src/spatialite/metatables.c:1026:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "(virt_name, virt_geometry),\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1027:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "CONSTRAINT fk_vrtgc_statistics FOREIGN KEY ");
data/spatialite-5.0.0/src/spatialite/metatables.c:1028:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "(virt_name, virt_geometry) REFERENCES ");
data/spatialite-5.0.0/src/spatialite/metatables.c:1029:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "virts_geometry_columns (virt_name, virt_geometry) ");
data/spatialite-5.0.0/src/spatialite/metatables.c:1030:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "ON DELETE CASCADE)");
data/spatialite-5.0.0/src/spatialite/metatables.c:1039:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "CREATE TRIGGER IF NOT EXISTS vtgcs_virt_name_insert\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1040:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "BEFORE INSERT ON 'virts_geometry_columns_statistics'\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1041:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "FOR EACH ROW BEGIN\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1042:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1044:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "virt_name value must not contain a single quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1045:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.virt_name LIKE ('%''%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1046:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1048:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "virt_name value must not contain a double quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1049:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.virt_name LIKE ('%\"%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1050:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1052:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "virt_name value must be lower case')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1053:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.virt_name <> lower(NEW.virt_name);\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1054:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "END");
data/spatialite-5.0.0/src/spatialite/metatables.c:1062:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "CREATE TRIGGER IF NOT EXISTS vtgcs_virt_name_update\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1063:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1065:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "FOR EACH ROW BEGIN\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1066:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1068:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "virt_name value must not contain a single quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1069:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.virt_name LIKE ('%''%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1070:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1072:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "virt_name value must not contain a double quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1073:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.virt_name LIKE ('%\"%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1074:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1076:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "virt_name value must be lower case')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1077:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.virt_name <> lower(NEW.virt_name);\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1078:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "END");
data/spatialite-5.0.0/src/spatialite/metatables.c:1086:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "CREATE TRIGGER IF NOT EXISTS vtgcs_virt_geometry_insert\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1087:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "BEFORE INSERT ON 'virts_geometry_columns_statistics'\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1088:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "FOR EACH ROW BEGIN\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1089:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1091:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "virt_geometry value must not contain a single quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1092:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.virt_geometry LIKE ('%''%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1093:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1095:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "virt_geometry value must not contain a double quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1096:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.virt_geometry LIKE ('%\"%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1097:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1099:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "virt_geometry value must be lower case')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1100:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.virt_geometry <> lower(NEW.virt_geometry);\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1101:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "END");
data/spatialite-5.0.0/src/spatialite/metatables.c:1109:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "CREATE TRIGGER IF NOT EXISTS vtgcs_virt_geometry_update\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1110:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1112:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "FOR EACH ROW BEGIN\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1113:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1115:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "virt_geometry value must not contain a single quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1116:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.virt_geometry LIKE ('%''%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1117:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1119:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "virt_geometry value must not contain a double quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1120:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.virt_geometry LIKE ('%\"%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1121:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1123:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "virt_geometry value must be lower case')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1124:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.virt_geometry <> lower(NEW.virt_geometry);\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1125:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "END");
data/spatialite-5.0.0/src/spatialite/metatables.c:1139:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sql[4186];
data/spatialite-5.0.0/src/spatialite/metatables.c:1150:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "CREATE TABLE IF NOT EXISTS ");
data/spatialite-5.0.0/src/spatialite/metatables.c:1151:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "geometry_columns_field_infos (\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1152:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "f_table_name TEXT NOT NULL,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1153:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "f_geometry_column TEXT NOT NULL,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1154:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "ordinal INTEGER NOT NULL,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1155:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "column_name TEXT NOT NULL,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1156:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "null_values INTEGER NOT NULL,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1157:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "integer_values INTEGER NOT NULL,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1158:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "double_values INTEGER NOT NULL,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1159:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "text_values INTEGER NOT NULL,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1160:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "blob_values INTEGER NOT NULL,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1161:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "max_size INTEGER,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1162:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "integer_min INTEGER,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1163:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "integer_max INTEGER,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1164:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "double_min DOUBLE,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1165:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "double_max DOUBLE,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1166:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "CONSTRAINT pk_gcfld_infos PRIMARY KEY ");
data/spatialite-5.0.0/src/spatialite/metatables.c:1167:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "(f_table_name, f_geometry_column, ordinal, column_name),\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1168:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "CONSTRAINT fk_gcfld_infos FOREIGN KEY ");
data/spatialite-5.0.0/src/spatialite/metatables.c:1169:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "(f_table_name, f_geometry_column) REFERENCES ");
data/spatialite-5.0.0/src/spatialite/metatables.c:1170:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "geometry_columns (f_table_name, f_geometry_column) ");
data/spatialite-5.0.0/src/spatialite/metatables.c:1171:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "ON DELETE CASCADE)");
data/spatialite-5.0.0/src/spatialite/metatables.c:1180:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "CREATE TRIGGER IF NOT EXISTS gcfi_f_table_name_insert\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1181:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "BEFORE INSERT ON 'geometry_columns_field_infos'\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1182:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "FOR EACH ROW BEGIN\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1183:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1185:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "f_table_name value must not contain a single quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1186:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.f_table_name LIKE ('%''%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1187:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1189:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "f_table_name value must not contain a double quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1190:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.f_table_name LIKE ('%\"%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1191:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1193:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "f_table_name value must be lower case')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1194:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.f_table_name <> lower(NEW.f_table_name);\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1195:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "END");
data/spatialite-5.0.0/src/spatialite/metatables.c:1203:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "CREATE TRIGGER IF NOT EXISTS gcfi_f_table_name_update\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1204:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1206:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "FOR EACH ROW BEGIN\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1207:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1209:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "f_table_name value must not contain a single quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1210:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.f_table_name LIKE ('%''%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1211:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1213:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "f_table_name value must not contain a double quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1214:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.f_table_name LIKE ('%\"%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1215:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1217:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "f_table_name value must be lower case')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1218:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.f_table_name <> lower(NEW.f_table_name);\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1219:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "END");
data/spatialite-5.0.0/src/spatialite/metatables.c:1227:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1229:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "BEFORE INSERT ON 'geometry_columns_field_infos'\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1230:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "FOR EACH ROW BEGIN\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1231:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1233:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "f_geometry_column value must not contain a single quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1234:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.f_geometry_column LIKE ('%''%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1235:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1237:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "f_geometry_column value must not contain a double quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1238:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.f_geometry_column LIKE ('%\"%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1239:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1241:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "f_geometry_column value must be lower case')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1242:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1244:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "END");
data/spatialite-5.0.0/src/spatialite/metatables.c:1252:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1254:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1256:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "FOR EACH ROW BEGIN\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1257:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1259:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "f_geometry_column value must not contain a single quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1260:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.f_geometry_column LIKE ('%''%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1261:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1263:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "f_geometry_column value must not contain a double quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1264:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.f_geometry_column LIKE ('%\"%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1265:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1267:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "f_geometry_column value must be lower case')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1268:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1270:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "END");
data/spatialite-5.0.0/src/spatialite/metatables.c:1284:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sql[4186];
data/spatialite-5.0.0/src/spatialite/metatables.c:1295:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "CREATE TABLE IF NOT EXISTS ");
data/spatialite-5.0.0/src/spatialite/metatables.c:1296:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "views_geometry_columns_field_infos (\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1297:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "view_name TEXT NOT NULL,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1298:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "view_geometry TEXT NOT NULL,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1299:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "ordinal INTEGER NOT NULL,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1300:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "column_name TEXT NOT NULL,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1301:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "null_values INTEGER NOT NULL,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1302:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "integer_values INTEGER NOT NULL,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1303:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "double_values INTEGER NOT NULL,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1304:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "text_values INTEGER NOT NULL,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1305:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "blob_values INTEGER NOT NULL,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1306:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "max_size INTEGER,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1307:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "integer_min INTEGER,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1308:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "integer_max INTEGER,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1309:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "double_min DOUBLE,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1310:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "double_max DOUBLE,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1311:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "CONSTRAINT pk_vwgcfld_infos PRIMARY KEY ");
data/spatialite-5.0.0/src/spatialite/metatables.c:1312:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "(view_name, view_geometry, ordinal, column_name),\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1313:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "CONSTRAINT fk_vwgcfld_infos FOREIGN KEY ");
data/spatialite-5.0.0/src/spatialite/metatables.c:1314:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "(view_name, view_geometry) REFERENCES ");
data/spatialite-5.0.0/src/spatialite/metatables.c:1315:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "views_geometry_columns (view_name, view_geometry) ");
data/spatialite-5.0.0/src/spatialite/metatables.c:1316:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "ON DELETE CASCADE)");
data/spatialite-5.0.0/src/spatialite/metatables.c:1325:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "CREATE TRIGGER IF NOT EXISTS vwgcfi_view_name_insert\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1326:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "BEFORE INSERT ON 'views_geometry_columns_field_infos'\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1327:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "FOR EACH ROW BEGIN\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1328:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1330:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "view_name value must not contain a single quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1331:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.view_name LIKE ('%''%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1332:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1334:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "view_name value must not contain a double quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1335:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.view_name LIKE ('%\"%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1336:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1338:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "view_name value must be lower case')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1339:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.view_name <> lower(NEW.view_name);\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1340:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "END");
data/spatialite-5.0.0/src/spatialite/metatables.c:1348:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "CREATE TRIGGER IF NOT EXISTS vwgcfi_view_name_update\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1349:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1351:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "FOR EACH ROW BEGIN\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1352:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1354:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "view_name value must not contain a single quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1355:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.view_name LIKE ('%''%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1356:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1358:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "view_name value must not contain a double quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1359:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.view_name LIKE ('%\"%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1360:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1362:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "view_name value must be lower case')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1363:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.view_name <> lower(NEW.view_name);\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1364:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "END");
data/spatialite-5.0.0/src/spatialite/metatables.c:1372:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "CREATE TRIGGER IF NOT EXISTS vwgcfi_view_geometry_insert\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1373:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "BEFORE INSERT ON 'views_geometry_columns_field_infos'\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1374:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "FOR EACH ROW BEGIN\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1375:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1377:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "view_geometry value must not contain a single quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1378:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.view_geometry LIKE ('%''%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1379:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1381:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "view_geometry value must not contain a double quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1382:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.view_geometry LIKE ('%\"%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1383:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1385:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "view_geometry value must be lower case')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1386:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.view_geometry <> lower(NEW.view_geometry);\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1387:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "END");
data/spatialite-5.0.0/src/spatialite/metatables.c:1395:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "CREATE TRIGGER IF NOT EXISTS vwgcfi_view_geometry_update\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1396:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1398:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "FOR EACH ROW BEGIN\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1399:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1401:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "view_geometry value must not contain a single quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1402:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.view_geometry LIKE ('%''%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1403:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1405:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "view_geometry value must not contain a double quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1406:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.view_geometry LIKE ('%\"%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1407:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1409:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "view_geometry value must be lower case')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1410:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.view_geometry <> lower(NEW.view_geometry);\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1411:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "END");
data/spatialite-5.0.0/src/spatialite/metatables.c:1425:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sql[4186];
data/spatialite-5.0.0/src/spatialite/metatables.c:1436:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "CREATE TABLE IF NOT EXISTS ");
data/spatialite-5.0.0/src/spatialite/metatables.c:1437:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "virts_geometry_columns_field_infos (\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1438:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "virt_name TEXT NOT NULL,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1439:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "virt_geometry TEXT NOT NULL,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1440:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "ordinal INTEGER NOT NULL,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1441:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "column_name TEXT NOT NULL,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1442:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "null_values INTEGER NOT NULL,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1443:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "integer_values INTEGER NOT NULL,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1444:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "double_values INTEGER NOT NULL,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1445:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "text_values INTEGER NOT NULL,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1446:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "blob_values INTEGER NOT NULL,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1447:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "max_size INTEGER,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1448:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "integer_min INTEGER,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1449:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "integer_max INTEGER,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1450:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "double_min DOUBLE,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1451:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "double_max DOUBLE,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1452:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "CONSTRAINT pk_vrtgcfld_infos PRIMARY KEY ");
data/spatialite-5.0.0/src/spatialite/metatables.c:1453:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "(virt_name, virt_geometry, ordinal, column_name),\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1454:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "CONSTRAINT fk_vrtgcfld_infos FOREIGN KEY ");
data/spatialite-5.0.0/src/spatialite/metatables.c:1455:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "(virt_name, virt_geometry) REFERENCES ");
data/spatialite-5.0.0/src/spatialite/metatables.c:1456:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "virts_geometry_columns (virt_name, virt_geometry) ");
data/spatialite-5.0.0/src/spatialite/metatables.c:1457:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "ON DELETE CASCADE)");
data/spatialite-5.0.0/src/spatialite/metatables.c:1466:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "CREATE TRIGGER IF NOT EXISTS vtgcfi_virt_name_insert\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1467:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "BEFORE INSERT ON 'virts_geometry_columns_field_infos'\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1468:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "FOR EACH ROW BEGIN\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1469:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1471:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "virt_name value must not contain a single quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1472:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.virt_name LIKE ('%''%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1473:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1475:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "virt_name value must not contain a double quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1476:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.virt_name LIKE ('%\"%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1477:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1479:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "virt_name value must be lower case')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1480:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.virt_name <> lower(NEW.virt_name);\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1481:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "END");
data/spatialite-5.0.0/src/spatialite/metatables.c:1489:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "CREATE TRIGGER IF NOT EXISTS vtgcfi_virt_name_update\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1490:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1492:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "FOR EACH ROW BEGIN\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1493:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1495:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "virt_name value must not contain a single quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1496:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.virt_name LIKE ('%''%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1497:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1499:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "virt_name value must not contain a double quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1500:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.virt_name LIKE ('%\"%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1501:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1503:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "virt_name value must be lower case')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1504:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.virt_name <> lower(NEW.virt_name);\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1505:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "END");
data/spatialite-5.0.0/src/spatialite/metatables.c:1513:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "CREATE TRIGGER IF NOT EXISTS vtgcfi_virt_geometry_insert\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1514:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "BEFORE INSERT ON 'virts_geometry_columns_field_infos'\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1515:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "FOR EACH ROW BEGIN\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1516:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1518:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "virt_geometry value must not contain a single quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1519:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.virt_geometry LIKE ('%''%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1520:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1522:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "virt_geometry value must not contain a double quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1523:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.virt_geometry LIKE ('%\"%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1524:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1526:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "virt_geometry value must be lower case')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1527:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.virt_geometry <> lower(NEW.virt_geometry);\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1528:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "END");
data/spatialite-5.0.0/src/spatialite/metatables.c:1536:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "CREATE TRIGGER IF NOT EXISTS vtgcfi_virt_geometry_update\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1537:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1539:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "FOR EACH ROW BEGIN\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1540:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1542:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "virt_geometry value must not contain a single quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1543:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.virt_geometry LIKE ('%''%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1544:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1546:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "virt_geometry value must not contain a double quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1547:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.virt_geometry LIKE ('%\"%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1548:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1550:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "virt_geometry value must be lower case')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1551:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.virt_geometry <> lower(NEW.virt_geometry);\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1552:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "END");
data/spatialite-5.0.0/src/spatialite/metatables.c:1566:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sql[4186];
data/spatialite-5.0.0/src/spatialite/metatables.c:1577:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "CREATE TABLE IF NOT EXISTS ");
data/spatialite-5.0.0/src/spatialite/metatables.c:1578:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "geometry_columns_time (\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1579:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "f_table_name TEXT NOT NULL,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1580:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "f_geometry_column TEXT NOT NULL,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1581:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1583:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1585:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1587:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "CONSTRAINT pk_gc_time PRIMARY KEY ");
data/spatialite-5.0.0/src/spatialite/metatables.c:1588:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "(f_table_name, f_geometry_column),\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1589:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "CONSTRAINT fk_gc_time FOREIGN KEY ");
data/spatialite-5.0.0/src/spatialite/metatables.c:1590:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "(f_table_name, f_geometry_column) ");
data/spatialite-5.0.0/src/spatialite/metatables.c:1591:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "REFERENCES geometry_columns ");
data/spatialite-5.0.0/src/spatialite/metatables.c:1592:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "(f_table_name, f_geometry_column) ");
data/spatialite-5.0.0/src/spatialite/metatables.c:1593:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "ON DELETE CASCADE)");
data/spatialite-5.0.0/src/spatialite/metatables.c:1602:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "CREATE TRIGGER IF NOT EXISTS gctm_f_table_name_insert\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1603:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "BEFORE INSERT ON 'geometry_columns_time'\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1604:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "FOR EACH ROW BEGIN\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1605:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1607:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "f_table_name value must not contain a single quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1608:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.f_table_name LIKE ('%''%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1609:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1611:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "f_table_name value must not contain a double quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1612:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.f_table_name LIKE ('%\"%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1613:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1615:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "f_table_name value must be lower case')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1616:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.f_table_name <> lower(NEW.f_table_name);\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1617:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "END");
data/spatialite-5.0.0/src/spatialite/metatables.c:1625:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "CREATE TRIGGER IF NOT EXISTS gctm_f_table_name_update\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1626:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1628:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "FOR EACH ROW BEGIN\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1629:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1631:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "f_table_name value must not contain a single quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1632:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.f_table_name LIKE ('%''%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1633:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1635:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "f_table_name value must not contain a double quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1636:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.f_table_name LIKE ('%\"%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1637:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1639:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "f_table_name value must be lower case')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1640:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.f_table_name <> lower(NEW.f_table_name);\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1641:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "END");
data/spatialite-5.0.0/src/spatialite/metatables.c:1649:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1651:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "BEFORE INSERT ON 'geometry_columns_time'\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1652:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "FOR EACH ROW BEGIN\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1653:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1655:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "f_geometry_column value must not contain a single quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1656:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.f_geometry_column LIKE ('%''%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1657:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1659:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "f_geometry_column value must not contain a double quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1660:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.f_geometry_column LIKE ('%\"%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1661:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1663:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "f_geometry_column value must be lower case')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1664:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1666:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "END");
data/spatialite-5.0.0/src/spatialite/metatables.c:1674:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1676:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1678:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "FOR EACH ROW BEGIN\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1679:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1681:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "f_geometry_column value must not contain a single quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1682:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.f_geometry_column LIKE ('%''%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1683:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1685:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "f_geometry_column value must not contain a double quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1686:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.f_geometry_column LIKE ('%\"%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1687:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1689:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "f_geometry_column value must be lower case')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1690:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1692:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "END");
data/spatialite-5.0.0/src/spatialite/metatables.c:1706:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sql[4186];
data/spatialite-5.0.0/src/spatialite/metatables.c:1717:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "CREATE TABLE IF NOT EXISTS ");
data/spatialite-5.0.0/src/spatialite/metatables.c:1718:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "geometry_columns_auth (\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1719:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "f_table_name TEXT NOT NULL,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1720:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "f_geometry_column TEXT NOT NULL,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1721:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "read_only INTEGER NOT NULL,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1722:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "hidden INTEGER NOT NULL,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1723:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "CONSTRAINT pk_gc_auth PRIMARY KEY ");
data/spatialite-5.0.0/src/spatialite/metatables.c:1724:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "(f_table_name, f_geometry_column),\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1725:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "CONSTRAINT fk_gc_auth FOREIGN KEY ");
data/spatialite-5.0.0/src/spatialite/metatables.c:1726:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "(f_table_name, f_geometry_column) ");
data/spatialite-5.0.0/src/spatialite/metatables.c:1727:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "REFERENCES geometry_columns ");
data/spatialite-5.0.0/src/spatialite/metatables.c:1728:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "(f_table_name, f_geometry_column) ");
data/spatialite-5.0.0/src/spatialite/metatables.c:1729:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "ON DELETE CASCADE,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1730:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "CONSTRAINT ck_gc_ronly CHECK (read_only IN ");
data/spatialite-5.0.0/src/spatialite/metatables.c:1731:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "(0,1)),\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1732:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "CONSTRAINT ck_gc_hidden CHECK (hidden IN ");
data/spatialite-5.0.0/src/spatialite/metatables.c:1733:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "(0,1)))");
data/spatialite-5.0.0/src/spatialite/metatables.c:1742:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "CREATE TRIGGER IF NOT EXISTS gcau_f_table_name_insert\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1743:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "BEFORE INSERT ON 'geometry_columns_auth'\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1744:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "FOR EACH ROW BEGIN\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1745:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1747:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "f_table_name value must not contain a single quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1748:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.f_table_name LIKE ('%''%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1749:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1751:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "f_table_name value must not contain a double quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1752:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.f_table_name LIKE ('%\"%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1753:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1755:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "f_table_name value must be lower case')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1756:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.f_table_name <> lower(NEW.f_table_name);\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1757:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "END");
data/spatialite-5.0.0/src/spatialite/metatables.c:1765:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "CREATE TRIGGER IF NOT EXISTS gcau_f_table_name_update\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1766:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1768:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "FOR EACH ROW BEGIN\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1769:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1771:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "f_table_name value must not contain a single quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1772:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.f_table_name LIKE ('%''%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1773:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1775:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "f_table_name value must not contain a double quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1776:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.f_table_name LIKE ('%\"%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1777:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1779:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "f_table_name value must be lower case')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1780:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.f_table_name <> lower(NEW.f_table_name);\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1781:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "END");
data/spatialite-5.0.0/src/spatialite/metatables.c:1789:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1791:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "BEFORE INSERT ON 'geometry_columns_auth'\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1792:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "FOR EACH ROW BEGIN\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1793:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1795:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "f_geometry_column value must not contain a single quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1796:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.f_geometry_column LIKE ('%''%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1797:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1799:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "f_geometry_column value must not contain a double quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1800:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.f_geometry_column LIKE ('%\"%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1801:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1803:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "f_geometry_column value must be lower case')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1804:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1806:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "END");
data/spatialite-5.0.0/src/spatialite/metatables.c:1814:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1816:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1818:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "FOR EACH ROW BEGIN\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1819:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1821:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "f_geometry_column value must not contain a single quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1822:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.f_geometry_column LIKE ('%''%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1823:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1825:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "f_geometry_column value must not contain a double quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1826:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.f_geometry_column LIKE ('%\"%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1827:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1829:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "f_geometry_column value must be lower case')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1830:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1832:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "END");
data/spatialite-5.0.0/src/spatialite/metatables.c:1846:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sql[4186];
data/spatialite-5.0.0/src/spatialite/metatables.c:1857:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "CREATE TABLE IF NOT EXISTS ");
data/spatialite-5.0.0/src/spatialite/metatables.c:1858:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "views_geometry_columns_auth (\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1859:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "view_name TEXT NOT NULL,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1860:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "view_geometry TEXT NOT NULL,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1861:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "hidden INTEGER NOT NULL,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1862:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "CONSTRAINT pk_vwgc_auth PRIMARY KEY ");
data/spatialite-5.0.0/src/spatialite/metatables.c:1863:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "(view_name, view_geometry),\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1864:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "CONSTRAINT fk_vwgc_auth FOREIGN KEY ");
data/spatialite-5.0.0/src/spatialite/metatables.c:1865:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "(view_name, view_geometry) ");
data/spatialite-5.0.0/src/spatialite/metatables.c:1866:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "REFERENCES views_geometry_columns ");
data/spatialite-5.0.0/src/spatialite/metatables.c:1867:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "(view_name, view_geometry) ");
data/spatialite-5.0.0/src/spatialite/metatables.c:1868:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "ON DELETE CASCADE,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1869:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "CONSTRAINT ck_vwgc_hidden CHECK (hidden IN ");
data/spatialite-5.0.0/src/spatialite/metatables.c:1870:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "(0,1)))");
data/spatialite-5.0.0/src/spatialite/metatables.c:1879:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "CREATE TRIGGER IF NOT EXISTS vwgcau_view_name_insert\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1880:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "BEFORE INSERT ON 'views_geometry_columns_auth'\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1881:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "FOR EACH ROW BEGIN\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1882:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1884:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "view_name value must not contain a single quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1885:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.view_name LIKE ('%''%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1886:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1888:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "view_name value must not contain a double quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1889:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.view_name LIKE ('%\"%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1890:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1892:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "view_name value must be lower case')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1893:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.view_name <> lower(NEW.view_name);\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1894:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "END");
data/spatialite-5.0.0/src/spatialite/metatables.c:1902:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "CREATE TRIGGER IF NOT EXISTS vwgcau_view_name_update\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1903:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1905:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "FOR EACH ROW BEGIN\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1906:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1908:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "view_name value must not contain a single quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1909:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.view_name LIKE ('%''%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1910:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1912:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "view_name value must not contain a double quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1913:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.view_name LIKE ('%\"%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1914:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1916:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "view_name value must be lower case')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1917:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.view_name <> lower(NEW.view_name);\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1918:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "END");
data/spatialite-5.0.0/src/spatialite/metatables.c:1926:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "CREATE TRIGGER IF NOT EXISTS vwgcau_view_geometry_insert\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1927:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "BEFORE INSERT ON 'views_geometry_columns_auth'\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1928:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "FOR EACH ROW BEGIN\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1929:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1931:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "view_geometry value must not contain a single quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1932:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.view_geometry LIKE ('%''%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1933:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1935:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "view_geometry value must not contain a double quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1936:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.view_geometry LIKE ('%\"%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1937:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1939:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "view_geometry value must be lower case')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1940:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.view_geometry <> lower(NEW.view_geometry);\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1941:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "END");
data/spatialite-5.0.0/src/spatialite/metatables.c:1949:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "CREATE TRIGGER IF NOT EXISTS vwgcau_view_geometry_update\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1950:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1952:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "FOR EACH ROW BEGIN\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1953:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1955:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "view_geometry value must not contain a single quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1956:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.view_geometry LIKE ('%''%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1957:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1959:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "view_geometry value must not contain a double quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1960:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.view_geometry LIKE ('%\"%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1961:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:1963:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "view_geometry value must be lower case')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1964:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.view_geometry <> lower(NEW.view_geometry);\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1965:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "END");
data/spatialite-5.0.0/src/spatialite/metatables.c:1979:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sql[4186];
data/spatialite-5.0.0/src/spatialite/metatables.c:1990:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "CREATE TABLE IF NOT EXISTS ");
data/spatialite-5.0.0/src/spatialite/metatables.c:1991:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "virts_geometry_columns_auth (\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1992:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "virt_name TEXT NOT NULL,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1993:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "virt_geometry TEXT NOT NULL,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1994:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "hidden INTEGER NOT NULL,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1995:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "CONSTRAINT pk_vrtgc_auth PRIMARY KEY ");
data/spatialite-5.0.0/src/spatialite/metatables.c:1996:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "(virt_name, virt_geometry),\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:1997:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "CONSTRAINT fk_vrtgc_auth FOREIGN KEY ");
data/spatialite-5.0.0/src/spatialite/metatables.c:1998:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "(virt_name, virt_geometry) ");
data/spatialite-5.0.0/src/spatialite/metatables.c:1999:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "REFERENCES virts_geometry_columns ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2000:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "(virt_name, virt_geometry) ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2001:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "ON DELETE CASCADE,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2002:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "CONSTRAINT ck_vrtgc_hidden CHECK (hidden IN ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2003:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "(0,1)))");
data/spatialite-5.0.0/src/spatialite/metatables.c:2012:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "CREATE TRIGGER IF NOT EXISTS vtgcau_virt_name_insert\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2013:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "BEFORE INSERT ON 'virts_geometry_columns_auth'\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2014:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "FOR EACH ROW BEGIN\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2015:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:2017:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "virt_name value must not contain a single quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2018:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.virt_name LIKE ('%''%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2019:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:2021:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "virt_name value must not contain a double quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2022:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.virt_name LIKE ('%\"%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2023:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:2025:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "virt_name value must be lower case')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2026:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.virt_name <> lower(NEW.virt_name);\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2027:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "END");
data/spatialite-5.0.0/src/spatialite/metatables.c:2035:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "CREATE TRIGGER IF NOT EXISTS vtgcau_virt_name_update\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2036:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:2038:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "FOR EACH ROW BEGIN\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2039:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:2041:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "virt_name value must not contain a single quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2042:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.virt_name LIKE ('%''%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2043:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:2045:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "virt_name value must not contain a double quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2046:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.virt_name LIKE ('%\"%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2047:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:2049:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "virt_name value must be lower case')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2050:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.virt_name <> lower(NEW.virt_name);\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2051:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "END");
data/spatialite-5.0.0/src/spatialite/metatables.c:2059:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "CREATE TRIGGER IF NOT EXISTS vtgcau_virt_geometry_insert\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2060:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "BEFORE INSERT ON 'virts_geometry_columns_auth'\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2061:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "FOR EACH ROW BEGIN\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2062:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:2064:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "virt_geometry value must not contain a single quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2065:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.virt_geometry LIKE ('%''%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2066:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:2068:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "virt_geometry value must not contain a double quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2069:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.virt_geometry LIKE ('%\"%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2070:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:2072:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "virt_geometry value must be lower case')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2073:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.virt_geometry <> lower(NEW.virt_geometry);\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2074:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "END");
data/spatialite-5.0.0/src/spatialite/metatables.c:2082:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "CREATE TRIGGER IF NOT EXISTS vtgcau_virt_geometry_update\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2083:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:2085:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "FOR EACH ROW BEGIN\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2086:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:2088:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "virt_geometry value must not contain a single quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2089:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.virt_geometry LIKE ('%''%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2090:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:2092:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "virt_geometry value must not contain a double quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2093:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.virt_geometry LIKE ('%\"%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2094:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:2096:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "virt_geometry value must be lower case')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2097:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.virt_geometry <> lower(NEW.virt_geometry);\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2098:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "END");
data/spatialite-5.0.0/src/spatialite/metatables.c:2112:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sql[4186];
data/spatialite-5.0.0/src/spatialite/metatables.c:2123:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "CREATE VIEW IF NOT EXISTS ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2124:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "vector_layers AS\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2125:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "SELECT 'SpatialTable' AS layer_type, ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2126:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "f_table_name AS table_name, ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2127:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "f_geometry_column AS geometry_column, ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2128:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "geometry_type AS geometry_type, ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2129:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "coord_dimension AS coord_dimension, ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2130:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "srid AS srid, ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2131:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "spatial_index_enabled AS spatial_index_enabled\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2132:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "FROM geometry_columns\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2133:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "UNION\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2134:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "SELECT 'SpatialView' AS layer_type, ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2135:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "a.view_name AS table_name, ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2136:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "a.view_geometry AS geometry_column, ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2137:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "b.geometry_type AS geometry_type, ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2138:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "b.coord_dimension AS coord_dimension, ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2139:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "b.srid AS srid, ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2140:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "b.spatial_index_enabled AS spatial_index_enabled\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2141:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "FROM views_geometry_columns AS a\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2142:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "LEFT JOIN geometry_columns AS b ON (");
data/spatialite-5.0.0/src/spatialite/metatables.c:2143:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "Upper(a.f_table_name) = Upper(b.f_table_name) AND ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2144:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "Upper(a.f_geometry_column) = Upper(b.f_geometry_column))\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2145:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "UNION\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2146:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "SELECT 'VirtualShape' AS layer_type, ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2147:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "virt_name AS table_name, ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2148:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "virt_geometry AS geometry_column, ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2149:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "geometry_type AS geometry_type, ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2150:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "coord_dimension AS coord_dimension, ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2151:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "srid AS srid, ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2152:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "0 AS spatial_index_enabled\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2153:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "FROM virts_geometry_columns");
data/spatialite-5.0.0/src/spatialite/metatables.c:2162:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "CREATE VIEW IF NOT EXISTS ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2163:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "vector_layers_auth AS\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2164:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "SELECT 'SpatialTable' AS layer_type, ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2165:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "f_table_name AS table_name, ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2166:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "f_geometry_column AS geometry_column, ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2167:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "read_only AS read_only, ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2168:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "hidden AS hidden\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2169:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "FROM geometry_columns_auth\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2170:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "UNION\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2171:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "SELECT 'SpatialView' AS layer_type, ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2172:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "a.view_name AS table_name, ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2173:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "a.view_geometry AS geometry_column, ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2174:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "b.read_only AS read_only, ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2175:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "a.hidden AS hidden\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2176:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "FROM views_geometry_columns_auth AS a\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2177:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "JOIN views_geometry_columns AS b ON (");
data/spatialite-5.0.0/src/spatialite/metatables.c:2178:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "Upper(a.view_name) = Upper(b.view_name) AND ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2179:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "Upper(a.view_geometry) = Upper(b.view_geometry))\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2180:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "UNION\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2181:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "SELECT 'VirtualShape' AS layer_type, ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2182:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "virt_name AS table_name, ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2183:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "virt_geometry AS geometry_column, ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2184:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "1 AS read_only, ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2185:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "hidden AS hidden\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2186:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "FROM virts_geometry_columns_auth");
data/spatialite-5.0.0/src/spatialite/metatables.c:2195:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "CREATE VIEW IF NOT EXISTS ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2196:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "vector_layers_statistics AS\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2197:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "SELECT 'SpatialTable' AS layer_type, ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2198:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "f_table_name AS table_name, ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2199:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "f_geometry_column AS geometry_column, ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2200:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "last_verified AS last_verified, ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2201:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "row_count AS row_count, ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2202:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "extent_min_x AS extent_min_x, ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2203:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "extent_min_y AS extent_min_y, ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2204:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "extent_max_x AS extent_max_x, ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2205:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "extent_max_y AS extent_max_y\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2206:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "FROM geometry_columns_statistics\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2207:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "UNION\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2208:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "SELECT 'SpatialView' AS layer_type, ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2209:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "view_name AS table_name, ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2210:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "view_geometry AS geometry_column, ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2211:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "last_verified AS last_verified, ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2212:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "row_count AS row_count, ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2213:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "extent_min_x AS extent_min_x, ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2214:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "extent_min_y AS extent_min_y, ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2215:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "extent_max_x AS extent_max_x, ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2216:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "extent_max_y AS extent_max_y\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2217:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "FROM views_geometry_columns_statistics\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2218:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "UNION\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2219:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "SELECT 'VirtualShape' AS layer_type, ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2220:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "virt_name AS table_name, ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2221:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "virt_geometry AS geometry_column, ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2222:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "last_verified AS last_verified, ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2223:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "row_count AS row_count, ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2224:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "extent_min_x AS extent_min_x, ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2225:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "extent_min_y AS extent_min_y, ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2226:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "extent_max_x AS extent_max_x, ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2227:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "extent_max_y AS extent_max_y\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2228:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "FROM virts_geometry_columns_statistics");
data/spatialite-5.0.0/src/spatialite/metatables.c:2237:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "CREATE VIEW IF NOT EXISTS ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2238:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "vector_layers_field_infos AS\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2239:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "SELECT 'SpatialTable' AS layer_type, ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2240:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "f_table_name AS table_name, ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2241:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "f_geometry_column AS geometry_column, ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2242:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "ordinal AS ordinal, ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2243:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "column_name AS column_name, ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2244:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "null_values AS null_values, ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2245:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "integer_values AS integer_values, ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2246:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "double_values AS double_values, ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2247:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "text_values AS text_values, ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2248:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "blob_values AS blob_values, ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2249:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "max_size AS max_size, ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2250:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "integer_min AS integer_min, ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2251:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "integer_max AS integer_max, ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2252:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "double_min AS double_min, ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2253:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "double_max double_max\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2254:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "FROM geometry_columns_field_infos\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2255:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "UNION\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2256:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "SELECT 'SpatialView' AS layer_type, ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2257:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "view_name AS table_name, ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2258:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "view_geometry AS geometry_column, ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2259:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "ordinal AS ordinal, ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2260:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "column_name AS column_name, ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2261:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "null_values AS null_values, ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2262:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "integer_values AS integer_values, ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2263:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "double_values AS double_values, ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2264:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "text_values AS text_values, ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2265:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "blob_values AS blob_values, ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2266:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "max_size AS max_size, ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2267:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "integer_min AS integer_min, ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2268:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "integer_max AS integer_max, ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2269:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "double_min AS double_min, ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2270:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "double_max double_max\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2271:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "FROM views_geometry_columns_field_infos\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2272:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "UNION\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2273:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "SELECT 'VirtualShape' AS layer_type, ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2274:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "virt_name AS table_name, ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2275:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "virt_geometry AS geometry_column, ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2276:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "ordinal AS ordinal, ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2277:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "column_name AS column_name, ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2278:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "null_values AS null_values, ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2279:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "integer_values AS integer_values, ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2280:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "double_values AS double_values, ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2281:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "text_values AS text_values, ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2282:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "blob_values AS blob_values, ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2283:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "max_size AS max_size, ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2284:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "integer_min AS integer_min, ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2285:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "integer_max AS integer_max, ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2286:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "double_min AS double_min, ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2287:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "double_max double_max\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2288:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "FROM virts_geometry_columns_field_infos");
data/spatialite-5.0.0/src/spatialite/metatables.c:2302:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sql[4186];
data/spatialite-5.0.0/src/spatialite/metatables.c:2313:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "CREATE TABLE IF NOT EXISTS data_licenses (\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2314:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "\tid INTEGER PRIMARY KEY AUTOINCREMENT,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2315:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "\tname TEXT NOT NULL UNIQUE,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2316:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "\turl TEXT)");
data/spatialite-5.0.0/src/spatialite/metatables.c:2325:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "INSERT OR IGNORE INTO data_licenses (id, name, url) ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2326:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "VALUES (0, 'Undefined', NULL)");
data/spatialite-5.0.0/src/spatialite/metatables.c:2335:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "INSERT OR IGNORE INTO data_licenses (id, name, url) ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2336:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "VALUES (1, 'Proprietary - Non Free', NULL)");
data/spatialite-5.0.0/src/spatialite/metatables.c:2345:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "INSERT OR IGNORE INTO data_licenses (id, name, url) ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2346:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "VALUES (2, 'PD - Public Domain', NULL)");
data/spatialite-5.0.0/src/spatialite/metatables.c:2355:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "INSERT OR IGNORE INTO data_licenses (id, name, url) ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2356:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:2366:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "INSERT OR IGNORE INTO data_licenses (id, name, url) ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2367:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:2377:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "INSERT OR IGNORE INTO data_licenses (id, name, url) ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2378:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:2388:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "INSERT OR IGNORE INTO data_licenses (id, name, url) ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2389:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:2399:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "INSERT OR IGNORE INTO data_licenses (id, name, url) ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2400:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:2410:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "INSERT OR IGNORE INTO data_licenses (id, name, url) ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2411:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:2421:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "INSERT OR IGNORE INTO data_licenses (id, name, url) ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2422:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:2442:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sql[8192];
data/spatialite-5.0.0/src/spatialite/metatables.c:2514:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (name) != 0)
data/spatialite-5.0.0/src/spatialite/metatables.c:2524:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "CREATE TABLE layer_statistics (\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2525:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "raster_layer INTEGER NOT NULL,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2526:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "table_name TEXT NOT NULL,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2527:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "geometry_column TEXT NOT NULL,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2528:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "row_count INTEGER,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2529:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "extent_min_x DOUBLE,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2530:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "extent_min_y DOUBLE,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2531:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "extent_max_x DOUBLE,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2532:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "extent_max_y DOUBLE,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2533:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "CONSTRAINT pk_layer_statistics PRIMARY KEY ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2534:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "(raster_layer, table_name, geometry_column),\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2535:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "CONSTRAINT fk_layer_statistics FOREIGN KEY ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2536:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "(table_name, geometry_column) REFERENCES ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2537:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "geometry_columns (f_table_name, f_geometry_column) ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2538:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "ON DELETE CASCADE)");
data/spatialite-5.0.0/src/spatialite/metatables.c:2543:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "CREATE TABLE layer_statistics (\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2544:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "raster_layer INTEGER NOT NULL,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2545:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "table_name TEXT NOT NULL,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2546:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "geometry_column TEXT NOT NULL,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2547:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "row_count INTEGER,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2548:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "extent_min_x DOUBLE,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2549:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "extent_min_y DOUBLE,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2550:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "extent_max_x DOUBLE,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2551:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "extent_max_y DOUBLE,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2552:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "CONSTRAINT pk_layer_statistics PRIMARY KEY ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2553:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "(raster_layer, table_name, geometry_column))");
data/spatialite-5.0.0/src/spatialite/metatables.c:2569:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sql[8192];
data/spatialite-5.0.0/src/spatialite/metatables.c:2625:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "CREATE TABLE views_layer_statistics (\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2626:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "view_name TEXT NOT NULL,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2627:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "view_geometry TEXT NOT NULL,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2628:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "row_count INTEGER,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2629:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "extent_min_x DOUBLE,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2630:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "extent_min_y DOUBLE,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2631:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "extent_max_x DOUBLE,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2632:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "extent_max_y DOUBLE,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2633:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "CONSTRAINT pk_views_layer_statistics PRIMARY KEY ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2634:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "(view_name, view_geometry),\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2635:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "CONSTRAINT fk_views_layer_statistics FOREIGN KEY ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2636:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "(view_name, view_geometry) REFERENCES ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2637:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "views_geometry_columns (view_name, view_geometry) ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2638:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "ON DELETE CASCADE)");
data/spatialite-5.0.0/src/spatialite/metatables.c:2653:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sql[8192];
data/spatialite-5.0.0/src/spatialite/metatables.c:2709:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "CREATE TABLE virts_layer_statistics (\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2710:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "virt_name TEXT NOT NULL,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2711:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "virt_geometry TEXT NOT NULL,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2712:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "row_count INTEGER,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2713:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "extent_min_x DOUBLE,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2714:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "extent_min_y DOUBLE,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2715:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "extent_max_x DOUBLE,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2716:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "extent_max_y DOUBLE,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2717:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "CONSTRAINT pk_virts_layer_statistics PRIMARY KEY ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2718:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "(virt_name, virt_geometry),\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2719:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "CONSTRAINT fk_virts_layer_statistics FOREIGN KEY ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2720:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "(virt_name, virt_geometry) REFERENCES ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2721:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "virts_geometry_columns (virt_name, virt_geometry) ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2722:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "ON DELETE CASCADE)");
data/spatialite-5.0.0/src/spatialite/metatables.c:2732:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sql[4186];
data/spatialite-5.0.0/src/spatialite/metatables.c:2736:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "CREATE TABLE IF NOT EXISTS ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2737:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "sql_statements_log (\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2738:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "id INTEGER PRIMARY KEY AUTOINCREMENT,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2739:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:2741:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:2743:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "user_agent TEXT NOT NULL,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2744:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "sql_statement TEXT NOT NULL,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2745:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "success INTEGER NOT NULL DEFAULT 0,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2746:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "error_cause TEXT NOT NULL DEFAULT 'ABORTED',\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2747:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "CONSTRAINT sqllog_success CHECK ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2748:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "(success IN (0,1)))");
data/spatialite-5.0.0/src/spatialite/metatables.c:2802:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sql[4186];
data/spatialite-5.0.0/src/spatialite/metatables.c:2806:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "CREATE TABLE geometry_columns (\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2807:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "f_table_name TEXT NOT NULL,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2808:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "f_geometry_column TEXT NOT NULL,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2809:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "geometry_type INTEGER NOT NULL,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2810:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "coord_dimension INTEGER NOT NULL,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2811:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "srid INTEGER NOT NULL,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2812:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "spatial_index_enabled INTEGER NOT NULL,\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2813:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "CONSTRAINT pk_geom_cols PRIMARY KEY ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2814:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "(f_table_name, f_geometry_column),\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2815:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "CONSTRAINT fk_gc_srs FOREIGN KEY ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2816:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "(srid) REFERENCES spatial_ref_sys (srid),\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2817:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "CONSTRAINT ck_gc_rtree CHECK ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2818:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "(spatial_index_enabled IN (0,1,2)))");
data/spatialite-5.0.0/src/spatialite/metatables.c:2829:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "CREATE INDEX idx_srid_geocols ON geometry_columns\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2830:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "(srid) ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2839:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "CREATE TRIGGER geometry_columns_f_table_name_insert\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2840:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "BEFORE INSERT ON 'geometry_columns'\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2841:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "FOR EACH ROW BEGIN\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2842:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:2844:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "f_table_name value must not contain a single quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2845:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.f_table_name LIKE ('%''%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2846:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:2848:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "f_table_name value must not contain a double quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2849:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.f_table_name LIKE ('%\"%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2850:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:2852:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "f_table_name value must be lower case')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2853:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.f_table_name <> lower(NEW.f_table_name);\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2854:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "END");
data/spatialite-5.0.0/src/spatialite/metatables.c:2864:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "CREATE TRIGGER geometry_columns_f_table_name_update\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2865:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "BEFORE UPDATE OF 'f_table_name' ON 'geometry_columns'\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2866:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "FOR EACH ROW BEGIN\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2867:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:2869:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "f_table_name value must not contain a single quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2870:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.f_table_name LIKE ('%''%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2871:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:2873:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "f_table_name value must not contain a double quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2874:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.f_table_name LIKE ('%\"%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2875:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:2877:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "f_table_name value must be lower case')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2878:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.f_table_name <> lower(NEW.f_table_name);\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2879:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "END");
data/spatialite-5.0.0/src/spatialite/metatables.c:2889:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "CREATE TRIGGER geometry_columns_f_geometry_column_insert\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2890:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "BEFORE INSERT ON 'geometry_columns'\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2891:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "FOR EACH ROW BEGIN\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2892:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:2894:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "f_geometry_column value must not contain a single quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2895:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.f_geometry_column LIKE ('%''%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2896:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:2898:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "f_geometry_column value must not contain a double quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2899:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.f_geometry_column LIKE ('%\"%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2900:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:2902:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "f_geometry_column value must be lower case')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2903:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:2905:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "END");
data/spatialite-5.0.0/src/spatialite/metatables.c:2915:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "CREATE TRIGGER geometry_columns_f_geometry_column_update\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2916:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:2918:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "FOR EACH ROW BEGIN\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2919:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:2921:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "f_geometry_column value must not contain a single quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2922:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.f_geometry_column LIKE ('%''%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2923:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:2925:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "f_geometry_column value must not contain a double quote')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2926:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NEW.f_geometry_column LIKE ('%\"%');\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2927:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:2929:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "f_geometry_column value must be lower case')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2930:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:2932:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "END");
data/spatialite-5.0.0/src/spatialite/metatables.c:2942:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "CREATE TRIGGER geometry_columns_geometry_type_insert\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2943:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "BEFORE INSERT ON 'geometry_columns'\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2944:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "FOR EACH ROW BEGIN\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2945:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "SELECT RAISE(ABORT,'geometry_type must be one of ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2946:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "0,1,2,3,4,5,6,7,");
data/spatialite-5.0.0/src/spatialite/metatables.c:2947:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "1000,1001,1002,1003,1004,1005,1006,1007,");
data/spatialite-5.0.0/src/spatialite/metatables.c:2948:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "2000,2001,2002,2003,2004,2005,2006,2007,");
data/spatialite-5.0.0/src/spatialite/metatables.c:2949:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "3000,3001,3002,3003,3004,3005,3006,3007')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2950:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NOT(NEW.geometry_type IN (0,1,2,3,4,5,6,7,");
data/spatialite-5.0.0/src/spatialite/metatables.c:2951:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "1000,1001,1002,1003,1004,1005,1006,1007,");
data/spatialite-5.0.0/src/spatialite/metatables.c:2952:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "2000,2001,2002,2003,2004,2005,2006,2007,");
data/spatialite-5.0.0/src/spatialite/metatables.c:2953:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "3000,3001,3002,3003,3004,3005,3006,3007));\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2954:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "END");
data/spatialite-5.0.0/src/spatialite/metatables.c:2964:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "CREATE TRIGGER geometry_columns_geometry_type_update\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2965:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "BEFORE UPDATE OF 'geometry_type' ON 'geometry_columns'\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2966:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "FOR EACH ROW BEGIN\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2967:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "SELECT RAISE(ABORT,'geometry_type must be one of ");
data/spatialite-5.0.0/src/spatialite/metatables.c:2968:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "0,1,2,3,4,5,6,7,");
data/spatialite-5.0.0/src/spatialite/metatables.c:2969:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "1000,1001,1002,1003,1004,1005,1006,1007,");
data/spatialite-5.0.0/src/spatialite/metatables.c:2970:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "2000,2001,2002,2003,2004,2005,2006,2007,");
data/spatialite-5.0.0/src/spatialite/metatables.c:2971:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "3000,3001,3002,3003,3004,3005,3006,3007')\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2972:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NOT(NEW.geometry_type IN (0,1,2,3,4,5,6,7,");
data/spatialite-5.0.0/src/spatialite/metatables.c:2973:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "1000,1001,1002,1003,1004,1005,1006,1007,");
data/spatialite-5.0.0/src/spatialite/metatables.c:2974:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "2000,2001,2002,2003,2004,2005,2006,2007,");
data/spatialite-5.0.0/src/spatialite/metatables.c:2975:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "3000,3001,3002,3003,3004,3005,3006,3007));\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2976:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "END");
data/spatialite-5.0.0/src/spatialite/metatables.c:2986:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "CREATE TRIGGER geometry_columns_coord_dimension_insert\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2987:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "BEFORE INSERT ON 'geometry_columns'\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2988:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "FOR EACH ROW BEGIN\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2989:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:2991:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NOT(NEW.coord_dimension IN (2,3,4));\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:2992:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "END");
data/spatialite-5.0.0/src/spatialite/metatables.c:3002:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "CREATE TRIGGER geometry_columns_coord_dimension_update\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:3003:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "BEFORE UPDATE OF 'coord_dimension' ON 'geometry_columns'\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:3004:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "FOR EACH ROW BEGIN\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:3005:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/spatialite/metatables.c:3007:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE NOT(NEW.coord_dimension IN (2,3,4));\n");
data/spatialite-5.0.0/src/spatialite/metatables.c:3008:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "END");
data/spatialite-5.0.0/src/spatialite/metatables.c:5167:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (pk) != 0)
data/spatialite-5.0.0/src/spatialite/metatables.c:5169:42: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (strcasecmp (name, "rowid") == 0 && atoi (pk) != 0)
data/spatialite-5.0.0/src/spatialite/metatables.c:5233:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (pk) != 0)
data/spatialite-5.0.0/src/spatialite/metatables.c:5235:42: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (strcasecmp (name, "rowid") == 0 && atoi (pk) != 0)
data/spatialite-5.0.0/src/spatialite/spatialite.c:271:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (&p->z[p->nUsed], p->zSep, p->szSep);
data/spatialite-5.0.0/src/spatialite/spatialite.c:274:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (&p->z[p->nUsed], z, sz);
data/spatialite-5.0.0/src/spatialite/spatialite.c:297:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
zSql = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:302:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
x.zSep = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:427:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char rnd[16];
data/spatialite-5.0.0/src/spatialite/spatialite.c:428:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char random[40];
data/spatialite-5.0.0/src/spatialite/spatialite.c:436:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (p, "%02x", rnd[i]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:1011:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
type = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:1175:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:1441:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pkv[64];
data/spatialite-5.0.0/src/spatialite/spatialite.c:1448:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
rtree_table = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:1471:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[2]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:1543:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pkv[64];
data/spatialite-5.0.0/src/spatialite/spatialite.c:1550:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
db_prefix = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:1557:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
rtree_table = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:1580:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[3]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:1884:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
coverage = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:1935:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (results2[(j * columns2) + 0]) == 0)
data/spatialite-5.0.0/src/spatialite/spatialite.c:1999:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (results2[(j * columns2) + 0]) == 0)
data/spatialite-5.0.0/src/spatialite/spatialite.c:2052:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sql[1024];
data/spatialite-5.0.0/src/spatialite/spatialite.c:2089:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sql[1024];
data/spatialite-5.0.0/src/spatialite/spatialite.c:2145:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "PRAGMA table_info(gpkg_spatial_ref_sys)");
data/spatialite-5.0.0/src/spatialite/spatialite.c:2216:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sql[1024];
data/spatialite-5.0.0/src/spatialite/spatialite.c:2271:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "PRAGMA table_info(spatial_ref_sys)");
data/spatialite-5.0.0/src/spatialite/spatialite.c:2391:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
db_prefix = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:2508:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
db_prefix = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:2599:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
db_prefix = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:2624:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sql[8192];
data/spatialite-5.0.0/src/spatialite/spatialite.c:2636:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
xmode = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:2671:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
xmode = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:2689:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "CREATE TABLE spatial_ref_sys (\n");
data/spatialite-5.0.0/src/spatialite/spatialite.c:2690:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "srid INTEGER NOT NULL PRIMARY KEY,\n");
data/spatialite-5.0.0/src/spatialite/spatialite.c:2691:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "auth_name TEXT NOT NULL,\n");
data/spatialite-5.0.0/src/spatialite/spatialite.c:2692:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "auth_srid INTEGER NOT NULL,\n");
data/spatialite-5.0.0/src/spatialite/spatialite.c:2693:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "ref_sys_name TEXT NOT NULL DEFAULT 'Unknown',\n");
data/spatialite-5.0.0/src/spatialite/spatialite.c:2694:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "proj4text TEXT NOT NULL,\n");
data/spatialite-5.0.0/src/spatialite/spatialite.c:2695:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "srtext TEXT NOT NULL DEFAULT 'Undefined')");
data/spatialite-5.0.0/src/spatialite/spatialite.c:2699:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "CREATE UNIQUE INDEX idx_spatial_ref_sys \n");
data/spatialite-5.0.0/src/spatialite/spatialite.c:2700:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "ON spatial_ref_sys (auth_srid, auth_name)");
data/spatialite-5.0.0/src/spatialite/spatialite.c:2712:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "CREATE VIEW geom_cols_ref_sys AS\n");
data/spatialite-5.0.0/src/spatialite/spatialite.c:2713:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "SELECT f_table_name, f_geometry_column, geometry_type,\n");
data/spatialite-5.0.0/src/spatialite/spatialite.c:2714:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "coord_dimension, spatial_ref_sys.srid AS srid,\n");
data/spatialite-5.0.0/src/spatialite/spatialite.c:2715:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "auth_name, auth_srid, ref_sys_name, proj4text, srtext\n");
data/spatialite-5.0.0/src/spatialite/spatialite.c:2716:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "FROM geometry_columns, spatial_ref_sys\n");
data/spatialite-5.0.0/src/spatialite/spatialite.c:2717:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE geometry_columns.srid = spatial_ref_sys.srid");
data/spatialite-5.0.0/src/spatialite/spatialite.c:2735:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "CREATE VIRTUAL TABLE SpatialIndex ");
data/spatialite-5.0.0/src/spatialite/spatialite.c:2736:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "USING VirtualSpatialIndex()");
data/spatialite-5.0.0/src/spatialite/spatialite.c:2741:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "CREATE VIRTUAL TABLE ElementaryGeometries ");
data/spatialite-5.0.0/src/spatialite/spatialite.c:2742:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "USING VirtualElementary()");
data/spatialite-5.0.0/src/spatialite/spatialite.c:2749:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "CREATE VIRTUAL TABLE KNN ");
data/spatialite-5.0.0/src/spatialite/spatialite.c:2750:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "USING VirtualKNN()");
data/spatialite-5.0.0/src/spatialite/spatialite.c:2796:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sql[8192];
data/spatialite-5.0.0/src/spatialite/spatialite.c:2822:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "CREATE VIEW IF NOT EXISTS geom_cols_ref_sys AS\n");
data/spatialite-5.0.0/src/spatialite/spatialite.c:2823:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "SELECT f_table_name, f_geometry_column, geometry_type,\n");
data/spatialite-5.0.0/src/spatialite/spatialite.c:2824:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "coord_dimension, spatial_ref_sys.srid AS srid,\n");
data/spatialite-5.0.0/src/spatialite/spatialite.c:2825:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "auth_name, auth_srid, ref_sys_name, proj4text, srtext\n");
data/spatialite-5.0.0/src/spatialite/spatialite.c:2826:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "FROM geometry_columns, spatial_ref_sys\n");
data/spatialite-5.0.0/src/spatialite/spatialite.c:2827:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE geometry_columns.srid = spatial_ref_sys.srid");
data/spatialite-5.0.0/src/spatialite/spatialite.c:2836:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "CREATE VIRTUAL TABLE IF NOT EXISTS SpatialIndex ");
data/spatialite-5.0.0/src/spatialite/spatialite.c:2837:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "USING VirtualSpatialIndex()");
data/spatialite-5.0.0/src/spatialite/spatialite.c:2842:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "CREATE VIRTUAL TABLE IF NOT EXISTS ElementaryGeometries ");
data/spatialite-5.0.0/src/spatialite/spatialite.c:2843:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "USING VirtualElementary()");
data/spatialite-5.0.0/src/spatialite/spatialite.c:2850:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "CREATE VIRTUAL TABLE IF NOT EXISTS KNN ");
data/spatialite-5.0.0/src/spatialite/spatialite.c:2851:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "USING VirtualKNN()");
data/spatialite-5.0.0/src/spatialite/spatialite.c:2905:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (results[(i * columns) + 0]) == 1)
data/spatialite-5.0.0/src/spatialite/spatialite.c:2954:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
xmode = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:2983:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
xmode = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:3124:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
db_prefix = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:3133:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
in_table = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:3142:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
out_table = (const char *) sqlite3_value_text (argv[2]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:3242:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(const char *) sqlite3_value_text (argv[4]));
data/spatialite-5.0.0/src/spatialite/spatialite.c:3245:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(const char *) sqlite3_value_text (argv[5]));
data/spatialite-5.0.0/src/spatialite/spatialite.c:3248:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(const char *) sqlite3_value_text (argv[6]));
data/spatialite-5.0.0/src/spatialite/spatialite.c:3251:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(const char *) sqlite3_value_text (argv[7]));
data/spatialite-5.0.0/src/spatialite/spatialite.c:3254:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(const char *) sqlite3_value_text (argv[8]));
data/spatialite-5.0.0/src/spatialite/spatialite.c:3257:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(const char *) sqlite3_value_text (argv[9]));
data/spatialite-5.0.0/src/spatialite/spatialite.c:3260:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(const char *) sqlite3_value_text (argv[10]));
data/spatialite-5.0.0/src/spatialite/spatialite.c:3263:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(const char *) sqlite3_value_text (argv[11]));
data/spatialite-5.0.0/src/spatialite/spatialite.c:3266:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(const char *) sqlite3_value_text (argv[12]));
data/spatialite-5.0.0/src/spatialite/spatialite.c:3269:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(const char *) sqlite3_value_text (argv[13]));
data/spatialite-5.0.0/src/spatialite/spatialite.c:3343:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
db_prefix = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:3352:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
in_table = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:3361:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
out_table = (const char *) sqlite3_value_text (argv[2]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:3462:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(const char *) sqlite3_value_text (argv[4]));
data/spatialite-5.0.0/src/spatialite/spatialite.c:3465:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(const char *) sqlite3_value_text (argv[5]));
data/spatialite-5.0.0/src/spatialite/spatialite.c:3468:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(const char *) sqlite3_value_text (argv[6]));
data/spatialite-5.0.0/src/spatialite/spatialite.c:3471:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(const char *) sqlite3_value_text (argv[7]));
data/spatialite-5.0.0/src/spatialite/spatialite.c:3474:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(const char *) sqlite3_value_text (argv[8]));
data/spatialite-5.0.0/src/spatialite/spatialite.c:3477:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(const char *) sqlite3_value_text (argv[9]));
data/spatialite-5.0.0/src/spatialite/spatialite.c:3480:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(const char *) sqlite3_value_text (argv[10]));
data/spatialite-5.0.0/src/spatialite/spatialite.c:3483:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(const char *) sqlite3_value_text (argv[11]));
data/spatialite-5.0.0/src/spatialite/spatialite.c:3486:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(const char *) sqlite3_value_text (argv[12]));
data/spatialite-5.0.0/src/spatialite/spatialite.c:3489:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(const char *) sqlite3_value_text (argv[13]));
data/spatialite-5.0.0/src/spatialite/spatialite.c:3562:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
db_prefix = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:3646:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
db_prefix = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:3763:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
db_prefix = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:4323:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sql[1024];
data/spatialite-5.0.0/src/spatialite/spatialite.c:4344:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
table = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:4352:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
column = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:4601:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql,
data/spatialite-5.0.0/src/spatialite/spatialite.c:4925:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql,
data/spatialite-5.0.0/src/spatialite/spatialite.c:4927:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "read_only, hidden) VALUES (Lower(?), Lower(?), 0, 0)");
data/spatialite-5.0.0/src/spatialite/spatialite.c:4953:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql,
data/spatialite-5.0.0/src/spatialite/spatialite.c:4955:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "VALUES (Lower(?), Lower(?))");
data/spatialite-5.0.0/src/spatialite/spatialite.c:4981:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql,
data/spatialite-5.0.0/src/spatialite/spatialite.c:4983:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "VALUES (Lower(?), Lower(?))");
data/spatialite-5.0.0/src/spatialite/spatialite.c:5110:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
db_prefix = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:5118:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
table = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:5126:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
column = (const char *) sqlite3_value_text (argv[2]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:5679:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sql[1024];
data/spatialite-5.0.0/src/spatialite/spatialite.c:5698:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
table = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:5706:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
column = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:5953:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql,
data/spatialite-5.0.0/src/spatialite/spatialite.c:6213:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "', '");
data/spatialite-5.0.0/src/spatialite/spatialite.c:6419:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql,
data/spatialite-5.0.0/src/spatialite/spatialite.c:6421:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "read_only, hidden) VALUES (Lower(?), Lower(?), 0, 0)");
data/spatialite-5.0.0/src/spatialite/spatialite.c:6446:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql,
data/spatialite-5.0.0/src/spatialite/spatialite.c:6448:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "VALUES (Lower(?), Lower(?))");
data/spatialite-5.0.0/src/spatialite/spatialite.c:6473:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql,
data/spatialite-5.0.0/src/spatialite/spatialite.c:6475:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "VALUES (Lower(?), Lower(?))");
data/spatialite-5.0.0/src/spatialite/spatialite.c:6831:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char gtype[64];
data/spatialite-5.0.0/src/spatialite/spatialite.c:6910:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
srid = atoi (results[(i * columns) + 1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:7114:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sql[1024];
data/spatialite-5.0.0/src/spatialite/spatialite.c:7128:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "Virtual Geometry successfully registered");
data/spatialite-5.0.0/src/spatialite/spatialite.c:7200:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sql[1024];
data/spatialite-5.0.0/src/spatialite/spatialite.c:7206:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "CREATE TABLE spatial_ref_sys (\n");
data/spatialite-5.0.0/src/spatialite/spatialite.c:7207:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "srid INTEGER PRIMARY KEY,\n");
data/spatialite-5.0.0/src/spatialite/spatialite.c:7208:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "auth_name TEXT,\n");
data/spatialite-5.0.0/src/spatialite/spatialite.c:7209:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "auth_srid INTEGER,\n");
data/spatialite-5.0.0/src/spatialite/spatialite.c:7210:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "srtext TEXT)");
data/spatialite-5.0.0/src/spatialite/spatialite.c:7215:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "CREATE TABLE geometry_columns (\n");
data/spatialite-5.0.0/src/spatialite/spatialite.c:7216:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "f_table_name TEXT,\n");
data/spatialite-5.0.0/src/spatialite/spatialite.c:7217:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "f_geometry_column TEXT,\n");
data/spatialite-5.0.0/src/spatialite/spatialite.c:7218:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "geometry_type INTEGER,\n");
data/spatialite-5.0.0/src/spatialite/spatialite.c:7219:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "coord_dimension INTEGER,\n");
data/spatialite-5.0.0/src/spatialite/spatialite.c:7220:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "srid INTEGER,\n");
data/spatialite-5.0.0/src/spatialite/spatialite.c:7221:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "geometry_format TEXT)");
data/spatialite-5.0.0/src/spatialite/spatialite.c:7377:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char xformat[64];
data/spatialite-5.0.0/src/spatialite/spatialite.c:7404:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
table = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:7412:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
column = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:7444:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
format = (const char *) sqlite3_value_text (argv[5]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:7472:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (xformat, "WKT");
data/spatialite-5.0.0/src/spatialite/spatialite.c:7474:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (xformat, "WKB");
data/spatialite-5.0.0/src/spatialite/spatialite.c:7476:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (xformat, "FGF");
data/spatialite-5.0.0/src/spatialite/spatialite.c:7478:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (xformat, "SPATIALITE");
data/spatialite-5.0.0/src/spatialite/spatialite.c:7646:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char xformat[64];
data/spatialite-5.0.0/src/spatialite/spatialite.c:7667:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
table = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:7675:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
column = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:7707:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
format = (const char *) sqlite3_value_text (argv[5]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:7735:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (xformat, "WKT");
data/spatialite-5.0.0/src/spatialite/spatialite.c:7737:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (xformat, "WKB");
data/spatialite-5.0.0/src/spatialite/spatialite.c:7739:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (xformat, "FGF");
data/spatialite-5.0.0/src/spatialite/spatialite.c:7741:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (xformat, "SPATIALITE");
data/spatialite-5.0.0/src/spatialite/spatialite.c:7875:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:7881:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
name = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:7922:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sql[1024];
data/spatialite-5.0.0/src/spatialite/spatialite.c:8155:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "Check SpatialIndex: is valid");
data/spatialite-5.0.0/src/spatialite/spatialite.c:8164:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "Check SpatialIndex: INCONSISTENCIES detected");
data/spatialite-5.0.0/src/spatialite/spatialite.c:8196:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sql[1024];
data/spatialite-5.0.0/src/spatialite/spatialite.c:8202:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql,
data/spatialite-5.0.0/src/spatialite/spatialite.c:8204:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE spatial_index_enabled = 1");
data/spatialite-5.0.0/src/spatialite/spatialite.c:8503:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
db_prefix = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:8518:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
table = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:8528:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
column = (const char *) sqlite3_value_text (argv[2]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:8559:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sql[1024];
data/spatialite-5.0.0/src/spatialite/spatialite.c:8615:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql,
data/spatialite-5.0.0/src/spatialite/spatialite.c:8622:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "SpatialIndex: unable to rebuild the R*Tree");
data/spatialite-5.0.0/src/spatialite/spatialite.c:8628:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "SpatialIndex: successfully recovered");
data/spatialite-5.0.0/src/spatialite/spatialite.c:8645:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sql[1024];
data/spatialite-5.0.0/src/spatialite/spatialite.c:8653:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql,
data/spatialite-5.0.0/src/spatialite/spatialite.c:8655:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "WHERE spatial_index_enabled = 1");
data/spatialite-5.0.0/src/spatialite/spatialite.c:8860:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sql[128];
data/spatialite-5.0.0/src/spatialite/spatialite.c:8876:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql,
data/spatialite-5.0.0/src/spatialite/spatialite.c:8925:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sql[128];
data/spatialite-5.0.0/src/spatialite/spatialite.c:8941:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql,
data/spatialite-5.0.0/src/spatialite/spatialite.c:9002:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
db_prefix = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:9010:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
table = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:9018:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
column = (const char *) sqlite3_value_text (argv[2]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:9087:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sql[1024];
data/spatialite-5.0.0/src/spatialite/spatialite.c:9099:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
table = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:9107:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
column = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:9143:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "R*Tree Spatial Index successfully created");
data/spatialite-5.0.0/src/spatialite/spatialite.c:9166:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sql[1024];
data/spatialite-5.0.0/src/spatialite/spatialite.c:9178:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
table = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:9186:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
column = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:9207:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "MbrCache successfully created");
data/spatialite-5.0.0/src/spatialite/spatialite.c:9230:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sql[1024];
data/spatialite-5.0.0/src/spatialite/spatialite.c:9243:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
table = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:9251:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
column = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:9273:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "SpatialIndex successfully disabled");
data/spatialite-5.0.0/src/spatialite/spatialite.c:9311:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
table = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:9319:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
column = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:9375:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
table = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:9386:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
column = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:9506:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
table = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:9517:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
column = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:9570:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
table = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:9581:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
column = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:9754:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
url = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:9763:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
title = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:9764:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
abstract = (const char *) sqlite3_value_text (argv[2]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:9790:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
url = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:9820:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
url = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:9821:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
title = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:9822:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
abstract = (const char *) sqlite3_value_text (argv[2]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:9907:34: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
getcapabilities_url = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:9908:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
getmap_url = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:9909:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
layer_name = (const char *) sqlite3_value_text (argv[2]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:9920:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
version = (const char *) sqlite3_value_text (argv[3]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:9921:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
ref_sys = (const char *) sqlite3_value_text (argv[4]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:9922:26: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
image_format = (const char *) sqlite3_value_text (argv[5]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:9923:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
style = (const char *) sqlite3_value_text (argv[6]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:9963:33: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
getcapabilities_url = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:9964:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
getmap_url = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:9965:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
layer_name = (const char *) sqlite3_value_text (argv[2]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:9966:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
title = (const char *) sqlite3_value_text (argv[3]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:9967:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
abstract = (const char *) sqlite3_value_text (argv[4]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:9968:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
version = (const char *) sqlite3_value_text (argv[5]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:9969:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
ref_sys = (const char *) sqlite3_value_text (argv[6]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:9970:26: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
image_format = (const char *) sqlite3_value_text (argv[7]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:9971:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
style = (const char *) sqlite3_value_text (argv[8]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:9994:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
bgcolor = (const char *) sqlite3_value_text (argv[15]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:10009:36: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
getfeatureinfo_url = (const char *) sqlite3_value_text (argv[17]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:10047:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
url = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:10048:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
layer_name = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:10079:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
url = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:10080:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
layer_name = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:10081:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
title = (const char *) sqlite3_value_text (argv[2]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:10082:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
abstract = (const char *) sqlite3_value_text (argv[3]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:10114:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
url = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:10115:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
layer_name = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:10119:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
copyright = (const char *) sqlite3_value_text (argv[2]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:10128:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
license = (const char *) sqlite3_value_text (argv[3]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:10181:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
url = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:10182:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
layer_name = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:10188:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
bgcolor = (const char *) sqlite3_value_text (argv[2]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:10221:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(const char *) sqlite3_value_text (argv[3]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:10305:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
url = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:10311:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
layer_name = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:10317:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
key = (const char *) sqlite3_value_text (argv[2]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:10323:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
value = (const char *) sqlite3_value_text (argv[3]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:10361:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
url = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:10367:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
layer_name = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:10373:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
key = (const char *) sqlite3_value_text (argv[2]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:10379:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
value = (const char *) sqlite3_value_text (argv[3]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:10410:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
url = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:10411:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
layer_name = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:10412:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
key = (const char *) sqlite3_value_text (argv[2]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:10413:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
value = (const char *) sqlite3_value_text (argv[3]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:10449:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
url = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:10455:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
layer_name = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:10461:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
ref_sys = (const char *) sqlite3_value_text (argv[2]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:10547:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
url = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:10553:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
layer_name = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:10559:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
ref_sys = (const char *) sqlite3_value_text (argv[2]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:10588:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
url = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:10589:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
layer_name = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:10590:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
ref_sys = (const char *) sqlite3_value_text (argv[2]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:10623:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
getmap_url = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:10629:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
layer_name = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:10735:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
getmap_url = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:10741:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
layer_name = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:10856:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
license_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:10860:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
url = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:10891:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
license_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:10918:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
old_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:10919:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
new_name = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:10946:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
license_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:10947:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
url = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:11044:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
table = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:11053:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
column = (const char *) sqlite3_value_text (argv[2]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:11066:30: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
master_table = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:11075:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
table = (const char *) sqlite3_value_text (argv[2]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:11084:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
column = (const char *) sqlite3_value_text (argv[3]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:11249:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:11315:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:11377:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:11484:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:11583:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dummy[128];
data/spatialite-5.0.0/src/spatialite/spatialite.c:11602:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:11635:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
desc = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:11671:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[2]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:11819:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:11835:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:11841:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:11858:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:11927:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:11947:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:11964:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:12018:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:12065:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:12116:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(const unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:12193:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(const char *) sqlite3_value_text (argv[0]),
data/spatialite-5.0.0/src/spatialite/spatialite.c:12214:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(const unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:12288:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(const char *) sqlite3_value_text (argv[0]),
data/spatialite-5.0.0/src/spatialite/spatialite.c:12942:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:13253:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:13275:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:14387:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:14492:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:14497:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:15198:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:15244:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:15297:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:15350:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:15420:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:15504:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:15571:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:15632:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:15692:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:15753:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:15814:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:15875:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:15936:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:15997:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:16067:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:16136:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:16195:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:16276:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:16358:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:16448:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:16509:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:16570:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:16627:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:16680:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:16732:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:16779:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:16822:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:16868:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:16913:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:16975:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:17023:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:17198:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:17295:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
srid = atoi (results[(i * n_columns) + 0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:17320:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:17379:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:17416:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:17456:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:17516:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:17597:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:17687:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:17777:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:17867:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:17949:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:18023:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:18467:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:18598:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:18648:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:18698:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:18748:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:18956:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:19001:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:19046:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:19097:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:19148:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:19220:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:19348:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:19433:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:19496:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:19593:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:19660:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:19731:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:19862:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:19878:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:20188:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:20211:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[2]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:20252:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:20268:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:20311:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:20327:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:20394:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:20524:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:20541:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:20794:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:20869:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:20898:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char garsMapping[24] = { 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'J',
data/spatialite-5.0.0/src/spatialite/spatialite.c:20957:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
text = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:21137:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char p_result[8];
data/spatialite-5.0.0/src/spatialite/spatialite.c:21157:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:21197:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (p_result, "%03i", lon_band);
data/spatialite-5.0.0/src/spatialite/spatialite.c:21223:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (&(p_result[5]), "%i", segmentNumber);
data/spatialite-5.0.0/src/spatialite/spatialite.c:21250:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (&(p_result[6]), "%i", segmentNumber);
data/spatialite-5.0.0/src/spatialite/spatialite.c:21306:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:21538:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:21541:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:21700:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:21798:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:21888:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:21940:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:21992:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:22075:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:22139:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:22205:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:22255:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:22429:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:22484:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:22702:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:22765:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:22826:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:22936:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:22992:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:23065:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:23161:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:23226:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob1 = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:23231:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob2 = (unsigned char *) sqlite3_value_blob (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:23317:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:23375:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:23435:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:23536:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[2]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:23582:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
proj_string_1 = (const char *) sqlite3_value_text (argv[3]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:23603:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
proj_string_2 = (const char *) sqlite3_value_text (argv[4]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:23611:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:23787:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:23890:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:24004:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
path = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:24030:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
auth_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:24074:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
auth_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:24091:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *wkt = (const char *) sqlite3_value_text (argv[2]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:24153:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
wkt = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:24185:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
basepath = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:24193:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
in = fopen (path, "rb");
data/spatialite-5.0.0/src/spatialite/spatialite.c:24246:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
zip_path = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:24253:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
basepath = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:24429:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:24536:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:24600:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:24660:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:24703:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:24755:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:24810:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:24919:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:25172:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:25327:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:25379:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:25431:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:25483:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:25540:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:25664:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:25789:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:25875:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
encoded = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:25950:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:26068:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:26229:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:26297:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:26389:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:26463:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:26525:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:26608:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:26679:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:26684:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:26784:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:26944:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:26949:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:27020:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:27025:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:27096:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:27101:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:27172:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:27177:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:27234:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
blob1 = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:27238:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
blob2 = (unsigned char *) sqlite3_value_blob (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:27296:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
blob1 = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:27300:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
blob2 = (unsigned char *) sqlite3_value_blob (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:27358:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
blob1 = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:27362:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
blob2 = (unsigned char *) sqlite3_value_blob (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:27420:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
blob1 = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:27424:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
blob2 = (unsigned char *) sqlite3_value_blob (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:27482:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
blob1 = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:27486:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
blob2 = (unsigned char *) sqlite3_value_blob (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:27544:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
blob1 = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:27548:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
blob2 = (unsigned char *) sqlite3_value_blob (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:27606:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
blob1 = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:27610:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
blob2 = (unsigned char *) sqlite3_value_blob (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:27697:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
pattern = (const char *) sqlite3_value_text (argv[2]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:27706:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:27711:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:27780:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
matrix = (char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:27787:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
pattern = (char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:27846:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:27851:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:28072:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:28077:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:28655:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:28739:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:28805:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:28810:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:28885:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:28890:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:28950:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:28955:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:29028:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:29033:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:29096:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:29101:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:29170:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
blob1 = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:29174:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
blob2 = (unsigned char *) sqlite3_value_blob (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:29232:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
blob1 = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:29236:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
blob2 = (unsigned char *) sqlite3_value_blob (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:29302:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:29378:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:29448:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:29453:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:29533:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:29599:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:29604:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:29711:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:29716:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:29799:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:29804:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:29867:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:29927:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:30041:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[3]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:30070:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:30202:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[3]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:30231:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:30364:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[3]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:30393:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:30481:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:30486:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:30742:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:30888:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:31000:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:31113:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:31218:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:31287:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:31357:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:31462:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:31467:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:31545:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:31555:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:31622:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:31632:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:31699:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:31709:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:31796:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:31816:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:31920:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:32007:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:32032:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sql[1024];
data/spatialite-5.0.0/src/spatialite/spatialite.c:32043:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (sql,
data/spatialite-5.0.0/src/spatialite/spatialite.c:32047:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (sql, "SELECT auth_name || ':' || auth_srid "
data/spatialite-5.0.0/src/spatialite/spatialite.c:32126:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
refid = (const char *) sqlite3_value_text (argv[3]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:32134:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:32197:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:32202:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:32254:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:32259:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:32311:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:32316:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:32366:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:32628:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:32715:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:32805:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
in_db_prefix = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:32812:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
input_table = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:32821:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
input_geom = (const char *) sqlite3_value_text (argv[2]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:32830:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
blade_db_prefix = (const char *) sqlite3_value_text (argv[3]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:32837:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
blade_table = (const char *) sqlite3_value_text (argv[4]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:32846:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
blade_geom = (const char *) sqlite3_value_text (argv[5]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:32853:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
output_table = (const char *) sqlite3_value_text (argv[6]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:32941:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:32951:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
blob = (unsigned char *) sqlite3_value_blob (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:33052:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:33062:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
blob = (unsigned char *) sqlite3_value_blob (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:33467:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char format[32];
data/spatialite-5.0.0/src/spatialite/spatialite.c:33481:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (format, "%%0%dlld", length);
data/spatialite-5.0.0/src/spatialite/spatialite.c:33495:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char format[32];
data/spatialite-5.0.0/src/spatialite/spatialite.c:33508:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (format, "%%0%d.18f", length + 19);
data/spatialite-5.0.0/src/spatialite/spatialite.c:33533:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
txt = (char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:33876:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char rnd[16];
data/spatialite-5.0.0/src/spatialite/spatialite.c:33877:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uuid[64];
data/spatialite-5.0.0/src/spatialite/spatialite.c:33886:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (p, "%02x", rnd[i]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:34044:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
table = (char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:34050:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
geom_col = (char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:34056:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
path = (char *) sqlite3_value_text (argv[2]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:34066:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
fmt = (char *) sqlite3_value_text (argv[3]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:34147:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
table = (char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:34157:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
geom_col = (char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:34164:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
path = (char *) sqlite3_value_text (argv[2]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:34210:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *val = (char *) sqlite3_value_text (argv[7]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:34270:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
path = (char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:34276:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
table = (char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:34284:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
geom_col = (char *) sqlite3_value_text (argv[2]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:34313:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *val = (char *) sqlite3_value_text (argv[5]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:34358:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
url = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:34367:29: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
out_charset = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:34400:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
encoded = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:34409:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
in_charset = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:34440:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
zip_path = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:34469:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
zip_path = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:34506:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
zip_path = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:34535:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
zip_path = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:34578:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
path = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:34609:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
path = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:34640:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
path = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:34670:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
path = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:34700:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
dirty = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:34726:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/spatialite-5.0.0/src/spatialite/spatialite.c:34731:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
str = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:34734:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buf, "%I64d", sqlite3_value_int64 (argv[0]));
data/spatialite-5.0.0/src/spatialite/spatialite.c:34736:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buf, "%lld", sqlite3_value_int64 (argv[0]));
data/spatialite-5.0.0/src/spatialite/spatialite.c:34739:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (buf, "ILLEGAL_VALUE");
data/spatialite-5.0.0/src/spatialite/spatialite.c:34744:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *sep = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:35645:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:35731:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:35764:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:35983:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
path = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:35989:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:35991:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
in = fopen (path, "rb");
data/spatialite-5.0.0/src/spatialite/spatialite.c:36053:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
path = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:36059:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:36061:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out = fopen (path, "wb");
data/spatialite-5.0.0/src/spatialite/spatialite.c:36151:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
filename = (char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:36172:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
value = (const char *) sqlite3_value_text (argv[3]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:36189:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
value = (const char *) sqlite3_value_text (argv[4]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:36204:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
value = (const char *) sqlite3_value_text (argv[5]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:36217:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
prefix = (char *) sqlite3_value_text (argv[6]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:36224:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
layer_name = (char *) sqlite3_value_text (argv[7]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:36352:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
dir_path = (char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:36373:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
value = (const char *) sqlite3_value_text (argv[3]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:36390:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
value = (const char *) sqlite3_value_text (argv[4]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:36405:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
value = (const char *) sqlite3_value_text (argv[5]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:36418:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
prefix = (char *) sqlite3_value_text (argv[6]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:36425:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
layer_name = (char *) sqlite3_value_text (argv[7]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:36483:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
dir_path = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:36485:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
filename = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:36487:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
sql_query = (const char *) sqlite3_value_text (argv[2]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:36489:26: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
layer_col_name = (const char *) sqlite3_value_text (argv[3]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:36491:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
geom_col_name = (const char *) sqlite3_value_text (argv[4]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:36493:26: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
label_col_name = (const char *) sqlite3_value_text (argv[5]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:36495:32: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
text_height_col_name = (const char *) sqlite3_value_text (argv[6]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:36497:34: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
text_rotation_col_name = (const char *) sqlite3_value_text (argv[7]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:36500:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[8]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:36521:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out = fopen (path, "wb");
data/spatialite-5.0.0/src/spatialite/spatialite.c:36566:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
table = (char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:36598:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
table = (char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:36649:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
in_table = (char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:36655:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
geo_column = (char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:36661:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
out_table = (char *) sqlite3_value_text (argv[2]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:36667:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
out_pk = (char *) sqlite3_value_text (argv[3]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:36673:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
out_multi_id = (char *) sqlite3_value_text (argv[4]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:36766:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(const char *) sqlite3_value_text (argv[6]));
data/spatialite-5.0.0/src/spatialite/spatialite.c:36769:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(const char *) sqlite3_value_text (argv[7]));
data/spatialite-5.0.0/src/spatialite/spatialite.c:36772:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(const char *) sqlite3_value_text (argv[8]));
data/spatialite-5.0.0/src/spatialite/spatialite.c:36775:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(const char *) sqlite3_value_text (argv[9]));
data/spatialite-5.0.0/src/spatialite/spatialite.c:36778:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(const char *) sqlite3_value_text (argv[10]));
data/spatialite-5.0.0/src/spatialite/spatialite.c:36781:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(const char *) sqlite3_value_text (argv[11]));
data/spatialite-5.0.0/src/spatialite/spatialite.c:36784:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(const char *) sqlite3_value_text (argv[12]));
data/spatialite-5.0.0/src/spatialite/spatialite.c:36787:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(const char *) sqlite3_value_text (argv[13]));
data/spatialite-5.0.0/src/spatialite/spatialite.c:36790:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(const char *) sqlite3_value_text (argv[14]));
data/spatialite-5.0.0/src/spatialite/spatialite.c:36793:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(const char *) sqlite3_value_text (argv[15]));
data/spatialite-5.0.0/src/spatialite/spatialite.c:36836:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
table = (char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:36843:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
table = (char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:36849:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
db_prefix = (char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:36850:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
table = (char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:36897:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
db_prefix = (char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:36903:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
table = (char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:36968:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
db_prefix = (char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:36974:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
old_name = (char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:36980:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
new_name = (char *) sqlite3_value_text (argv[2]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:37053:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
db_prefix = (char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:37059:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
table = (char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:37065:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
old_name = (char *) sqlite3_value_text (argv[2]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:37071:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
new_name = (char *) sqlite3_value_text (argv[3]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:37154:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
filepath = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:37235:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
sql = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:37240:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
charset = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:37288:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
filepath = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:37293:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
charset = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:37642:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
var_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:37701:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
str = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:37768:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
text = (const char *) sqlite3_value_text (argv[i]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:38138:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
txt = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:38144:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
blob = (const unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:38213:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:38214:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
title = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:38267:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:38298:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:38333:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:38334:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
title = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:38375:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:38426:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:38565:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:38693:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:38694:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
title = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:38755:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:38788:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:38819:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:38854:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:38855:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
title = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:38900:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:38965:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
db_prefix = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:38971:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
input_table = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:38975:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
geom_column = (const char *) sqlite3_value_text (argv[2]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:38980:26: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
from_column = (const char *) sqlite3_value_text (argv[3]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:38983:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
to_column = (const char *) sqlite3_value_text (argv[4]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:39081:33: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
routing_data_table = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:39084:36: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
virtual_routing_table = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:39087:26: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
input_table = (const char *) sqlite3_value_text (argv[2]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:39090:26: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
from_column = (const char *) sqlite3_value_text (argv[3]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:39093:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
to_column = (const char *) sqlite3_value_text (argv[4]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:39097:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
geom_column = (const char *) sqlite3_value_text (argv[5]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:39103:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
cost_column = (const char *) sqlite3_value_text (argv[6]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:39111:29: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
name_column = (const char *) sqlite3_value_text (argv[7]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:39126:29: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
oneway_from = (const char *) sqlite3_value_text (argv[10]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:39132:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
oneway_to = (const char *) sqlite3_value_text (argv[11]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:39297:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
filename = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:39303:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
table = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:39371:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
path = (char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:39377:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
table = (char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:39383:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
charset = (char *) sqlite3_value_text (argv[2]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:39392:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
pk_column = (char *) sqlite3_value_text (argv[3]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:39413:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *val = (char *) sqlite3_value_text (argv[5]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:39459:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
table = (char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:39465:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
path = (char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:39471:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
charset = (char *) sqlite3_value_text (argv[2]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:39481:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *val = (char *) sqlite3_value_text (argv[3]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:39569:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
path = (char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:39575:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
table = (char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:39581:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
charset = (char *) sqlite3_value_text (argv[2]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:39600:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
geo_column = (char *) sqlite3_value_text (argv[4]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:39610:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
pk_column = (char *) sqlite3_value_text (argv[5]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:39620:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
geom_type = (char *) sqlite3_value_text (argv[6]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:39671:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *val = (char *) sqlite3_value_text (argv[11]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:39753:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
zip_path = (char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:39759:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
path = (char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:39765:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
table = (char *) sqlite3_value_text (argv[2]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:39771:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
charset = (char *) sqlite3_value_text (argv[3]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:39780:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
pk_column = (char *) sqlite3_value_text (argv[4]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:39801:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *val = (char *) sqlite3_value_text (argv[6]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:39891:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
zip_path = (char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:39897:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
path = (char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:39903:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
table = (char *) sqlite3_value_text (argv[2]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:39909:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
charset = (char *) sqlite3_value_text (argv[3]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:39928:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
geo_column = (char *) sqlite3_value_text (argv[5]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:39938:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
pk_column = (char *) sqlite3_value_text (argv[6]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:39948:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
geom_type = (char *) sqlite3_value_text (argv[7]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:39999:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *val = (char *) sqlite3_value_text (argv[12]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:40082:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
table = (char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:40088:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
column = (char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:40094:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
path = (char *) sqlite3_value_text (argv[2]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:40100:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
charset = (char *) sqlite3_value_text (argv[3]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:40109:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
geom_type = (char *) sqlite3_value_text (argv[4]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:40120:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *val = (char *) sqlite3_value_text (argv[5]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:40176:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
table = (char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:40182:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
geom_col = (char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:40188:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
path = (char *) sqlite3_value_text (argv[2]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:40207:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
name_col = (char *) sqlite3_value_text (argv[4]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:40217:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
descr_col = (char *) sqlite3_value_text (argv[5]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:40278:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
path_or_url = (char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:40284:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
layer_name = (char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:40290:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
table = (char *) sqlite3_value_text (argv[2]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:40299:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
pk_column = (char *) sqlite3_value_text (argv[3]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:40680:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:40792:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:40901:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:40906:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:40979:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:40984:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:41057:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:41062:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:41123:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:41128:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:41190:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:41195:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:41512:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
dms = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:41538:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
dms = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:41621:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
seq_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:41663:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
seq_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:41699:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
seq_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:41959:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
xlink_href = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:41964:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
title = (const char *) sqlite3_value_text (argv[2]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:41965:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
abstract = (const char *) sqlite3_value_text (argv[3]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:41966:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
file_name = (const char *) sqlite3_value_text (argv[4]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:41993:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
xlink_href = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:42036:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
coverage_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:42037:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
f_table_name = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:42038:32: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
f_geometry_column = (const char *) sqlite3_value_text (argv[2]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:42047:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
title = (const char *) sqlite3_value_text (argv[3]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:42048:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
abstract = (const char *) sqlite3_value_text (argv[4]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:42106:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
coverage_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:42107:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
view_name = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:42108:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
view_geometry = (const char *) sqlite3_value_text (argv[2]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:42117:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
title = (const char *) sqlite3_value_text (argv[3]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:42118:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
abstract = (const char *) sqlite3_value_text (argv[4]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:42178:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
coverage_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:42179:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
virt_name = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:42180:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
virt_geometry = (const char *) sqlite3_value_text (argv[2]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:42189:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
title = (const char *) sqlite3_value_text (argv[3]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:42190:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
abstract = (const char *) sqlite3_value_text (argv[4]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:42241:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
coverage_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:42242:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
topogeo_name = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:42251:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
title = (const char *) sqlite3_value_text (argv[2]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:42252:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
abstract = (const char *) sqlite3_value_text (argv[3]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:42304:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
coverage_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:42305:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
toponet_name = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:42314:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
title = (const char *) sqlite3_value_text (argv[2]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:42315:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
abstract = (const char *) sqlite3_value_text (argv[3]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:42354:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
coverage_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:42390:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
coverage_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:42391:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
title = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:42392:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
abstract = (const char *) sqlite3_value_text (argv[2]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:42438:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
copyright = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:42444:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
coverage_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:42448:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
license = (const char *) sqlite3_value_text (argv[2]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:42483:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
coverage_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:42511:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
coverage_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:42539:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
coverage_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:42540:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
keyword = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:42567:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
coverage_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:42568:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
keyword = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:42599:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
coverage_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:42620:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
coverage_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:42677:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:42710:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:42776:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
style_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:42818:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
style_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:42859:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
coverage_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:42863:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
style_name = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:42898:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
coverage_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:42902:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
style_name = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:42962:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
style_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:43004:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
style_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:43045:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
coverage_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:43049:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
style_name = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:43085:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
coverage_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:43089:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
style_name = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:43123:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
coverage_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:43151:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
coverage_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:43179:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
coverage_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:43180:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
keyword = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:43207:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
coverage_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:43208:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
keyword = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:43239:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
coverage_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:43260:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
coverage_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:43327:29: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
fileIdentifier = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:43381:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
scope = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:43389:32: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
fileIdentifier = (const char *) sqlite3_value_text (argv[2]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:43449:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
xml = (const unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:43476:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
schemaURI = (const char *) sqlite3_value_text (argv[2]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:43508:26: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
path_or_url = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:43602:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
path = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:43733:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
schemaURI = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:43824:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:43850:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:43876:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:43902:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:43928:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:43954:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:43979:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:44004:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:44029:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:44054:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:44079:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:44204:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
identifier = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:44242:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
identifier = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:44316:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
identifier = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:44318:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
ns_id = (const char *) sqlite3_value_text (argv[2]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:44320:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
uri_id = (const char *) sqlite3_value_text (argv[3]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:44322:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
ns_charstr = (const char *) sqlite3_value_text (argv[4]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:44324:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
uri_charstr = (const char *) sqlite3_value_text (argv[5]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:44398:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
identifier = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:44400:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
ns_id = (const char *) sqlite3_value_text (argv[2]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:44402:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
uri_id = (const char *) sqlite3_value_text (argv[3]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:44404:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
ns_charstr = (const char *) sqlite3_value_text (argv[4]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:44406:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
uri_charstr = (const char *) sqlite3_value_text (argv[5]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:44689:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
xpath = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:46155:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
blob = (const unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:46189:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
blob = (const unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:46321:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob0 = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:46323:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob1 = (unsigned char *) sqlite3_value_blob (argv[1]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:46503:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
blob = (const unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:46537:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
blob = (const unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:46572:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
blob = (const unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:46904:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
err_msg = (const char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:46989:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
value = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:47029:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
value = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:47247:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
table = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:47330:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
table = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:47375:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
table = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/spatialite.c:47428:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
string = (const unsigned char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/srid_aux.c:89:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keybuf[1024];
data/spatialite-5.0.0/src/spatialite/srid_aux.c:117:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (keybuf, p + 1, len);
data/spatialite-5.0.0/src/spatialite/srid_aux.c:136:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (*value, v1, len);
data/spatialite-5.0.0/src/spatialite/srid_aux.c:183:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mux[16][128];
data/spatialite-5.0.0/src/spatialite/srid_aux.c:242:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char save[128];
data/spatialite-5.0.0/src/spatialite/srid_aux.c:387:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dummy[16];
data/spatialite-5.0.0/src/spatialite/srid_aux.c:405:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (dummy, p, 6);
data/spatialite-5.0.0/src/spatialite/srid_aux.c:418:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dummy[16];
data/spatialite-5.0.0/src/spatialite/srid_aux.c:436:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (dummy, p, 6);
data/spatialite-5.0.0/src/spatialite/srid_aux.c:877:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (result, "Clarke 1880 (RGS)");
data/spatialite-5.0.0/src/spatialite/srid_aux.c:882:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (result, "Clarke 1866");
data/spatialite-5.0.0/src/spatialite/srid_aux.c:887:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (result, "GRS 1980");
data/spatialite-5.0.0/src/spatialite/srid_aux.c:892:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (result, "WGS 84");
data/spatialite-5.0.0/src/spatialite/srid_aux.c:897:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (result, "Krassowsky 1940");
data/spatialite-5.0.0/src/spatialite/srid_aux.c:902:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (result, "International 1924");
data/spatialite-5.0.0/src/spatialite/srid_aux.c:907:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (result, "Bessel Namibia (GLM)");
data/spatialite-5.0.0/src/spatialite/srid_aux.c:912:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (result, "Bessel 1841");
data/spatialite-5.0.0/src/spatialite/srid_aux.c:917:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (result,
data/spatialite-5.0.0/src/spatialite/srid_aux.c:923:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (result, "WGS_1972");
data/spatialite-5.0.0/src/spatialite/srid_aux.c:928:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (result, "GRS 1967");
data/spatialite-5.0.0/src/spatialite/srid_aux.c:933:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (result, "NWL 9D");
data/spatialite-5.0.0/src/spatialite/srid_aux.c:938:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (result, "Helmert 1906");
data/spatialite-5.0.0/src/spatialite/srid_aux.c:943:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (result, "Airy 1830");
data/spatialite-5.0.0/src/spatialite/srid_aux.c:948:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (result, "Airy Modified 1849");
data/spatialite-5.0.0/src/spatialite/srid_aux.c:953:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (result,
data/spatialite-5.0.0/src/spatialite/srid_aux.c:1071:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (result, "Jakarta");
data/spatialite-5.0.0/src/spatialite/srid_aux.c:1076:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (result, "Brussels");
data/spatialite-5.0.0/src/spatialite/srid_aux.c:1081:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (result, "Rome");
data/spatialite-5.0.0/src/spatialite/srid_aux.c:1086:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (result, "Madrid");
data/spatialite-5.0.0/src/spatialite/srid_aux.c:1091:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (result, "Ferro");
data/spatialite-5.0.0/src/spatialite/srid_aux.c:1096:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (result, "Bern");
data/spatialite-5.0.0/src/spatialite/srid_aux.c:1101:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (result, "Bogota");
data/spatialite-5.0.0/src/spatialite/srid_aux.c:1106:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (result, "Lisbon");
data/spatialite-5.0.0/src/spatialite/srid_aux.c:1111:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (result, "Paris");
data/spatialite-5.0.0/src/spatialite/srid_aux.c:1116:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (result, "Stockholm");
data/spatialite-5.0.0/src/spatialite/srid_aux.c:1121:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (result, "Athens");
data/spatialite-5.0.0/src/spatialite/srid_aux.c:1126:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (result, "Oslo");
data/spatialite-5.0.0/src/spatialite/srid_aux.c:1132:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (result, "Paris RGS");
data/spatialite-5.0.0/src/spatialite/srid_aux.c:1249:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (result, "Transverse_Mercator");
data/spatialite-5.0.0/src/spatialite/srid_aux.c:1254:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (result, "Transverse_Mercator");
data/spatialite-5.0.0/src/spatialite/srid_aux.c:1259:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (result, "Mercator_1SP");
data/spatialite-5.0.0/src/spatialite/srid_aux.c:1264:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (result, "Polar_Stereographic");
data/spatialite-5.0.0/src/spatialite/srid_aux.c:1269:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (result,
data/spatialite-5.0.0/src/spatialite/srid_aux.c:1275:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (result,
data/spatialite-5.0.0/src/spatialite/srid_aux.c:1281:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (result,
data/spatialite-5.0.0/src/spatialite/srid_aux.c:1287:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (result, "Krovak");
data/spatialite-5.0.0/src/spatialite/srid_aux.c:1292:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (result, "Cassini_Soldner");
data/spatialite-5.0.0/src/spatialite/srid_aux.c:1297:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (result,
data/spatialite-5.0.0/src/spatialite/srid_aux.c:1303:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (result,
data/spatialite-5.0.0/src/spatialite/srid_aux.c:1309:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (result,
data/spatialite-5.0.0/src/spatialite/srid_aux.c:1315:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (result,
data/spatialite-5.0.0/src/spatialite/srid_aux.c:1321:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (result,
data/spatialite-5.0.0/src/spatialite/srid_aux.c:1327:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (result, "Equirectangular");
data/spatialite-5.0.0/src/spatialite/srid_aux.c:1332:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (result, "Polyconic");
data/spatialite-5.0.0/src/spatialite/srid_aux.c:1337:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (result, "New_Zealand_Map_Grid");
data/spatialite-5.0.0/src/spatialite/srid_aux.c:1342:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (result, "none");
data/spatialite-5.0.0/src/spatialite/srid_aux.c:1459:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (result,
data/spatialite-5.0.0/src/spatialite/srid_aux.c:1465:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (result,
data/spatialite-5.0.0/src/spatialite/srid_aux.c:1471:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (result, "WGS_1984");
data/spatialite-5.0.0/src/spatialite/srid_aux.c:1476:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (result,
data/spatialite-5.0.0/src/spatialite/srid_aux.c:1483:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (result,
data/spatialite-5.0.0/src/spatialite/srid_aux.c:1489:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (result,
data/spatialite-5.0.0/src/spatialite/srid_aux.c:1495:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (result, "Carthage");
data/spatialite-5.0.0/src/spatialite/srid_aux.c:1500:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (result,
data/spatialite-5.0.0/src/spatialite/srid_aux.c:1506:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (result, "TM65");
data/spatialite-5.0.0/src/spatialite/srid_aux.c:1511:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (result, "OSGB_1936");
data/spatialite-5.0.0/src/spatialite/srid_aux.c:1628:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (result, "metre");
data/spatialite-5.0.0/src/spatialite/srid_aux.c:1633:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (result, "US survery foot");
data/spatialite-5.0.0/src/spatialite/srid_aux.c:1638:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (result, "foot");
data/spatialite-5.0.0/src/spatialite/statistics.c:116:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sql[8192];
data/spatialite-5.0.0/src/spatialite/statistics.c:121:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "INSERT OR REPLACE INTO geometry_columns_statistics ");
data/spatialite-5.0.0/src/spatialite/statistics.c:122:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "(f_table_name, f_geometry_column, last_verified, ");
data/spatialite-5.0.0/src/spatialite/statistics.c:123:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "row_count, extent_min_x, extent_min_y, ");
data/spatialite-5.0.0/src/spatialite/statistics.c:124:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "extent_max_x, extent_max_y) VALUES (?, ?, ");
data/spatialite-5.0.0/src/spatialite/statistics.c:125:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "strftime('%Y-%m-%dT%H:%M:%fZ', 'now'), ?, ?, ?, ?, ?)");
data/spatialite-5.0.0/src/spatialite/statistics.c:172:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sql[8192];
data/spatialite-5.0.0/src/spatialite/statistics.c:188:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "INSERT OR REPLACE INTO layer_statistics ");
data/spatialite-5.0.0/src/spatialite/statistics.c:189:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "(raster_layer, table_name, geometry_column, ");
data/spatialite-5.0.0/src/spatialite/statistics.c:190:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "row_count, extent_min_x, extent_min_y, ");
data/spatialite-5.0.0/src/spatialite/statistics.c:191:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "extent_max_x, extent_max_y) ");
data/spatialite-5.0.0/src/spatialite/statistics.c:192:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "VALUES (0, ?, ?, ?, ?, ?, ?, ?)");
data/spatialite-5.0.0/src/spatialite/statistics.c:238:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sql[8192];
data/spatialite-5.0.0/src/spatialite/statistics.c:243:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "INSERT OR REPLACE INTO views_geometry_columns_statistics ");
data/spatialite-5.0.0/src/spatialite/statistics.c:244:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "(view_name, view_geometry, last_verified, ");
data/spatialite-5.0.0/src/spatialite/statistics.c:245:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "row_count, extent_min_x, extent_min_y, ");
data/spatialite-5.0.0/src/spatialite/statistics.c:246:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "extent_max_x, extent_max_y) VALUES (?, ?, ");
data/spatialite-5.0.0/src/spatialite/statistics.c:247:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "strftime('%Y-%m-%dT%H:%M:%fZ', 'now'), ?, ?, ?, ?, ?)");
data/spatialite-5.0.0/src/spatialite/statistics.c:294:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sql[8192];
data/spatialite-5.0.0/src/spatialite/statistics.c:310:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "INSERT OR REPLACE INTO views_layer_statistics ");
data/spatialite-5.0.0/src/spatialite/statistics.c:311:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "(view_name, view_geometry, ");
data/spatialite-5.0.0/src/spatialite/statistics.c:312:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "row_count, extent_min_x, extent_min_y, ");
data/spatialite-5.0.0/src/spatialite/statistics.c:313:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "extent_max_x, extent_max_y) ");
data/spatialite-5.0.0/src/spatialite/statistics.c:314:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "VALUES (?, ?, ?, ?, ?, ?, ?)");
data/spatialite-5.0.0/src/spatialite/statistics.c:361:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sql[8192];
data/spatialite-5.0.0/src/spatialite/statistics.c:366:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "INSERT OR REPLACE INTO virts_geometry_columns_statistics ");
data/spatialite-5.0.0/src/spatialite/statistics.c:367:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "(virt_name, virt_geometry, last_verified, ");
data/spatialite-5.0.0/src/spatialite/statistics.c:368:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "row_count, extent_min_x, extent_min_y, ");
data/spatialite-5.0.0/src/spatialite/statistics.c:369:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "extent_max_x, extent_max_y) VALUES (?, ?, ");
data/spatialite-5.0.0/src/spatialite/statistics.c:370:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "strftime('%Y-%m-%dT%H:%M:%fZ', 'now'), ?, ?, ?, ?, ?)");
data/spatialite-5.0.0/src/spatialite/statistics.c:417:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sql[8192];
data/spatialite-5.0.0/src/spatialite/statistics.c:433:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "INSERT OR REPLACE INTO virts_layer_statistics ");
data/spatialite-5.0.0/src/spatialite/statistics.c:434:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "(virt_name, virt_geometry, ");
data/spatialite-5.0.0/src/spatialite/statistics.c:435:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "row_count, extent_min_x, extent_min_y, ");
data/spatialite-5.0.0/src/spatialite/statistics.c:436:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "extent_max_x, extent_max_y) ");
data/spatialite-5.0.0/src/spatialite/statistics.c:437:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "VALUES (?, ?, ?, ?, ?, ?, ?)");
data/spatialite-5.0.0/src/spatialite/statistics.c:616:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sql[8192];
data/spatialite-5.0.0/src/spatialite/statistics.c:634:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "INSERT INTO geometry_columns_field_infos ");
data/spatialite-5.0.0/src/spatialite/statistics.c:635:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "(f_table_name, f_geometry_column, ordinal, ");
data/spatialite-5.0.0/src/spatialite/statistics.c:636:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "column_name, null_values, integer_values, ");
data/spatialite-5.0.0/src/spatialite/statistics.c:637:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "double_values, text_values, blob_values, max_size, ");
data/spatialite-5.0.0/src/spatialite/statistics.c:638:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "integer_min, integer_max, double_min, double_max) ");
data/spatialite-5.0.0/src/spatialite/statistics.c:639:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)");
data/spatialite-5.0.0/src/spatialite/statistics.c:706:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sql[8192];
data/spatialite-5.0.0/src/spatialite/statistics.c:724:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "INSERT INTO views_geometry_columns_field_infos ");
data/spatialite-5.0.0/src/spatialite/statistics.c:725:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "(view_name, view_geometry, ordinal, ");
data/spatialite-5.0.0/src/spatialite/statistics.c:726:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "column_name, null_values, integer_values, ");
data/spatialite-5.0.0/src/spatialite/statistics.c:727:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "double_values, text_values, blob_values, max_size, ");
data/spatialite-5.0.0/src/spatialite/statistics.c:728:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "integer_min, integer_max, double_min, double_max) ");
data/spatialite-5.0.0/src/spatialite/statistics.c:729:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)");
data/spatialite-5.0.0/src/spatialite/statistics.c:796:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sql[8192];
data/spatialite-5.0.0/src/spatialite/statistics.c:814:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "INSERT INTO virts_geometry_columns_field_infos ");
data/spatialite-5.0.0/src/spatialite/statistics.c:815:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "(virt_name, virt_geometry, ordinal, ");
data/spatialite-5.0.0/src/spatialite/statistics.c:816:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "column_name, null_values, integer_values, ");
data/spatialite-5.0.0/src/spatialite/statistics.c:817:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "double_values, text_values, blob_values, max_size, ");
data/spatialite-5.0.0/src/spatialite/statistics.c:818:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "integer_min, integer_max, double_min, double_max) ");
data/spatialite-5.0.0/src/spatialite/statistics.c:819:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)");
data/spatialite-5.0.0/src/spatialite/statistics.c:978:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
is_double = atoi (results[(i * columns) + c + 0]);
data/spatialite-5.0.0/src/spatialite/statistics.c:986:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
atoi (results[(i * columns) + c + 2]);
data/spatialite-5.0.0/src/spatialite/statistics.c:988:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
atoi (results[(i * columns) + c + 3]);
data/spatialite-5.0.0/src/spatialite/statistics.c:1118:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ordinal = atoi (results[(i * columns) + 0]);
data/spatialite-5.0.0/src/spatialite/statistics.c:1165:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
count = atoi (results[(i * columns) + 0]);
data/spatialite-5.0.0/src/spatialite/statistics.c:1169:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ordinal = atoi (results[(i * columns) + c + 0]);
data/spatialite-5.0.0/src/spatialite/statistics.c:1176:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
size = atoi (sz);
data/spatialite-5.0.0/src/spatialite/statistics.c:1862:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
count = atoi (results[(i * columns) + 0]);
data/spatialite-5.0.0/src/spatialite/statistics.c:5571:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (count) > 0)
data/spatialite-5.0.0/src/spatialite/statistics.c:5580:37: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
aux->count_geometry_columns = atoi (count);
data/spatialite-5.0.0/src/spatialite/statistics.c:5627:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (count) > 0)
data/spatialite-5.0.0/src/spatialite/statistics.c:6335:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
fk_on = atoi (results[(i * columns) + 0]);
data/spatialite-5.0.0/src/spatialite/statistics.c:6586:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
fk_on = atoi (results[(i * columns) + 0]);
data/spatialite-5.0.0/src/spatialite/table_cloner.c:1527:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
notnull = atoi (results[(i * columns) + 3]);
data/spatialite-5.0.0/src/spatialite/table_cloner.c:1529:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pk = atoi (results[(i * columns) + 5]);
data/spatialite-5.0.0/src/spatialite/table_cloner.c:1580:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (results[(i * columns) + 0]) > 0)
data/spatialite-5.0.0/src/spatialite/table_cloner.c:1737:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
unique = atoi (results[(i * columns) + 2]);
data/spatialite-5.0.0/src/spatialite/table_cloner.c:1784:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
id = atoi (results[(i * columns) + 0]);
data/spatialite-5.0.0/src/spatialite/table_cloner.c:1882:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
type = atoi (results[(i * columns) + 1]);
data/spatialite-5.0.0/src/spatialite/table_cloner.c:1883:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dims = atoi (results[(i * columns) + 2]);
data/spatialite-5.0.0/src/spatialite/table_cloner.c:1884:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
srid = atoi (results[(i * columns) + 3]);
data/spatialite-5.0.0/src/spatialite/table_cloner.c:1885:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
spatial_index = atoi (results[(i * columns) + 4]);
data/spatialite-5.0.0/src/spatialite/table_cloner.c:1925:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
type = atoi (results[(i * columns) + 1]);
data/spatialite-5.0.0/src/spatialite/table_cloner.c:1926:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dims = atoi (results[(i * columns) + 2]);
data/spatialite-5.0.0/src/spatialite/table_cloner.c:1927:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
srid = atoi (results[(i * columns) + 3]);
data/spatialite-5.0.0/src/spatialite/table_cloner.c:2104:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
count = atoi (results[(i * columns) + 0]);
data/spatialite-5.0.0/src/spatialite/virtualXL.c:121:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[2048];
data/spatialite-5.0.0/src/spatialite/virtualXL.c:153:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
worksheet = atoi (argv[4]);
data/spatialite-5.0.0/src/spatialite/virtualXL.c:156:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (argv[5]) == 1)
data/spatialite-5.0.0/src/spatialite/virtualXL.c:347:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[2048];
data/spatialite-5.0.0/src/spatialite/virtualXL.c:348:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/spatialite-5.0.0/src/spatialite/virtualXL.c:361:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buf, "%d:%d,", pIndex->aConstraint[i].iColumn,
data/spatialite-5.0.0/src/spatialite/virtualXL.c:459:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/spatialite-5.0.0/src/spatialite/virtualXL.c:492:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*iColumn = atoi (buf);
data/spatialite-5.0.0/src/spatialite/virtualXL.c:493:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*op = atoi (buf + i + 1);
data/spatialite-5.0.0/src/spatialite/virtualXL.c:760:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(char *) sqlite3_value_text (argv[i]));
data/spatialite-5.0.0/src/spatialite/virtualbbox.c:218:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (p->Text, value, size);
data/spatialite-5.0.0/src/spatialite/virtualbbox.c:235:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (p->Blob, value, size);
data/spatialite-5.0.0/src/spatialite/virtualbbox.c:482:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
vtable = gaiaDequotedSql ((char *) argv[2]);
data/spatialite-5.0.0/src/spatialite/virtualbbox.c:483:30: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
table = gaiaDequotedSql ((char *) argv[3]);
data/spatialite-5.0.0/src/spatialite/virtualbbox.c:484:33: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
col_minx = gaiaDequotedSql ((char *) argv[4]);
data/spatialite-5.0.0/src/spatialite/virtualbbox.c:485:33: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
col_miny = gaiaDequotedSql ((char *) argv[5]);
data/spatialite-5.0.0/src/spatialite/virtualbbox.c:486:33: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
col_maxx = gaiaDequotedSql ((char *) argv[6]);
data/spatialite-5.0.0/src/spatialite/virtualbbox.c:487:33: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
col_maxy = gaiaDequotedSql ((char *) argv[7]);
data/spatialite-5.0.0/src/spatialite/virtualbbox.c:488:33: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
col_srid = gaiaDequotedSql ((char *) argv[8]);
data/spatialite-5.0.0/src/spatialite/virtualbbox.c:489:38: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
x_force_wgs84 = gaiaDequotedSql ((char *) argv[9]);
data/spatialite-5.0.0/src/spatialite/virtualbbox.c:535:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
p_vt->Srid = atoi (col_srid);
data/spatialite-5.0.0/src/spatialite/virtualbbox.c:591:45: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *extra_col = gaiaDequotedSql ((char *) argv[i2]);
data/spatialite-5.0.0/src/spatialite/virtualdbf.c:141:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[2048];
data/spatialite-5.0.0/src/spatialite/virtualdbf.c:142:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char encoding[128];
data/spatialite-5.0.0/src/spatialite/virtualdbf.c:144:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ColnameCase[128];
data/spatialite-5.0.0/src/spatialite/virtualdbf.c:190:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
text_dates = atoi (argv[5]);
data/spatialite-5.0.0/src/spatialite/virtualdbf.c:237:40: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
xname = gaiaDoubleQuotedSql ((const char *) argv[2]);
data/spatialite-5.0.0/src/spatialite/virtualdbf.c:363:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[2048];
data/spatialite-5.0.0/src/spatialite/virtualdbf.c:364:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/spatialite-5.0.0/src/spatialite/virtualdbf.c:377:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buf, "%d:%d,", pIndex->aConstraint[i].iColumn,
data/spatialite-5.0.0/src/spatialite/virtualdbf.c:498:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/spatialite-5.0.0/src/spatialite/virtualdbf.c:531:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*iColumn = atoi (buf);
data/spatialite-5.0.0/src/spatialite/virtualdbf.c:532:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*op = atoi (buf + i + 1);
data/spatialite-5.0.0/src/spatialite/virtualdbf.c:800:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(char *) sqlite3_value_text (argv[i]));
data/spatialite-5.0.0/src/spatialite/virtualelementary.c:433:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
vtable = gaiaDequotedSql ((char *) argv[2]);
data/spatialite-5.0.0/src/spatialite/virtualelementary.c:654:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
table_name = (char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/virtualelementary.c:659:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
geom_column = (char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/spatialite/virtualelementary.c:680:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
table_name = (char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/virtualelementary.c:701:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
db_prefix = (char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/virtualelementary.c:706:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
table_name = (char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/spatialite/virtualelementary.c:711:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
geom_column = (char *) sqlite3_value_text (argv[2]);
data/spatialite-5.0.0/src/spatialite/virtualelementary.c:732:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
db_prefix = (char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/virtualelementary.c:737:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
table_name = (char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/spatialite/virtualfdo.c:222:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (p->Text, value, size);
data/spatialite-5.0.0/src/spatialite/virtualfdo.c:239:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (p->Blob, value, size);
data/spatialite-5.0.0/src/spatialite/virtualfdo.c:868:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prefix[16];
data/spatialite-5.0.0/src/spatialite/virtualfdo.c:876:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/spatialite-5.0.0/src/spatialite/virtualfdo.c:893:8: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (prefix, ", ");
data/spatialite-5.0.0/src/spatialite/virtualfdo.c:906:8: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (prefix, ", ");
data/spatialite-5.0.0/src/spatialite/virtualfdo.c:1063:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
text = (char *) sqlite3_value_text (argv[i]);
data/spatialite-5.0.0/src/spatialite/virtualfdo.c:1115:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prefix[16];
data/spatialite-5.0.0/src/spatialite/virtualfdo.c:1123:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/spatialite-5.0.0/src/spatialite/virtualfdo.c:1140:8: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (prefix, ", ");
data/spatialite-5.0.0/src/spatialite/virtualfdo.c:1297:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
text = (char *) sqlite3_value_text (argv[i]);
data/spatialite-5.0.0/src/spatialite/virtualfdo.c:1336:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dummy[256];
data/spatialite-5.0.0/src/spatialite/virtualfdo.c:1415:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (o, "POINTZ");
data/spatialite-5.0.0/src/spatialite/virtualfdo.c:1422:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (o, "LINESTRINGZ");
data/spatialite-5.0.0/src/spatialite/virtualfdo.c:1429:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (o, "POLYGONZ");
data/spatialite-5.0.0/src/spatialite/virtualfdo.c:1436:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (o, "MULTIPOINTZ");
data/spatialite-5.0.0/src/spatialite/virtualfdo.c:1443:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (o, "MULTILINESTRINGZ");
data/spatialite-5.0.0/src/spatialite/virtualfdo.c:1450:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (o, "MULTIPOLYGONZ");
data/spatialite-5.0.0/src/spatialite/virtualfdo.c:1457:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (o, "GEOMETRYCOLLECTIONZ");
data/spatialite-5.0.0/src/spatialite/virtualfdo.c:1735:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prefix[16];
data/spatialite-5.0.0/src/spatialite/virtualfdo.c:1746:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
vtable = gaiaDequotedSql ((char *) argv[2]);
data/spatialite-5.0.0/src/spatialite/virtualfdo.c:1748:30: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
table = gaiaDequotedSql ((char *) argv[3]);
data/spatialite-5.0.0/src/spatialite/virtualfdo.c:1752:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
vtable = gaiaDequotedSql ((char *) argv[2]);
data/spatialite-5.0.0/src/spatialite/virtualfdo.c:1753:34: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
db_prefix = gaiaDequotedSql ((char *) argv[3]);
data/spatialite-5.0.0/src/spatialite/virtualfdo.c:1754:30: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
table = gaiaDequotedSql ((char *) argv[4]);
data/spatialite-5.0.0/src/spatialite/virtualfdo.c:1810:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (results[(i * n_columns) + 3]) == 0)
data/spatialite-5.0.0/src/spatialite/virtualfdo.c:1856:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
type = atoi (results[(i * n_columns) + 1]);
data/spatialite-5.0.0/src/spatialite/virtualfdo.c:1860:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
srid = atoi (results[(i * n_columns) + 2]);
data/spatialite-5.0.0/src/spatialite/virtualfdo.c:1862:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
coord_dimension = atoi (results[(i * n_columns) + 4]);
data/spatialite-5.0.0/src/spatialite/virtualfdo.c:1900:8: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (prefix, ", ");
data/spatialite-5.0.0/src/spatialite/virtualgeojson.c:852:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char parent_key[GEOJSON_MAX];
data/spatialite-5.0.0/src/spatialite/virtualgeojson.c:1814:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (parser->cast_type, "CastToPoint");
data/spatialite-5.0.0/src/spatialite/virtualgeojson.c:1821:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (parser->cast_type, "CastToMultiPoint");
data/spatialite-5.0.0/src/spatialite/virtualgeojson.c:1829:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (parser->cast_type, "CastToLinestring");
data/spatialite-5.0.0/src/spatialite/virtualgeojson.c:1836:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (parser->cast_type, "CastToMultiLinestring");
data/spatialite-5.0.0/src/spatialite/virtualgeojson.c:1844:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (parser->cast_type, "CastToPolygon");
data/spatialite-5.0.0/src/spatialite/virtualgeojson.c:1851:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (parser->cast_type, "CastToMultiPolygon");
data/spatialite-5.0.0/src/spatialite/virtualgeojson.c:1857:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (parser->cast_type, "CastToGeometryCollection");
data/spatialite-5.0.0/src/spatialite/virtualgeojson.c:1863:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (parser->cast_type, "CastToGeometryCollection");
data/spatialite-5.0.0/src/spatialite/virtualgeojson.c:1869:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (parser->cast_type, "CastToGeometryCollection");
data/spatialite-5.0.0/src/spatialite/virtualgeojson.c:1876:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (parser->cast_dims, "CastToXY");
data/spatialite-5.0.0/src/spatialite/virtualgeojson.c:1881:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (parser->cast_dims, "CastToXYZ");
data/spatialite-5.0.0/src/spatialite/virtualgeojson.c:1886:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (parser->cast_dims, "CastToXYZM");
data/spatialite-5.0.0/src/spatialite/virtualgeojson.c:2263:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[2048];
data/spatialite-5.0.0/src/spatialite/virtualgeojson.c:2264:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ColnameCase[128];
data/spatialite-5.0.0/src/spatialite/virtualgeojson.c:2296:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
srid = atoi (argv[4]);
data/spatialite-5.0.0/src/spatialite/virtualgeojson.c:2352:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
in = fopen (path, "rb");
data/spatialite-5.0.0/src/spatialite/virtualgeojson.c:2382:40: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
xname = gaiaDoubleQuotedSql ((const char *) argv[2]);
data/spatialite-5.0.0/src/spatialite/virtualgeojson.c:2444:51: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
geojson_sql_create_virtual_table (parser, (const char *) argv[2],
data/spatialite-5.0.0/src/spatialite/virtualgeojson.c:2711:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[2048];
data/spatialite-5.0.0/src/spatialite/virtualgeojson.c:2712:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/spatialite-5.0.0/src/spatialite/virtualgeojson.c:2725:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buf, "%d:%d,", pIndex->aConstraint[i].iColumn,
data/spatialite-5.0.0/src/spatialite/virtualgeojson.c:2863:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/spatialite-5.0.0/src/spatialite/virtualgeojson.c:2896:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*iColumn = atoi (buf);
data/spatialite-5.0.0/src/spatialite/virtualgeojson.c:2897:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*op = atoi (buf + i + 1);
data/spatialite-5.0.0/src/spatialite/virtualgeojson.c:3152:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(char *) sqlite3_value_text (argv[i]));
data/spatialite-5.0.0/src/spatialite/virtualgpkg.c:212:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (p->Text, value, size);
data/spatialite-5.0.0/src/spatialite/virtualgpkg.c:229:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (p->Blob, value, size);
data/spatialite-5.0.0/src/spatialite/virtualgpkg.c:299:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prefix[16];
data/spatialite-5.0.0/src/spatialite/virtualgpkg.c:305:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/spatialite-5.0.0/src/spatialite/virtualgpkg.c:321:8: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (prefix, ", ");
data/spatialite-5.0.0/src/spatialite/virtualgpkg.c:334:8: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (prefix, ", ");
data/spatialite-5.0.0/src/spatialite/virtualgpkg.c:370:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
text = (char *) sqlite3_value_text (argv[i]);
data/spatialite-5.0.0/src/spatialite/virtualgpkg.c:399:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prefix[16];
data/spatialite-5.0.0/src/spatialite/virtualgpkg.c:405:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/spatialite-5.0.0/src/spatialite/virtualgpkg.c:421:8: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (prefix, ", ");
data/spatialite-5.0.0/src/spatialite/virtualgpkg.c:457:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
text = (char *) sqlite3_value_text (argv[i]);
data/spatialite-5.0.0/src/spatialite/virtualgpkg.c:489:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dummy[256];
data/spatialite-5.0.0/src/spatialite/virtualgpkg.c:571:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prefix[16];
data/spatialite-5.0.0/src/spatialite/virtualgpkg.c:582:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
vtable = gaiaDequotedSql ((char *) argv[2]);
data/spatialite-5.0.0/src/spatialite/virtualgpkg.c:584:30: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
table = gaiaDequotedSql ((char *) argv[3]);
data/spatialite-5.0.0/src/spatialite/virtualgpkg.c:588:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
vtable = gaiaDequotedSql ((char *) argv[2]);
data/spatialite-5.0.0/src/spatialite/virtualgpkg.c:589:34: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
db_prefix = gaiaDequotedSql ((char *) argv[3]);
data/spatialite-5.0.0/src/spatialite/virtualgpkg.c:590:30: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
table = gaiaDequotedSql ((char *) argv[4]);
data/spatialite-5.0.0/src/spatialite/virtualgpkg.c:643:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (results[(i * n_columns) + 3]) == 0)
data/spatialite-5.0.0/src/spatialite/virtualgpkg.c:675:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
p_vt->Srid = atoi (results[n_columns + 2]);
data/spatialite-5.0.0/src/spatialite/virtualgpkg.c:676:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
has_z = atoi (results[n_columns + 3]);
data/spatialite-5.0.0/src/spatialite/virtualgpkg.c:677:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
has_m = atoi (results[n_columns + 4]);
data/spatialite-5.0.0/src/spatialite/virtualgpkg.c:775:8: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (prefix, ", ");
data/spatialite-5.0.0/src/spatialite/virtualknn.c:759:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (*db_prefix, tn + 3, l_db);
data/spatialite-5.0.0/src/spatialite/virtualknn.c:782:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
vtable = gaiaDequotedSql ((char *) argv[2]);
data/spatialite-5.0.0/src/spatialite/virtualknn.c:1307:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *tn = (char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/virtualknn.c:1313:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
geom_column = (char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/spatialite/virtualknn.c:1335:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *tn = (char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/virtualknn.c:1358:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *tn = (char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/virtualknn.c:1364:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
geom_column = (char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/spatialite/virtualknn.c:1395:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *tn = (char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/virtualnetwork.c:1696:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char code[256];
data/spatialite-5.0.0/src/spatialite/virtualnetwork.c:1729:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (code, in, graph->MaxCodeLength);
data/spatialite-5.0.0/src/spatialite/virtualnetwork.c:2256:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(char *)
data/spatialite-5.0.0/src/spatialite/virtualnetwork.c:2261:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(char *)
data/spatialite-5.0.0/src/spatialite/virtualnetwork.c:2286:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(char *)
data/spatialite-5.0.0/src/spatialite/virtualnetwork.c:2291:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(char *)
data/spatialite-5.0.0/src/spatialite/virtualnetwork.c:2316:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(char *)
data/spatialite-5.0.0/src/spatialite/virtualnetwork.c:2344:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(char *)
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:1869:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char xid[128];
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:1876:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (xid, "%lld", *(multiSolution->MultiTo->Ids + 1));
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:2314:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
from = atoi (value);
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:3714:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (row->Undefined, "???");
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:3724:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (row->Undefined, "???");
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:4050:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*index1 = atoi (value);
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:4052:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*index2 = atoi (value);
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:4084:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*index1 = atoi (value);
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:4086:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*index2 = atoi (value);
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:5064:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (code, in, graph->MaxCodeLength);
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:7531:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(char *)
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:7539:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(const char *)
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:7562:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(const char *)
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:7596:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(const char *)
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:7609:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(char *)
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:7622:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(const char *)
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:7657:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(char *)
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:7685:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(char *)
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:7713:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:7737:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[1]);
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:7770:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:7794:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[1]);
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:8003:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char delimiter[128];
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:8041:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (delimiter, "%c [dec=%d, hex=%02x]",
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:8046:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (delimiter, "[dec=%d, hex=%02x]",
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:8163:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char delimiter[128];
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:8220:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (delimiter, "%c [dec=%d, hex=%02x]",
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:8225:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (delimiter, "[dec=%d, hex=%02x]",
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:8298:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (delimiter, "%c [dec=%d, hex=%02x]",
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:8303:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (delimiter, "[dec=%d, hex=%02x]",
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:8461:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (delimiter, "%c [dec=%d, hex=%02x]",
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:8466:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (delimiter, "[dec=%d, hex=%02x]",
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:8690:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char delimiter[128];
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:8755:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (delimiter, "%c [dec=%d, hex=%02x]",
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:8760:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (delimiter, "[dec=%d, hex=%02x]",
data/spatialite-5.0.0/src/spatialite/virtualshape.c:203:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[2048];
data/spatialite-5.0.0/src/spatialite/virtualshape.c:204:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char encoding[128];
data/spatialite-5.0.0/src/spatialite/virtualshape.c:206:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ColnameCase[128];
data/spatialite-5.0.0/src/spatialite/virtualshape.c:255:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
srid = atoi (argv[5]);
data/spatialite-5.0.0/src/spatialite/virtualshape.c:259:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
text_dates = atoi (argv[6]);
data/spatialite-5.0.0/src/spatialite/virtualshape.c:314:40: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
xname = gaiaDoubleQuotedSql ((const char *) argv[2]);
data/spatialite-5.0.0/src/spatialite/virtualshape.c:677:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[2048];
data/spatialite-5.0.0/src/spatialite/virtualshape.c:678:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/spatialite-5.0.0/src/spatialite/virtualshape.c:691:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buf, "%d:%d,", pIndex->aConstraint[i].iColumn,
data/spatialite-5.0.0/src/spatialite/virtualshape.c:850:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/spatialite-5.0.0/src/spatialite/virtualshape.c:883:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*iColumn = atoi (buf);
data/spatialite-5.0.0/src/spatialite/virtualshape.c:884:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*op = atoi (buf + i + 1);
data/spatialite-5.0.0/src/spatialite/virtualshape.c:1147:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(char *) sqlite3_value_text (argv[i]));
data/spatialite-5.0.0/src/spatialite/virtualspatialindex.c:543:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (*db_prefix, tn + 3, l_db);
data/spatialite-5.0.0/src/spatialite/virtualspatialindex.c:566:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
vtable = gaiaDequotedSql ((char *) argv[2]);
data/spatialite-5.0.0/src/spatialite/virtualspatialindex.c:747:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *tn = (char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/virtualspatialindex.c:753:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
geom_column = (char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/spatialite/virtualspatialindex.c:775:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *tn = (char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/spatialite/virtualxpath.c:279:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char out[65536];
data/spatialite-5.0.0/src/spatialite/virtualxpath.c:573:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
vtable = gaiaDequotedSql ((char *) argv[2]);
data/spatialite-5.0.0/src/spatialite/virtualxpath.c:574:30: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
table = gaiaDequotedSql ((char *) argv[3]);
data/spatialite-5.0.0/src/spatialite/virtualxpath.c:575:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
column = gaiaDequotedSql ((char *) argv[4]);
data/spatialite-5.0.0/src/spatialite/virtualxpath.c:801:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *exp = (char *) sqlite3_value_text (argv[i]);
data/spatialite-5.0.0/src/srsinit/epsg_update/auto_epsg.c:131:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[1024];
data/spatialite-5.0.0/src/srsinit/epsg_update/auto_epsg.c:132:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[512];
data/spatialite-5.0.0/src/srsinit/epsg_update/auto_epsg.c:148:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char srid[16];
data/spatialite-5.0.0/src/srsinit/epsg_update/auto_epsg.c:197:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
epsg_insert (epsg, atoi (srid), name, proj4text);
data/spatialite-5.0.0/src/srsinit/epsg_update/auto_epsg.c:230:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
return atoi (line + i + 20);
data/spatialite-5.0.0/src/srsinit/epsg_update/auto_epsg.c:241:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[8192];
data/spatialite-5.0.0/src/srsinit/epsg_update/auto_epsg.c:314:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[1024];
data/spatialite-5.0.0/src/srsinit/epsg_update/auto_epsg.c:317:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (path, "epsg_inlined_%02d.c", file_no);
data/spatialite-5.0.0/src/srsinit/epsg_update/auto_epsg.c:318:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out = fopen (path, "wb");
data/spatialite-5.0.0/src/srsinit/epsg_update/auto_epsg.c:334:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out = fopen ("epsg_inlined_extra.c", "wb");
data/spatialite-5.0.0/src/srsinit/epsg_update/auto_epsg.c:350:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out = fopen ("epsg_inlined_prussian.c", "wb");
data/spatialite-5.0.0/src/srsinit/epsg_update/auto_epsg.c:364:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[1024];
data/spatialite-5.0.0/src/srsinit/epsg_update/auto_epsg.c:367:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (path, "epsg_inlined_wgs84_%02d.c", file_no);
data/spatialite-5.0.0/src/srsinit/epsg_update/auto_epsg.c:368:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out = fopen (path, "wb");
data/spatialite-5.0.0/src/srsinit/epsg_update/auto_epsg.c:2259:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fl_epsg = fopen ("epsg", "rb");
data/spatialite-5.0.0/src/srsinit/epsg_update/auto_epsg.c:2267:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fl_wkt = fopen ("wkt", "rb");
data/spatialite-5.0.0/src/srsinit/epsg_update/auto_epsg_ext.c:176:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char srid[64];
data/spatialite-5.0.0/src/srsinit/epsg_update/auto_epsg_ext.c:177:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char is_geographic[64];
data/spatialite-5.0.0/src/srsinit/epsg_update/auto_epsg_ext.c:178:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char flipped_axes[64];
data/spatialite-5.0.0/src/srsinit/epsg_update/auto_epsg_ext.c:179:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char unit[128];
data/spatialite-5.0.0/src/srsinit/epsg_update/auto_epsg_ext.c:180:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char axis_1[128];
data/spatialite-5.0.0/src/srsinit/epsg_update/auto_epsg_ext.c:181:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char orientation_1[128];
data/spatialite-5.0.0/src/srsinit/epsg_update/auto_epsg_ext.c:182:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char axis_2[128];
data/spatialite-5.0.0/src/srsinit/epsg_update/auto_epsg_ext.c:183:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char orientation_2[128];
data/spatialite-5.0.0/src/srsinit/epsg_update/auto_epsg_ext.c:184:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char spheroid[128];
data/spatialite-5.0.0/src/srsinit/epsg_update/auto_epsg_ext.c:185:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prime_meridian[128];
data/spatialite-5.0.0/src/srsinit/epsg_update/auto_epsg_ext.c:186:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char datum[128];
data/spatialite-5.0.0/src/srsinit/epsg_update/auto_epsg_ext.c:187:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char projection[128];
data/spatialite-5.0.0/src/srsinit/epsg_update/auto_epsg_ext.c:188:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[512];
data/spatialite-5.0.0/src/srsinit/epsg_update/auto_epsg_ext.c:189:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char proj4text[512];
data/spatialite-5.0.0/src/srsinit/epsg_update/auto_epsg_ext.c:190:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char srtext[8192];
data/spatialite-5.0.0/src/srsinit/epsg_update/auto_epsg_ext.c:262:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
epsg_insert (epsg, atoi (srid), atoi (is_geographic),
data/spatialite-5.0.0/src/srsinit/epsg_update/auto_epsg_ext.c:262:39: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
epsg_insert (epsg, atoi (srid), atoi (is_geographic),
data/spatialite-5.0.0/src/srsinit/epsg_update/auto_epsg_ext.c:263:6: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
atoi (flipped_axes), unit, axis_1,
data/spatialite-5.0.0/src/srsinit/epsg_update/auto_epsg_ext.c:344:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[1024];
data/spatialite-5.0.0/src/srsinit/epsg_update/auto_epsg_ext.c:347:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (path, "epsg_inlined_%02d.c", file_no);
data/spatialite-5.0.0/src/srsinit/epsg_update/auto_epsg_ext.c:348:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out = fopen (path, "wb");
data/spatialite-5.0.0/src/srsinit/epsg_update/auto_epsg_ext.c:364:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out = fopen ("epsg_inlined_extra.c", "wb");
data/spatialite-5.0.0/src/srsinit/epsg_update/auto_epsg_ext.c:380:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out = fopen ("epsg_inlined_prussian.c", "wb");
data/spatialite-5.0.0/src/srsinit/epsg_update/auto_epsg_ext.c:394:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[1024];
data/spatialite-5.0.0/src/srsinit/epsg_update/auto_epsg_ext.c:397:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (path, "epsg_inlined_wgs84_%02d.c", file_no);
data/spatialite-5.0.0/src/srsinit/epsg_update/auto_epsg_ext.c:398:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out = fopen (path, "wb");
data/spatialite-5.0.0/src/srsinit/epsg_update/auto_epsg_ext.c:2310:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fl_epsg = fopen ("epsg", "rb");
data/spatialite-5.0.0/src/srsinit/epsg_update/epsg_from_gdal-proj6.c:70:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/spatialite-5.0.0/src/srsinit/epsg_update/epsg_from_gdal-proj6.c:72:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *in = fopen ("./epsg-proj4", "rb");
data/spatialite-5.0.0/src/srsinit/epsg_update/epsg_from_gdal-proj6.c:88:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
srid = atoi (buf);
data/spatialite-5.0.0/src/srsinit/epsg_update/epsg_from_gdal-proj6.c:147:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char urn[1024];
data/spatialite-5.0.0/src/srsinit/epsg_update/epsg_from_gdal-proj6.c:165:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (urn, "urn:ogc:def:crs:EPSG::%d", srid);
data/spatialite-5.0.0/src/srsinit/epsg_update/epsg_from_gdal.c:44:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char urn[1024];
data/spatialite-5.0.0/src/srsinit/epsg_update/epsg_from_gdal.c:62:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (urn, "urn:ogc:def:crs:EPSG::%d", srid);
data/spatialite-5.0.0/src/srsinit/srs_init.c:430:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sql[1024];
data/spatialite-5.0.0/src/srsinit/srs_init.c:440:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "INSERT INTO spatial_ref_sys ");
data/spatialite-5.0.0/src/srsinit/srs_init.c:449:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/srsinit/srs_init.c:451:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "VALUES (?, ?, ?, ?, ?)");
data/spatialite-5.0.0/src/srsinit/srs_init.c:454:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/srsinit/srs_init.c:456:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "VALUES (?, ?, ?, ?, ?, ?)");
data/spatialite-5.0.0/src/srsinit/srs_init.c:459:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/srsinit/srs_init.c:461:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "VALUES (?, ?, ?, ?, ?, ?)");
data/spatialite-5.0.0/src/srsinit/srs_init.c:477:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "INSERT INTO spatial_ref_sys_aux ");
data/spatialite-5.0.0/src/srsinit/srs_init.c:478:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/srsinit/srs_init.c:480:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/srsinit/srs_init.c:482:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "axis_2_name, axis_2_orientation) ");
data/spatialite-5.0.0/src/srsinit/srs_init.c:483:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)");
data/spatialite-5.0.0/src/srsinit/srs_init.c:661:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sql[1024];
data/spatialite-5.0.0/src/srsinit/srs_init.c:669:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql,
data/spatialite-5.0.0/src/srsinit/srs_init.c:694:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sql[1024];
data/spatialite-5.0.0/src/srsinit/srs_init.c:707:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "PRAGMA table_info(spatial_ref_sys)");
data/spatialite-5.0.0/src/srsinit/srs_init.c:771:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sql[1024];
data/spatialite-5.0.0/src/srsinit/srs_init.c:777:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "SELECT Count(*) FROM spatial_ref_sys");
data/spatialite-5.0.0/src/srsinit/srs_init.c:792:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
count = atoi (results[(i * n_columns) + 0]);
data/spatialite-5.0.0/src/srsinit/srs_init.c:864:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sql[1024];
data/spatialite-5.0.0/src/srsinit/srs_init.c:904:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "INSERT INTO spatial_ref_sys ");
data/spatialite-5.0.0/src/srsinit/srs_init.c:908:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/srsinit/srs_init.c:910:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "VALUES (?, ?, ?, ?, ?)");
data/spatialite-5.0.0/src/srsinit/srs_init.c:913:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/srsinit/srs_init.c:915:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "VALUES (?, ?, ?, ?, ?, ?)");
data/spatialite-5.0.0/src/srsinit/srs_init.c:918:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/srsinit/srs_init.c:920:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "VALUES (?, ?, ?, ?, ?, ?)");
data/spatialite-5.0.0/src/srsinit/srs_init.c:934:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "INSERT INTO spatial_ref_sys_aux ");
data/spatialite-5.0.0/src/srsinit/srs_init.c:935:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/srsinit/srs_init.c:937:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql,
data/spatialite-5.0.0/src/srsinit/srs_init.c:939:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "axis_2_name, axis_2_orientation) ");
data/spatialite-5.0.0/src/srsinit/srs_init.c:940:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)");
data/spatialite-5.0.0/src/stored_procedures/stored_procedures.c:227:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (nm, str + 1, end - 1);
data/spatialite-5.0.0/src/stored_procedures/stored_procedures.c:563:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (p_out, item->varname, len);
data/spatialite-5.0.0/src/stored_procedures/stored_procedures.c:574:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (p_out, sql, sql_len);
data/spatialite-5.0.0/src/stored_procedures/stored_procedures.c:617:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
in = fopen (filepath, "rb");
data/spatialite-5.0.0/src/stored_procedures/stored_procedures.c:785:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (varname + 1, p_out, size);
data/spatialite-5.0.0/src/stored_procedures/stored_procedures.c:823:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (varname + 1, p_out, size);
data/spatialite-5.0.0/src/stored_procedures/stored_procedures.c:873:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (sql, p_out, len);
data/spatialite-5.0.0/src/stored_procedures/stored_procedures.c:905:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (varname, p_out, size);
data/spatialite-5.0.0/src/stored_procedures/stored_procedures.c:1173:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sql[1024];
data/spatialite-5.0.0/src/stored_procedures/stored_procedures.c:1182:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "PRAGMA table_info(stored_procedures)");
data/spatialite-5.0.0/src/stored_procedures/stored_procedures.c:1210:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "PRAGMA table_info(stored_variables)");
data/spatialite-5.0.0/src/stored_procedures/stored_procedures.c:1239:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sql[4192];
data/spatialite-5.0.0/src/stored_procedures/stored_procedures.c:1248:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "CREATE TABLE IF NOT EXISTS ");
data/spatialite-5.0.0/src/stored_procedures/stored_procedures.c:1249:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "stored_procedures (\n");
data/spatialite-5.0.0/src/stored_procedures/stored_procedures.c:1250:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "name TEXT NOT NULL PRIMARY KEY,\n");
data/spatialite-5.0.0/src/stored_procedures/stored_procedures.c:1251:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "title TEXT NOT NULL,\n");
data/spatialite-5.0.0/src/stored_procedures/stored_procedures.c:1252:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "sql_proc BLOB NOT NULL)");
data/spatialite-5.0.0/src/stored_procedures/stored_procedures.c:1265:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (sql,
data/spatialite-5.0.0/src/stored_procedures/stored_procedures.c:1280:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (sql,
data/spatialite-5.0.0/src/stored_procedures/stored_procedures.c:1297:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "CREATE TABLE IF NOT EXISTS ");
data/spatialite-5.0.0/src/stored_procedures/stored_procedures.c:1298:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "stored_variables (\n");
data/spatialite-5.0.0/src/stored_procedures/stored_procedures.c:1299:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "name TEXT NOT NULL PRIMARY KEY,\n");
data/spatialite-5.0.0/src/stored_procedures/stored_procedures.c:1300:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "title TEXT NOT NULL,\n");
data/spatialite-5.0.0/src/stored_procedures/stored_procedures.c:1301:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "value TEXT NOT NULL)");
data/spatialite-5.0.0/src/stored_procedures/stored_procedures.c:1401:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (p_blob, data, p_blob_sz);
data/spatialite-5.0.0/src/stored_procedures/stored_procedures.c:1856:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (buffer, "nan");
data/spatialite-5.0.0/src/stored_procedures/stored_procedures.c:2452:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
log = fopen (filepath, "ab");
data/spatialite-5.0.0/src/stored_procedures/stored_procedures.c:2454:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
log = fopen (filepath, "wb");
data/spatialite-5.0.0/src/topology/gaia_auxnet.c:272:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (value) != 0)
data/spatialite-5.0.0/src/topology/gaia_auxnet.c:309:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (value) != 0)
data/spatialite-5.0.0/src/topology/gaia_auxnet.c:350:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (value) != 0)
data/spatialite-5.0.0/src/topology/gaia_auxnet.c:980:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (value) != 1)
data/spatialite-5.0.0/src/topology/gaia_auxnet.c:1019:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (value) != 2)
data/spatialite-5.0.0/src/topology/gaia_auxnet.c:1062:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (value) != 4)
data/spatialite-5.0.0/src/topology/gaia_auxnet.c:4121:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char direction[2];
data/spatialite-5.0.0/src/topology/gaia_auxtopo.c:291:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (value) != 0)
data/spatialite-5.0.0/src/topology/gaia_auxtopo.c:344:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (value) != 0)
data/spatialite-5.0.0/src/topology/gaia_auxtopo.c:389:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (value) != 0)
data/spatialite-5.0.0/src/topology/gaia_auxtopo.c:475:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (value) != 0)
data/spatialite-5.0.0/src/topology/gaia_auxtopo.c:1666:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (value) != 1)
data/spatialite-5.0.0/src/topology/gaia_auxtopo.c:1713:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (value) != 3)
data/spatialite-5.0.0/src/topology/gaia_auxtopo.c:1758:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (value) != 3)
data/spatialite-5.0.0/src/topology/gaia_auxtopo.c:1829:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (value) != 9)
data/spatialite-5.0.0/src/topology/gaia_auxtopo.c:4533:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
count = atoi (results[(i * columns) + 0]);
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:3271:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
value = atoi (results[(i * columns) + 0]);
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:3295:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
value = atoi (results[(i * columns) + 0]);
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:3320:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
value = atoi (results[(i * columns) + 0]);
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:3345:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
value = atoi (results[(i * columns) + 0]);
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:3504:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
has_rtree = atoi (results[(i * columns) + 0]);
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:4054:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char direction[2];
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:4703:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
type = atoi (results[(i * columns) + 0]);
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:4775:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (results[(i * columns) + 5]) != 0)
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:4782:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
notnull = atoi (results[(i * columns) + 3]);
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:4783:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pk_no = atoi (results[(i * columns) + 5]);
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:4869:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (results[(i * columns) + 5]) == ipk)
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:4971:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
count = atoi (results[(i * columns) + 0]);
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:4997:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dummy[64];
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:5016:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (dummy, "%lld", topolayer_id);
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:5045:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
notnull = atoi (results[(i * columns) + 3]);
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:6090:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dummy[64];
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:6128:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (dummy, "%lld", topolayer_id);
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:6201:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dummy[64];
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:6233:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (dummy, "%lld", *topolayer_id);
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:6255:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
notnull = atoi (results[(i * columns) + 3]);
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:6296:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (geometry_name, "geometry");
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:6297:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (dummy, "%lld", *topolayer_id);
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:6304:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (dummy, "geom_%d", ++geom_alias);
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:6316:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (dummy, "%lld", *topolayer_id);
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:6399:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
nodes = atoi (results[(i * columns) + 0]);
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:6400:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
edges = atoi (results[(i * columns) + 1]);
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:6401:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
faces = atoi (results[(i * columns) + 2]);
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:7079:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
type = atoi (results[(i * columns) + 0]);
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:7149:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dummy[64];
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:7179:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (dummy, "%lld", *topolayer_id);
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:7227:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (geometry_name, "geometry");
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:7228:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (dummy, "%lld", *topolayer_id);
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:7235:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (dummy, "geom_%d", ++geom_alias);
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:7244:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (dummy, "%lld", *topolayer_id);
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:7939:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
count = atoi (results[(i * columns) + 0]);
data/spatialite-5.0.0/src/topology/gaia_network.c:231:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
network_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/topology/gaia_network.c:277:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
network_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/topology/gaia_network.c:361:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
network_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/topology/gaia_network.c:436:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
network_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/topology/gaia_network.c:455:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[1]);
data/spatialite-5.0.0/src/topology/gaia_network.c:560:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char xid[80];
data/spatialite-5.0.0/src/topology/gaia_network.c:587:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
net_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/topology/gaia_network.c:612:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[2]);
data/spatialite-5.0.0/src/topology/gaia_network.c:637:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (xid, "%lld", node_id);
data/spatialite-5.0.0/src/topology/gaia_network.c:732:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char xid[80];
data/spatialite-5.0.0/src/topology/gaia_network.c:747:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
network_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/topology/gaia_network.c:762:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (xid, "%lld", node_id);
data/spatialite-5.0.0/src/topology/gaia_network.c:842:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
network_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/topology/gaia_network.c:873:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[3]);
data/spatialite-5.0.0/src/topology/gaia_network.c:975:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char xid[80];
data/spatialite-5.0.0/src/topology/gaia_network.c:1002:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
network_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/topology/gaia_network.c:1027:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[2]);
data/spatialite-5.0.0/src/topology/gaia_network.c:1053:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (xid, "%lld", link_id);
data/spatialite-5.0.0/src/topology/gaia_network.c:1142:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char xid[80];
data/spatialite-5.0.0/src/topology/gaia_network.c:1157:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
network_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/topology/gaia_network.c:1172:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (xid, "%lld", link_id);
data/spatialite-5.0.0/src/topology/gaia_network.c:1239:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
network_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/topology/gaia_network.c:1319:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
network_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/topology/gaia_network.c:1411:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
network_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/topology/gaia_network.c:1433:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[2]);
data/spatialite-5.0.0/src/topology/gaia_network.c:1558:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
network_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/topology/gaia_network.c:1580:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[2]);
data/spatialite-5.0.0/src/topology/gaia_network.c:1694:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
network_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/topology/gaia_network.c:1773:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
network_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/topology/gaia_network.c:1861:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (results[(i * columns) + 0]) > 0)
data/spatialite-5.0.0/src/topology/gaia_network.c:1885:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (results[(i * columns) + 0]) > 0)
data/spatialite-5.0.0/src/topology/gaia_network.c:1983:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
network_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/topology/gaia_network.c:1989:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
topo_name = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/topology/gaia_network.c:2159:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
network_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/topology/gaia_network.c:2165:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
topo_name = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/topology/gaia_network.c:2268:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
network_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/topology/gaia_network.c:2351:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
network_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/topology/gaia_network.c:2443:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
network_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/topology/gaia_network.c:2577:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
network_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/topology/gaia_network.c:2584:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[1]);
data/spatialite-5.0.0/src/topology/gaia_network.c:2723:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
network_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/topology/gaia_network.c:2730:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[1]);
data/spatialite-5.0.0/src/topology/gaia_network.c:2914:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
xtype = atoi (results[(i * columns) + 2]);
data/spatialite-5.0.0/src/topology/gaia_network.c:2915:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
xsrid = atoi (results[(i * columns) + 3]);
data/spatialite-5.0.0/src/topology/gaia_network.c:3029:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
network_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/topology/gaia_network.c:3035:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
db_prefix = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/topology/gaia_network.c:3039:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
table = (const char *) sqlite3_value_text (argv[2]);
data/spatialite-5.0.0/src/topology/gaia_network.c:3045:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
column = (const char *) sqlite3_value_text (argv[3]);
data/spatialite-5.0.0/src/topology/gaia_network.c:3255:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
network_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/topology/gaia_network.c:3261:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
db_prefix = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/topology/gaia_network.c:3265:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
ref_table = (const char *) sqlite3_value_text (argv[2]);
data/spatialite-5.0.0/src/topology/gaia_network.c:3271:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
ref_column = (const char *) sqlite3_value_text (argv[3]);
data/spatialite-5.0.0/src/topology/gaia_network.c:3277:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
out_table = (const char *) sqlite3_value_text (argv[4]);
data/spatialite-5.0.0/src/topology/gaia_network.c:3435:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
network_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/topology/gaia_network.c:3441:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
db_prefix = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/topology/gaia_network.c:3445:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
ref_table = (const char *) sqlite3_value_text (argv[2]);
data/spatialite-5.0.0/src/topology/gaia_network.c:3451:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
ref_column = (const char *) sqlite3_value_text (argv[3]);
data/spatialite-5.0.0/src/topology/gaia_network.c:3457:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
out_table = (const char *) sqlite3_value_text (argv[4]);
data/spatialite-5.0.0/src/topology/gaia_network.c:3983:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
db_prefix = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/topology/gaia_network.c:3989:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
in_network_name = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/topology/gaia_network.c:3995:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
out_network_name = (const char *) sqlite3_value_text (argv[2]);
data/spatialite-5.0.0/src/topology/gaia_network.c:4102:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
network_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/topology/gaia_network.c:4188:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
network_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/topology/gaia_network.c:4276:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
network_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/topology/gaia_network.c:4374:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
network_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/topology/gaia_network.c:4380:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
db_prefix = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/topology/gaia_network.c:4384:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
ref_table = (const char *) sqlite3_value_text (argv[2]);
data/spatialite-5.0.0/src/topology/gaia_network.c:4390:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
ref_column = (const char *) sqlite3_value_text (argv[3]);
data/spatialite-5.0.0/src/topology/gaia_network.c:4396:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
out_table = (const char *) sqlite3_value_text (argv[4]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:324:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
topo_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:422:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
topo_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:507:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
topo_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:583:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
topo_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:600:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[2]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:693:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char xid[80];
data/spatialite-5.0.0/src/topology/gaia_topology.c:719:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
topo_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:732:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[2]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:762:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (xid, "%lld", node_id);
data/spatialite-5.0.0/src/topology/gaia_topology.c:839:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char xid[80];
data/spatialite-5.0.0/src/topology/gaia_topology.c:853:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
topo_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:868:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (xid, "%lld", node_id);
data/spatialite-5.0.0/src/topology/gaia_topology.c:949:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
topo_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:968:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[3]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:1061:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char xid[80];
data/spatialite-5.0.0/src/topology/gaia_topology.c:1075:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
topo_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:1090:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (xid, "%lld", edge_id);
data/spatialite-5.0.0/src/topology/gaia_topology.c:1158:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
topo_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:1231:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
topo_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:1292:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char xid[80];
data/spatialite-5.0.0/src/topology/gaia_topology.c:1318:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
topo_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:1331:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[2]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:1361:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (xid, "%lld", edge_id);
data/spatialite-5.0.0/src/topology/gaia_topology.c:1460:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
topo_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:1473:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[2]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:1590:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
topo_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:1603:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[2]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:1724:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
topo_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:1743:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[3]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:1861:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
topo_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:1880:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[3]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:1986:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
topo_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:2066:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
topo_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:2154:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
topo_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:2234:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
topo_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:2317:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (results[(i * columns) + 0]) > 0)
data/spatialite-5.0.0/src/topology/gaia_topology.c:2341:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (results[(i * columns) + 0]) > 0)
data/spatialite-5.0.0/src/topology/gaia_topology.c:2367:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (results[(i * columns) + 0]) > 0)
data/spatialite-5.0.0/src/topology/gaia_topology.c:2401:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
topo_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:2489:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
topo_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:2622:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
topo_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:2629:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[1]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:2755:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
topo_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:2762:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[1]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:2887:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
topo_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:2894:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[1]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:2996:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char xnode_id[64];
data/spatialite-5.0.0/src/topology/gaia_topology.c:3022:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
topo_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:3029:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[1]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:3083:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (xnode_id, "%lld", node_id);
data/spatialite-5.0.0/src/topology/gaia_topology.c:3168:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char xedge_id[64];
data/spatialite-5.0.0/src/topology/gaia_topology.c:3197:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
topo_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:3204:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[1]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:3262:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (xedge_id, "%lld", edge_ids[i]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:3412:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char xedge_id[64];
data/spatialite-5.0.0/src/topology/gaia_topology.c:3442:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
topo_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:3449:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[1]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:3518:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (xedge_id, "%lld", edge_ids[i]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:3614:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
topo_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:3736:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
topo_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:3743:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[1]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:3918:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
xtype = atoi (results[(i * columns) + 2]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:3919:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
xsrid = atoi (results[(i * columns) + 3]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:4189:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
topo_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:4195:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
db_prefix = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:4201:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
table = (const char *) sqlite3_value_text (argv[2]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:4207:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
column = (const char *) sqlite3_value_text (argv[3]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:4213:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
outtable = (const char *) sqlite3_value_text (argv[4]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:4409:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:4531:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
topo_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:4537:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
db_prefix = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:4543:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
table = (const char *) sqlite3_value_text (argv[2]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:4549:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
column = (const char *) sqlite3_value_text (argv[3]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:4759:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
topo_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:4765:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
db_prefix = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:4771:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
table = (const char *) sqlite3_value_text (argv[2]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:4777:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
column = (const char *) sqlite3_value_text (argv[3]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:4994:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (value) != 0)
data/spatialite-5.0.0/src/topology/gaia_topology.c:5026:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int notnull = atoi (results[(i * columns) + 3]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:5027:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int pk = atoi (results[(i * columns) + 5]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:5159:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (value) != 0)
data/spatialite-5.0.0/src/topology/gaia_topology.c:5186:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int notnull = atoi (results[(i * columns) + 3]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:5187:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int pk = atoi (results[(i * columns) + 5]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:5423:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
topo_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:5429:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
db_prefix = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:5435:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
table = (const char *) sqlite3_value_text (argv[2]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:5441:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
column = (const char *) sqlite3_value_text (argv[3]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:5447:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
dustbin_table = (const char *) sqlite3_value_text (argv[4]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:5453:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
dustbin_view = (const char *) sqlite3_value_text (argv[5]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:5759:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
topo_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:5765:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
db_prefix = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:5771:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
table = (const char *) sqlite3_value_text (argv[2]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:5777:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
column = (const char *) sqlite3_value_text (argv[3]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:5783:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
dustbin_table = (const char *) sqlite3_value_text (argv[4]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:5789:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
dustbin_view = (const char *) sqlite3_value_text (argv[5]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:6149:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
topo_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:6155:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
db_prefix = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:6159:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
ref_table = (const char *) sqlite3_value_text (argv[2]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:6165:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
ref_column = (const char *) sqlite3_value_text (argv[3]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:6171:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
out_table = (const char *) sqlite3_value_text (argv[4]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:6315:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
topo_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:6321:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
db_prefix = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:6325:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
ref_table = (const char *) sqlite3_value_text (argv[2]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:6331:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
ref_column = (const char *) sqlite3_value_text (argv[3]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:6337:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
out_table = (const char *) sqlite3_value_text (argv[4]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:6485:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
topo_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:6491:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
db_prefix = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:6495:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
ref_table = (const char *) sqlite3_value_text (argv[2]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:6501:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
ref_column = (const char *) sqlite3_value_text (argv[3]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:6507:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
out_table = (const char *) sqlite3_value_text (argv[4]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:6662:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
topo_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:6668:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
db_prefix = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:6672:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
ref_table = (const char *) sqlite3_value_text (argv[2]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:6678:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
ref_column = (const char *) sqlite3_value_text (argv[3]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:6684:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
out_table = (const char *) sqlite3_value_text (argv[4]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:6835:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
topo_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:6927:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
topo_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:6994:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
topo_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:7060:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
topo_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:7136:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
topo_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:7217:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
topo_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:7336:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
topo_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:7957:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
db_prefix = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:7963:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
in_topo_name = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:7969:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
out_topo_name = (const char *) sqlite3_value_text (argv[2]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:8075:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
topo_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:8162:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
topo_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:8240:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
topo_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:8313:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
topo_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:8411:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:8419:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
topo_name = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:8555:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p_blob = (unsigned char *) sqlite3_value_blob (argv[0]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:8563:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
topo_name = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:8698:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
count = atoi (results[(i * columns) + 0]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:8839:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
topo_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:8845:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
db_prefix = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:8849:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
ref_table = (const char *) sqlite3_value_text (argv[2]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:8855:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
ref_column = (const char *) sqlite3_value_text (argv[3]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:8861:26: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
topolayer_name = (const char *) sqlite3_value_text (argv[4]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:9038:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
topo_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:9044:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
db_prefix = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:9048:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
ref_table = (const char *) sqlite3_value_text (argv[2]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:9054:26: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
topolayer_name = (const char *) sqlite3_value_text (argv[3]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:9144:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
topo_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:9150:26: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
topolayer_name = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:9237:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
topo_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:9243:26: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
topolayer_name = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:9249:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
out_table = (const char *) sqlite3_value_text (argv[2]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:9361:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
topo_name = (const char *) sqlite3_value_text (argv[0]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:9367:26: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
topolayer_name = (const char *) sqlite3_value_text (argv[1]);
data/spatialite-5.0.0/src/topology/gaia_topology.c:9373:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
out_table = (const char *) sqlite3_value_text (argv[2]);
data/spatialite-5.0.0/src/topology/topo_callbacks.c:3855:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
count = atoi (results[(i * columns) + 0]);
data/spatialite-5.0.0/src/virtualtext/virtualtext.c:165:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[2048];
data/spatialite-5.0.0/src/virtualtext/virtualtext.c:166:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char encoding[128];
data/spatialite-5.0.0/src/virtualtext/virtualtext.c:177:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sql[65535];
data/spatialite-5.0.0/src/virtualtext/virtualtext.c:181:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dummyName[4096];
data/spatialite-5.0.0/src/virtualtext/virtualtext.c:296:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, ", ");
data/spatialite-5.0.0/src/virtualtext/virtualtext.c:307:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (dummyName, "DUPCOL_%d", seed++);
data/spatialite-5.0.0/src/virtualtext/virtualtext.c:313:8: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, " INTEGER");
data/spatialite-5.0.0/src/virtualtext/virtualtext.c:315:8: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, " DOUBLE");
data/spatialite-5.0.0/src/virtualtext/virtualtext.c:317:8: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, " TEXT");
data/spatialite-5.0.0/src/virtualtext/virtualtext.c:353:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[2048];
data/spatialite-5.0.0/src/virtualtext/virtualtext.c:354:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/spatialite-5.0.0/src/virtualtext/virtualtext.c:367:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buf, "%d:%d,", pIndex->aConstraint[i].iColumn,
data/spatialite-5.0.0/src/virtualtext/virtualtext.c:460:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/spatialite-5.0.0/src/virtualtext/virtualtext.c:493:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*iColumn = atoi (buf);
data/spatialite-5.0.0/src/virtualtext/virtualtext.c:494:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*op = atoi (buf + i + 1);
data/spatialite-5.0.0/src/virtualtext/virtualtext.c:508:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4096];
data/spatialite-5.0.0/src/virtualtext/virtualtext.c:779:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(char *) sqlite3_value_text (argv[i]));
data/spatialite-5.0.0/src/virtualtext/virtualtext.c:844:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4096];
data/spatialite-5.0.0/src/virtualtext/virtualtext.c:1057:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *in = fopen (path, "rb"); /* opening the input file */
data/spatialite-5.0.0/src/virtualtext/virtualtext.c:1468:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (txt->field_buffer, txt->line_buffer + off, len);
data/spatialite-5.0.0/src/virtualtext/virtualtext.c:1475:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (txt->field_buffer, "empty");
data/spatialite-5.0.0/src/virtualtext/virtualtext.c:1543:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (new_buf, txt->line_buffer, txt->current_buf_off);
data/spatialite-5.0.0/src/virtualtext/virtualtext.c:1615:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[64];
data/spatialite-5.0.0/src/virtualtext/virtualtext.c:1763:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (name, "COL%03d", ind + 1);
data/spatialite-5.0.0/src/virtualtext/virtualtext.c:1778:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (name, "COL%03d", ind + 1);
data/spatialite-5.0.0/src/virtualtext/virtualtext.c:1904:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (txt->field_buffer, txt->line_buffer + txt->field_offsets[field_idx],
data/spatialite-5.0.0/src/wfs/wfs_in.c:919:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char out[65536];
data/spatialite-5.0.0/src/wfs/wfs_in.c:1359:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char xx[2];
data/spatialite-5.0.0/src/wfs/wfs_in.c:2125:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
return atoi (p + 1);
data/spatialite-5.0.0/src/wfs/wfs_in.c:2140:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
return atoi ((const char *) (node->content));
data/spatialite-5.0.0/src/wfs/wfs_in.c:2245:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pk_candidate[1024];
data/spatialite-5.0.0/src/wfs/wfs_in.c:2299:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char auto_pk_name[1024];
data/spatialite-5.0.0/src/wfs/wfs_in.c:2312:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (auto_pk_name, "pk_uid");
data/spatialite-5.0.0/test/check_bufovflw.c:58:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nam[1000];
data/spatialite-5.0.0/test/check_bufovflw.c:110:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char frmt[2048];
data/spatialite-5.0.0/test/check_bufovflw.c:911:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (frmt, "<Placemark><name>%s</name><description>%s</description>"
data/spatialite-5.0.0/test/check_bufovflw.c:915:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (frmt, "<Polygon><outerBoundaryIs><LinearRing><coordinates>"
data/spatialite-5.0.0/test/check_bufovflw.c:961:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (frmt, "<Placemark><name>%s</name><description>%s</description>"
data/spatialite-5.0.0/test/check_bufovflw.c:965:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (frmt, "<Polygon><outerBoundaryIs><LinearRing><coordinates>"
data/spatialite-5.0.0/test/check_bufovflw.c:1013:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (frmt,
data/spatialite-5.0.0/test/check_bufovflw.c:1019:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (frmt,
data/spatialite-5.0.0/test/check_bufovflw.c:1062:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (frmt,
data/spatialite-5.0.0/test/check_bufovflw.c:1069:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (frmt,
data/spatialite-5.0.0/test/check_create.c:58:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[64];
data/spatialite-5.0.0/test/check_create.c:70:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (msg, "Err%d", i);
data/spatialite-5.0.0/test/check_create.c:72:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (msg, "Warn%d", i);
data/spatialite-5.0.0/test/check_create.c:74:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (msg, "Aux%d", i);
data/spatialite-5.0.0/test/check_create.c:83:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (msg, "Err%d", i);
data/spatialite-5.0.0/test/check_create.c:96:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (msg, "Warn%d", i);
data/spatialite-5.0.0/test/check_create.c:111:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (msg, "Aux%d", i);
data/spatialite-5.0.0/test/check_endian.c:60:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf_in[8];
data/spatialite-5.0.0/test/check_endian.c:61:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf_out[8];
data/spatialite-5.0.0/test/check_exif.c:192:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tag_name[128];
data/spatialite-5.0.0/test/check_exif.c:193:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char human[8192];
data/spatialite-5.0.0/test/check_exif.c:219:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fl = fopen ("sql_stmt_tests/DSC_1467.JPG", "rb");
data/spatialite-5.0.0/test/check_exif.c:367:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fl = fopen ("sql_stmt_tests/DSCN0042.JPG", "rb");
data/spatialite-5.0.0/test/check_exif.c:554:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fl = fopen ("sql_stmt_tests/La_folla_durante_il_Palio.jpg", "rb");
data/spatialite-5.0.0/test/check_exif2.c:191:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tag_name[128];
data/spatialite-5.0.0/test/check_exif2.c:192:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char human[8192];
data/spatialite-5.0.0/test/check_exif2.c:218:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fl = fopen ("Apple-iPhone-4.jpg", "rb");
data/spatialite-5.0.0/test/check_gpkgConvert.c:149:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *in = fopen (path, "rb");
data/spatialite-5.0.0/test/check_libxml2.c:83:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fl = fopen ("books-bad.xml", "rb");
data/spatialite-5.0.0/test/check_libxml2.c:127:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fl = fopen ("books.xml", "rb");
data/spatialite-5.0.0/test/check_libxml2.c:172:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fl = fopen (path, "rb");
data/spatialite-5.0.0/test/check_libxml2.c:255:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fl = fopen (path, "rb");
data/spatialite-5.0.0/test/check_libxml2.c:471:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fl = fopen (path, "rb");
data/spatialite-5.0.0/test/check_libxml2.c:662:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fl = fopen (path, "rb");
data/spatialite-5.0.0/test/check_map_config.c:92:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fl = fopen (path, "rb");
data/spatialite-5.0.0/test/check_map_config.c:124:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (p_out, "%02x", *p_in);
data/spatialite-5.0.0/test/check_mbrcache.c:519:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sql[1024];
data/spatialite-5.0.0/test/check_mbrcache.c:520:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (sql,
data/spatialite-5.0.0/test/check_mbrcache.c:534:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sql[1024];
data/spatialite-5.0.0/test/check_mbrcache.c:535:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (sql,
data/spatialite-5.0.0/test/check_mbrcache.c:549:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sql[1024];
data/spatialite-5.0.0/test/check_mbrcache.c:550:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (sql, "DELETE FROM pt WHERE id = %d;", pt);
data/spatialite-5.0.0/test/check_md5.c:60:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sql[256];
data/spatialite-5.0.0/test/check_md5.c:118:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (sql, "INSERT INTO test (id, name, geom) VALUES "
data/spatialite-5.0.0/test/check_md5.c:134:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql,
data/spatialite-5.0.0/test/check_md5.c:174:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "SELECT MD5TotalChecksum(geom) FROM test");
data/spatialite-5.0.0/test/check_md5.c:199:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql,
data/spatialite-5.0.0/test/check_md5.c:239:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "SELECT MD5TotalChecksum(name) FROM test");
data/spatialite-5.0.0/test/check_multithread.c:263:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (*line, tmp_line, end);
data/spatialite-5.0.0/test/check_multithread.c:280:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
prcsn = atoi (&(expected_result[i + 1]));
data/spatialite-5.0.0/test/check_multithread.c:300:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen (filepath, "r");
data/spatialite-5.0.0/test/check_multithread.c:308:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
data->expected_rows = atoi (tmp);
data/spatialite-5.0.0/test/check_multithread.c:311:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
data->expected_columns = atoi (tmp);
data/spatialite-5.0.0/test/check_multithread.c:897:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
num_threads = atoi (env_var);
data/spatialite-5.0.0/test/check_sequence.c:89:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (results[1]) != cnt)
data/spatialite-5.0.0/test/check_sequence.c:119:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (results[1]) != cnt)
data/spatialite-5.0.0/test/check_sequence.c:163:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (results[1]) != abs (value))
data/spatialite-5.0.0/test/check_sequence.c:211:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (results[9]) != cnt)
data/spatialite-5.0.0/test/check_sequence.c:217:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (results[10]) != cnt + 1000)
data/spatialite-5.0.0/test/check_sequence.c:223:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (results[11]) != cnt)
data/spatialite-5.0.0/test/check_sequence.c:229:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (results[12]) != cnt + 1000)
data/spatialite-5.0.0/test/check_sequence.c:235:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (results[13]) != cnt + 100)
data/spatialite-5.0.0/test/check_sequence.c:241:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (results[14]) != cnt + 100)
data/spatialite-5.0.0/test/check_sequence.c:247:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (results[15]) != cnt + 10000)
data/spatialite-5.0.0/test/check_sequence.c:265:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (results[16]) != cnt - 1)
data/spatialite-5.0.0/test/check_sequence.c:273:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (results[17]) != cnt)
data/spatialite-5.0.0/test/check_shp_load_3d.c:637:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (results[columns + 0]) != 18)
data/spatialite-5.0.0/test/check_spatialindex.c:400:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sql[1024];
data/spatialite-5.0.0/test/check_spatialindex.c:944:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "SELECT Count(*) FROM Councils WHERE ROWID IN (");
data/spatialite-5.0.0/test/check_spatialindex.c:945:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "SELECT ROWID FROM SpatialIndex WHERE ");
data/spatialite-5.0.0/test/check_spatialindex.c:946:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "f_table_name = 'Councils' AND search_frame = ");
data/spatialite-5.0.0/test/check_spatialindex.c:947:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "BuildMbr(10, 10, 20, 20));");
data/spatialite-5.0.0/test/check_spatialindex.c:956:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sql, "SELECT Count(*) FROM Councils WHERE ROWID IN (");
data/spatialite-5.0.0/test/check_spatialindex.c:957:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "SELECT ROWID FROM SpatialIndex WHERE ");
data/spatialite-5.0.0/test/check_spatialindex.c:958:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "f_table_name = 'Councils' AND f_geometry_column = ");
data/spatialite-5.0.0/test/check_spatialindex.c:959:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "'geom' AND search_frame = BuildCircleMbr(1019000, ");
data/spatialite-5.0.0/test/check_spatialindex.c:960:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (sql, "4592000, 10000));");
data/spatialite-5.0.0/test/check_sql_stmt.h:135:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (conn->db_path, database_name, len - 3);
data/spatialite-5.0.0/test/check_sql_stmt.h:141:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (conn->db_path, ":memory:");
data/spatialite-5.0.0/test/check_sql_stmt.h:428:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (*line, tmp_line, end);
data/spatialite-5.0.0/test/check_sql_stmt.h:445:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
prcsn = atoi (&(expected_result[i + 1]));
data/spatialite-5.0.0/test/check_sql_stmt.h:465:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen (filepath, "r");
data/spatialite-5.0.0/test/check_sql_stmt.h:472:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
data->expected_rows = atoi (tmp);
data/spatialite-5.0.0/test/check_sql_stmt.h:475:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
data->expected_columns = atoi (tmp);
data/spatialite-5.0.0/test/check_stored_proc.c:87:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (*(results + 1)) != 1)
data/spatialite-5.0.0/test/check_stored_proc.c:231:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (*(results + 1)) != 1)
data/spatialite-5.0.0/test/check_stored_proc.c:260:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (*(results + 1)) != 1)
data/spatialite-5.0.0/test/check_stored_proc.c:289:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (*(results + 1)) != 0)
data/spatialite-5.0.0/test/check_stored_proc.c:318:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (*(results + 1)) != 1)
data/spatialite-5.0.0/test/check_stored_proc.c:348:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (*(results + 1)) != 0)
data/spatialite-5.0.0/test/check_stored_proc.c:379:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (*(results + 1)) != 1)
data/spatialite-5.0.0/test/check_stored_proc.c:453:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (*(results + 1)) != 0)
data/spatialite-5.0.0/test/check_stored_proc.c:480:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (*(results + 1)) != 1)
data/spatialite-5.0.0/test/check_stored_proc.c:509:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (*(results + 1)) != 1)
data/spatialite-5.0.0/test/check_stored_proc.c:551:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (*(results + 1)) != 1)
data/spatialite-5.0.0/test/check_stored_proc.c:579:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (*(results + 1)) != 1)
data/spatialite-5.0.0/test/check_stored_proc.c:608:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (*(results + 1)) != 0)
data/spatialite-5.0.0/test/check_stored_proc.c:637:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (*(results + 1)) != 1)
data/spatialite-5.0.0/test/check_stored_proc.c:665:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (*(results + 1)) != 0)
data/spatialite-5.0.0/test/check_stored_proc.c:693:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (*(results + 1)) != 1)
data/spatialite-5.0.0/test/check_stored_proc.c:846:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (*(results + 1)) != 0)
data/spatialite-5.0.0/test/check_stored_proc.c:873:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (*(results + 1)) != 1)
data/spatialite-5.0.0/test/check_stored_proc.c:990:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (*(results + 1)) != 1)
data/spatialite-5.0.0/test/check_stored_proc.c:1100:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (*(results + 1)) != 1)
data/spatialite-5.0.0/test/check_stored_proc.c:1156:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (*(results + 1)) != 1)
data/spatialite-5.0.0/test/check_stored_proc.c:1200:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (*(results + 1)) != 1)
data/spatialite-5.0.0/test/check_stored_proc.c:1216:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (*(results + 1)) != 1)
data/spatialite-5.0.0/test/check_stored_proc.c:1257:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (*(results + 1)) != 1)
data/spatialite-5.0.0/test/check_stored_proc.c:1390:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (*(results + 1)) != 1)
data/spatialite-5.0.0/test/check_stored_proc.c:1409:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (*(results + 1)) != 1234567890)
data/spatialite-5.0.0/test/check_stored_proc.c:1590:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (*(results + 1)) != 1)
data/spatialite-5.0.0/test/check_stored_proc.c:1654:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (*(results + 1)) != 1234567890)
data/spatialite-5.0.0/test/check_stored_proc.c:1784:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (*(results + 1)) != 1)
data/spatialite-5.0.0/test/check_stored_proc.c:1812:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (*(results + 1)) != 125)
data/spatialite-5.0.0/test/check_stored_proc.c:1869:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (*(results + 1)) != 1)
data/spatialite-5.0.0/test/check_stored_proc.c:1897:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (*(results + 1)) != 250)
data/spatialite-5.0.0/test/check_stored_proc.c:1999:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (*(results + 1)) != 1)
data/spatialite-5.0.0/test/check_stored_proc.c:2060:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (*(results + 1)) != 1)
data/spatialite-5.0.0/test/check_styling.c:93:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fl = fopen (path, "rb");
data/spatialite-5.0.0/test/check_styling.c:121:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fl = fopen (path, "rb");
data/spatialite-5.0.0/test/check_styling.c:153:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (p_out, "%02x", *p_in);
data/spatialite-5.0.0/test/check_tempgeom.c:74:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
retval = atoi (results[1]);
data/spatialite-5.0.0/test/check_toponoface2d.c:342:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (results[(i * columns) + 0]) > 0)
data/spatialite-5.0.0/test/check_toponoface2d.c:448:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (results[(i * columns) + 0]) > 0)
data/spatialite-5.0.0/test/check_toponoface2d.c:555:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (results[(i * columns) + 0]) > 0)
data/spatialite-5.0.0/test/check_topoplus.c:190:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
changed_links = atoi (value);
data/spatialite-5.0.0/test/check_topoplus.c:338:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
changed_edges = atoi (value);
data/spatialite-5.0.0/test/check_toposnap.c:181:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (results[(i * columns) + 0]) > 0)
data/spatialite-5.0.0/test/check_virtualxpath.c:70:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fl = fopen (path, "rb");
data/spatialite-5.0.0/test/check_wms.c:84:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (*(results + 1)) != 1)
data/spatialite-5.0.0/test/check_wms.c:115:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (*(results + 1)) != 1)
data/spatialite-5.0.0/test/check_wms.c:147:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (*(results + 1)) != 1)
data/spatialite-5.0.0/test/check_wms.c:179:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (*(results + 1)) != 1)
data/spatialite-5.0.0/test/check_wms.c:210:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (*(results + 1)) != 1)
data/spatialite-5.0.0/test/check_wms.c:239:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (*(results + 1)) != 1)
data/spatialite-5.0.0/test/check_wms.c:268:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (*(results + 1)) != 1)
data/spatialite-5.0.0/test/check_wms.c:298:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (*(results + 1)) != 1)
data/spatialite-5.0.0/test/check_wms.c:328:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (*(results + 1)) != 1)
data/spatialite-5.0.0/test/check_wms.c:357:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (*(results + 1)) != 1)
data/spatialite-5.0.0/test/check_wms.c:388:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (*(results + 1)) != 1 || atoi (*(results + 2)) != 1)
data/spatialite-5.0.0/test/check_wms.c:388:39: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (*(results + 1)) != 1 || atoi (*(results + 2)) != 1)
data/spatialite-5.0.0/test/check_wms.c:417:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (*(results + 1)) != 1)
data/spatialite-5.0.0/test/check_wms.c:447:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (*(results + 1)) != 1 || atoi (*(results + 2)) != 1)
data/spatialite-5.0.0/test/check_wms.c:447:39: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (*(results + 1)) != 1 || atoi (*(results + 2)) != 1)
data/spatialite-5.0.0/test/check_wms.c:476:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (*(results + 1)) != 1)
data/spatialite-5.0.0/test/check_wms.c:505:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (*(results + 1)) != 1)
data/spatialite-5.0.0/test/check_wms.c:536:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (*(results + 1)) != 1)
data/spatialite-5.0.0/test/check_wms.c:567:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (*(results + 1)) != 1)
data/spatialite-5.0.0/test/check_wms.c:597:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (*(results + 1)) != 1)
data/spatialite-5.0.0/test/check_wms.c:627:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (*(results + 1)) != 1)
data/spatialite-5.0.0/test/check_wms.c:657:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (*(results + 1)) != 1)
data/spatialite-5.0.0/test/check_wms.c:687:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (*(results + 1)) != 1)
data/spatialite-5.0.0/test/check_wms.c:717:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (*(results + 1)) != 1)
data/spatialite-5.0.0/test/check_wms.c:748:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (*(results + 1)) != 1)
data/spatialite-5.0.0/test/check_wms.c:779:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (*(results + 1)) != 1)
data/spatialite-5.0.0/test/check_wms.c:809:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (*(results + 1)) != 1)
data/spatialite-5.0.0/test/check_wms.c:839:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (*(results + 1)) != 1)
data/spatialite-5.0.0/test/check_wms.c:869:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (*(results + 1)) != 1)
data/spatialite-5.0.0/test/check_wms.c:1057:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (*(results + 1)) != 0)
data/spatialite-5.0.0/test/check_wms.c:1087:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (*(results + 1)) != 1)
data/spatialite-5.0.0/test/check_wms.c:1116:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (*(results + 1)) != 1)
data/spatialite-5.0.0/test/check_wms.c:1145:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (*(results + 1)) != 1)
data/spatialite-5.0.0/test/scandir4win.h:23:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char d_name[MAXNAMLEN + 1]; /* name of directory entry (0 terminated) */
data/spatialite-5.0.0/test/scandir4win.h:64:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[FILENAME_MAX];
data/spatialite-5.0.0/test/scandir4win.h:74:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (path, "*.*");
data/spatialite-5.0.0/test/scandir4win.h:120:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (plist[numentries], &d, sizeof d);
data/spatialite-5.0.0/test/shape_3d.c:57:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nam[1000];
data/spatialite-5.0.0/test/shape_primitives.c:58:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nam[1000];
data/spatialite-5.0.0/test/shape_primitives.c:898:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
value = atoi (results[(i * columns) + 0]);
data/spatialite-5.0.0/test/shape_utf8_1.c:58:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nam[1000];
data/spatialite-5.0.0/test/shape_utf8_1ex.c:58:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nam[1000];
data/spatialite-5.0.0/examples/demo1.c:150:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (table_name);
data/spatialite-5.0.0/examples/demo1.c:179:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/examples/demo3.c:174:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/examples/demo4.c:174:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/connection_cache/alloc_cache.c:152:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (msg);
data/spatialite-5.0.0/src/connection_cache/alloc_cache.c:183:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (msg);
data/spatialite-5.0.0/src/connection_cache/alloc_cache.c:215:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (msg) > 0)
data/spatialite-5.0.0/src/connection_cache/alloc_cache.c:219:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (msg);
data/spatialite-5.0.0/src/connection_cache/alloc_cache.c:256:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (msg) > 0)
data/spatialite-5.0.0/src/connection_cache/alloc_cache.c:261:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (msg);
data/spatialite-5.0.0/src/connection_cache/alloc_cache.c:537:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = strlen (exe_path) - 1; i >= 0; i--)
data/spatialite-5.0.0/src/connection_cache/alloc_cache.c:765:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen (table);
data/spatialite-5.0.0/src/connection_cache/alloc_cache.c:1065:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (msg);
data/spatialite-5.0.0/src/connection_cache/alloc_cache.c:1089:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (msg);
data/spatialite-5.0.0/src/connection_cache/alloc_cache.c:1113:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (msg);
data/spatialite-5.0.0/src/connection_cache/alloc_cache.c:1182:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p += strlen (ref2);
data/spatialite-5.0.0/src/connection_cache/alloc_cache.c:1185:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p += strlen (ref);
data/spatialite-5.0.0/src/connection_cache/alloc_cache.c:1190:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p += strlen (px) + 1;
data/spatialite-5.0.0/src/connection_cache/alloc_cache.c:1577:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (proj_string_1);
data/spatialite-5.0.0/src/connection_cache/alloc_cache.c:1584:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (proj_string_2);
data/spatialite-5.0.0/src/connection_cache/gg_sequence.c:90:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen (seq_name);
data/spatialite-5.0.0/src/cutter/gaia_cutter.c:358:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (value);
data/spatialite-5.0.0/src/cutter/gaia_cutter.c:511:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (name);
data/spatialite-5.0.0/src/cutter/gaia_cutter.c:515:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (type);
data/spatialite-5.0.0/src/cutter/gaia_cutter.c:733:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen (value);
data/spatialite-5.0.0/src/cutter/gaia_cutter.c:888:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen (value);
data/spatialite-5.0.0/src/cutter/gaia_cutter.c:1009:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/cutter/gaia_cutter.c:1239:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
idx_prefix = malloc (strlen (db_prefix) + 1);
data/spatialite-5.0.0/src/cutter/gaia_cutter.c:1731:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/cutter/gaia_cutter.c:1814:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (var->value.textValue),
data/spatialite-5.0.0/src/cutter/gaia_cutter.c:1914:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (var->value.textValue),
data/spatialite-5.0.0/src/cutter/gaia_cutter.c:2204:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (var->value.textValue),
data/spatialite-5.0.0/src/cutter/gaia_cutter.c:2239:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (var->value.textValue),
data/spatialite-5.0.0/src/cutter/gaia_cutter.c:2347:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/cutter/gaia_cutter.c:2405:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/cutter/gaia_cutter.c:2909:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (var->value.textValue),
data/spatialite-5.0.0/src/cutter/gaia_cutter.c:2948:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (var->value.textValue),
data/spatialite-5.0.0/src/cutter/gaia_cutter.c:3042:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (var->value.textValue),
data/spatialite-5.0.0/src/cutter/gaia_cutter.c:3080:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (var->value.textValue),
data/spatialite-5.0.0/src/cutter/gaia_cutter.c:3290:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt_main, NULL);
data/spatialite-5.0.0/src/cutter/gaia_cutter.c:3331:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt_input, NULL);
data/spatialite-5.0.0/src/cutter/gaia_cutter.c:3372:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt_blade, NULL);
data/spatialite-5.0.0/src/cutter/gaia_cutter.c:3433:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt_tmp, NULL);
data/spatialite-5.0.0/src/cutter/gaia_cutter.c:3447:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt_nodes, NULL);
data/spatialite-5.0.0/src/cutter/gaia_cutter.c:3729:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (var->value.textValue),
data/spatialite-5.0.0/src/cutter/gaia_cutter.c:3916:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt_blades, NULL);
data/spatialite-5.0.0/src/cutter/gaia_cutter.c:3996:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt_in, NULL);
data/spatialite-5.0.0/src/cutter/gaia_cutter.c:4017:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt_upd, NULL);
data/spatialite-5.0.0/src/cutter/gaia_cutter.c:4190:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (var->value.textValue),
data/spatialite-5.0.0/src/cutter/gaia_cutter.c:4229:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (var->value.textValue),
data/spatialite-5.0.0/src/cutter/gaia_cutter.c:4305:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (var->value.textValue),
data/spatialite-5.0.0/src/cutter/gaia_cutter.c:4343:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (var->value.textValue),
data/spatialite-5.0.0/src/cutter/gaia_cutter.c:4489:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt_main, NULL);
data/spatialite-5.0.0/src/cutter/gaia_cutter.c:4530:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt_input, NULL);
data/spatialite-5.0.0/src/cutter/gaia_cutter.c:4571:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt_blade, NULL);
data/spatialite-5.0.0/src/cutter/gaia_cutter.c:4628:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt_tmp, NULL);
data/spatialite-5.0.0/src/cutter/gaia_cutter.c:4928:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (var->value.textValue),
data/spatialite-5.0.0/src/cutter/gaia_cutter.c:5107:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt_blades, NULL);
data/spatialite-5.0.0/src/cutter/gaia_cutter.c:5187:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt_in, NULL);
data/spatialite-5.0.0/src/cutter/gaia_cutter.c:5208:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt_upd, NULL);
data/spatialite-5.0.0/src/cutter/gaia_cutter.c:5515:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt_in, NULL);
data/spatialite-5.0.0/src/cutter/gaia_cutter.c:5572:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt_out, NULL);
data/spatialite-5.0.0/src/cutter/gaia_cutter.c:5586:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt_diff, NULL);
data/spatialite-5.0.0/src/cutter/gaia_cutter.c:5871:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt_in, NULL);
data/spatialite-5.0.0/src/cutter/gaia_cutter.c:5915:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt_out, NULL);
data/spatialite-5.0.0/src/cutter/gaia_cutter.c:6268:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt_in, NULL);
data/spatialite-5.0.0/src/cutter/gaia_cutter.c:6325:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt_out, NULL);
data/spatialite-5.0.0/src/cutter/gaia_cutter.c:6339:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt_diff, NULL);
data/spatialite-5.0.0/src/cutter/gaia_cutter.c:6666:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt_in, NULL);
data/spatialite-5.0.0/src/cutter/gaia_cutter.c:6710:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt_out, NULL);
data/spatialite-5.0.0/src/cutter/gaia_cutter.c:6925:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt_tmp, NULL);
data/spatialite-5.0.0/src/cutter/gaia_cutter.c:7239:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt_in, NULL);
data/spatialite-5.0.0/src/cutter/gaia_cutter.c:7289:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt_out, NULL);
data/spatialite-5.0.0/src/cutter/gaia_cutter.c:7375:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (var->
data/spatialite-5.0.0/src/dxf/dxf_load_distinct.c:865:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (dxf->filename), SQLITE_STATIC);
data/spatialite-5.0.0/src/dxf/dxf_load_distinct.c:867:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (lyr->layer_name),
data/spatialite-5.0.0/src/dxf/dxf_load_distinct.c:870:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (txt->label), SQLITE_STATIC);
data/spatialite-5.0.0/src/dxf/dxf_load_distinct.c:915:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (ext->key),
data/spatialite-5.0.0/src/dxf/dxf_load_distinct.c:918:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (ext->value),
data/spatialite-5.0.0/src/dxf/dxf_load_distinct.c:1034:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (dxf->filename), SQLITE_STATIC);
data/spatialite-5.0.0/src/dxf/dxf_load_distinct.c:1036:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (lyr->layer_name),
data/spatialite-5.0.0/src/dxf/dxf_load_distinct.c:1080:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (ext->key),
data/spatialite-5.0.0/src/dxf/dxf_load_distinct.c:1083:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (ext->value),
data/spatialite-5.0.0/src/dxf/dxf_load_distinct.c:1199:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (dxf->filename), SQLITE_STATIC);
data/spatialite-5.0.0/src/dxf/dxf_load_distinct.c:1201:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (lyr->layer_name),
data/spatialite-5.0.0/src/dxf/dxf_load_distinct.c:1257:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (ext->key),
data/spatialite-5.0.0/src/dxf/dxf_load_distinct.c:1260:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (ext->value),
data/spatialite-5.0.0/src/dxf/dxf_load_distinct.c:1379:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (dxf->filename), SQLITE_STATIC);
data/spatialite-5.0.0/src/dxf/dxf_load_distinct.c:1381:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (lyr->layer_name),
data/spatialite-5.0.0/src/dxf/dxf_load_distinct.c:1508:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (ext->key),
data/spatialite-5.0.0/src/dxf/dxf_load_distinct.c:1511:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (ext->value),
data/spatialite-5.0.0/src/dxf/dxf_load_distinct.c:1605:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (dxf->filename), SQLITE_STATIC);
data/spatialite-5.0.0/src/dxf/dxf_load_distinct.c:1607:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (lyr->layer_name),
data/spatialite-5.0.0/src/dxf/dxf_load_distinct.c:1641:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (dxf->filename), SQLITE_STATIC);
data/spatialite-5.0.0/src/dxf/dxf_load_distinct.c:1643:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (lyr->layer_name),
data/spatialite-5.0.0/src/dxf/dxf_load_distinct.c:1783:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (dxf->filename), SQLITE_STATIC);
data/spatialite-5.0.0/src/dxf/dxf_load_distinct.c:1785:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (lyr->layer_name),
data/spatialite-5.0.0/src/dxf/dxf_load_distinct.c:1788:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (ins->block_id), SQLITE_STATIC);
data/spatialite-5.0.0/src/dxf/dxf_load_distinct.c:1826:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (ext->key),
data/spatialite-5.0.0/src/dxf/dxf_load_distinct.c:1829:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (ext->value),
data/spatialite-5.0.0/src/dxf/dxf_load_distinct.c:1951:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (dxf->filename), SQLITE_STATIC);
data/spatialite-5.0.0/src/dxf/dxf_load_distinct.c:1953:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (lyr->layer_name),
data/spatialite-5.0.0/src/dxf/dxf_load_distinct.c:1956:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (ins->block_id), SQLITE_STATIC);
data/spatialite-5.0.0/src/dxf/dxf_load_distinct.c:1994:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (ext->key),
data/spatialite-5.0.0/src/dxf/dxf_load_distinct.c:1997:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (ext->value),
data/spatialite-5.0.0/src/dxf/dxf_load_distinct.c:2119:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (dxf->filename), SQLITE_STATIC);
data/spatialite-5.0.0/src/dxf/dxf_load_distinct.c:2121:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (lyr->layer_name),
data/spatialite-5.0.0/src/dxf/dxf_load_distinct.c:2124:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (ins->block_id), SQLITE_STATIC);
data/spatialite-5.0.0/src/dxf/dxf_load_distinct.c:2162:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (ext->key),
data/spatialite-5.0.0/src/dxf/dxf_load_distinct.c:2165:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (ext->value),
data/spatialite-5.0.0/src/dxf/dxf_load_distinct.c:2287:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (dxf->filename), SQLITE_STATIC);
data/spatialite-5.0.0/src/dxf/dxf_load_distinct.c:2289:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (lyr->layer_name),
data/spatialite-5.0.0/src/dxf/dxf_load_distinct.c:2292:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (ins->block_id), SQLITE_STATIC);
data/spatialite-5.0.0/src/dxf/dxf_load_distinct.c:2330:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (ext->key),
data/spatialite-5.0.0/src/dxf/dxf_load_distinct.c:2333:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (ext->value),
data/spatialite-5.0.0/src/dxf/dxf_load_distinct.c:2425:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (dxf->filename), SQLITE_STATIC);
data/spatialite-5.0.0/src/dxf/dxf_load_distinct.c:2427:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (lyr->layer_name),
data/spatialite-5.0.0/src/dxf/dxf_load_distinct.c:2430:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (ins->block_id), SQLITE_STATIC);
data/spatialite-5.0.0/src/dxf/dxf_load_mixed.c:929:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (dxf->filename), SQLITE_STATIC);
data/spatialite-5.0.0/src/dxf/dxf_load_mixed.c:931:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (lyr->layer_name),
data/spatialite-5.0.0/src/dxf/dxf_load_mixed.c:934:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (txt->label), SQLITE_STATIC);
data/spatialite-5.0.0/src/dxf/dxf_load_mixed.c:976:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (ext->key),
data/spatialite-5.0.0/src/dxf/dxf_load_mixed.c:979:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (ext->value),
data/spatialite-5.0.0/src/dxf/dxf_load_mixed.c:1081:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (dxf->filename), SQLITE_STATIC);
data/spatialite-5.0.0/src/dxf/dxf_load_mixed.c:1083:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (lyr->layer_name),
data/spatialite-5.0.0/src/dxf/dxf_load_mixed.c:1124:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (ext->key),
data/spatialite-5.0.0/src/dxf/dxf_load_mixed.c:1127:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (ext->value),
data/spatialite-5.0.0/src/dxf/dxf_load_mixed.c:1231:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (dxf->filename), SQLITE_STATIC);
data/spatialite-5.0.0/src/dxf/dxf_load_mixed.c:1233:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (lyr->layer_name),
data/spatialite-5.0.0/src/dxf/dxf_load_mixed.c:1286:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (ext->key),
data/spatialite-5.0.0/src/dxf/dxf_load_mixed.c:1289:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (ext->value),
data/spatialite-5.0.0/src/dxf/dxf_load_mixed.c:1397:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (dxf->filename), SQLITE_STATIC);
data/spatialite-5.0.0/src/dxf/dxf_load_mixed.c:1399:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (lyr->layer_name),
data/spatialite-5.0.0/src/dxf/dxf_load_mixed.c:1523:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (ext->key),
data/spatialite-5.0.0/src/dxf/dxf_load_mixed.c:1526:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (ext->value),
data/spatialite-5.0.0/src/dxf/dxf_load_mixed.c:1608:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (dxf->filename), SQLITE_STATIC);
data/spatialite-5.0.0/src/dxf/dxf_load_mixed.c:1610:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (lyr->layer_name),
data/spatialite-5.0.0/src/dxf/dxf_load_mixed.c:1641:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (dxf->filename), SQLITE_STATIC);
data/spatialite-5.0.0/src/dxf/dxf_load_mixed.c:1643:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (lyr->layer_name),
data/spatialite-5.0.0/src/dxf/dxf_load_mixed.c:1771:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (dxf->filename), SQLITE_STATIC);
data/spatialite-5.0.0/src/dxf/dxf_load_mixed.c:1773:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (lyr->layer_name),
data/spatialite-5.0.0/src/dxf/dxf_load_mixed.c:1776:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (ins->block_id), SQLITE_STATIC);
data/spatialite-5.0.0/src/dxf/dxf_load_mixed.c:1811:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (ext->key),
data/spatialite-5.0.0/src/dxf/dxf_load_mixed.c:1814:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (ext->value),
data/spatialite-5.0.0/src/dxf/dxf_load_mixed.c:1928:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (dxf->filename), SQLITE_STATIC);
data/spatialite-5.0.0/src/dxf/dxf_load_mixed.c:1930:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (lyr->layer_name),
data/spatialite-5.0.0/src/dxf/dxf_load_mixed.c:1933:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (ins->block_id), SQLITE_STATIC);
data/spatialite-5.0.0/src/dxf/dxf_load_mixed.c:1968:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (ext->key),
data/spatialite-5.0.0/src/dxf/dxf_load_mixed.c:1971:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (ext->value),
data/spatialite-5.0.0/src/dxf/dxf_load_mixed.c:2084:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (dxf->filename), SQLITE_STATIC);
data/spatialite-5.0.0/src/dxf/dxf_load_mixed.c:2086:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (lyr->layer_name),
data/spatialite-5.0.0/src/dxf/dxf_load_mixed.c:2089:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (ins->block_id), SQLITE_STATIC);
data/spatialite-5.0.0/src/dxf/dxf_load_mixed.c:2124:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (ext->key),
data/spatialite-5.0.0/src/dxf/dxf_load_mixed.c:2127:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (ext->value),
data/spatialite-5.0.0/src/dxf/dxf_load_mixed.c:2241:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (dxf->filename), SQLITE_STATIC);
data/spatialite-5.0.0/src/dxf/dxf_load_mixed.c:2243:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (lyr->layer_name),
data/spatialite-5.0.0/src/dxf/dxf_load_mixed.c:2246:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (ins->block_id), SQLITE_STATIC);
data/spatialite-5.0.0/src/dxf/dxf_load_mixed.c:2281:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (ext->key),
data/spatialite-5.0.0/src/dxf/dxf_load_mixed.c:2284:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (ext->value),
data/spatialite-5.0.0/src/dxf/dxf_load_mixed.c:2367:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (dxf->filename), SQLITE_STATIC);
data/spatialite-5.0.0/src/dxf/dxf_load_mixed.c:2369:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (lyr->layer_name),
data/spatialite-5.0.0/src/dxf/dxf_load_mixed.c:2372:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (ins->block_id), SQLITE_STATIC);
data/spatialite-5.0.0/src/dxf/dxf_loader.c:97:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/dxf/dxf_loader.c:125:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/dxf/dxf_loader.c:153:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/dxf/dxf_loader.c:181:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/dxf/dxf_loader.c:210:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/dxf/dxf_loader.c:241:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/dxf/dxf_loader.c:270:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/dxf/dxf_loader.c:299:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/dxf/dxf_loader.c:1160:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/dxf/dxf_loader.c:1189:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/dxf/dxf_loader.c:1218:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/dxf/dxf_loader.c:1247:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/dxf/dxf_loader.c:1276:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/dxf/dxf_loader.c:1307:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/dxf/dxf_loader.c:3564:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (dxf->filename), SQLITE_STATIC);
data/spatialite-5.0.0/src/dxf/dxf_loader.c:3566:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (blk->layer_name), SQLITE_STATIC);
data/spatialite-5.0.0/src/dxf/dxf_loader.c:3568:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (blk->block_id), SQLITE_STATIC);
data/spatialite-5.0.0/src/dxf/dxf_loader.c:3570:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (txt->label), SQLITE_STATIC);
data/spatialite-5.0.0/src/dxf/dxf_loader.c:3607:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (dxf->filename), SQLITE_STATIC);
data/spatialite-5.0.0/src/dxf/dxf_loader.c:3609:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (blk->layer_name), SQLITE_STATIC);
data/spatialite-5.0.0/src/dxf/dxf_loader.c:3611:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (blk->block_id), SQLITE_STATIC);
data/spatialite-5.0.0/src/dxf/dxf_loader.c:3647:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (dxf->filename), SQLITE_STATIC);
data/spatialite-5.0.0/src/dxf/dxf_loader.c:3649:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (blk->layer_name), SQLITE_STATIC);
data/spatialite-5.0.0/src/dxf/dxf_loader.c:3651:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (blk->block_id), SQLITE_STATIC);
data/spatialite-5.0.0/src/dxf/dxf_loader.c:3700:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (dxf->filename), SQLITE_STATIC);
data/spatialite-5.0.0/src/dxf/dxf_loader.c:3702:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (blk->layer_name), SQLITE_STATIC);
data/spatialite-5.0.0/src/dxf/dxf_loader.c:3704:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (blk->block_id), SQLITE_STATIC);
data/spatialite-5.0.0/src/dxf/dxf_loader.c:3817:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (dxf->filename), SQLITE_STATIC);
data/spatialite-5.0.0/src/dxf/dxf_loader.c:3819:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (blk->layer_name), SQLITE_STATIC);
data/spatialite-5.0.0/src/dxf/dxf_loader.c:3821:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (blk->block_id), SQLITE_STATIC);
data/spatialite-5.0.0/src/dxf/dxf_loader.c:3849:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (dxf->filename), SQLITE_STATIC);
data/spatialite-5.0.0/src/dxf/dxf_loader.c:3851:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (blk->layer_name), SQLITE_STATIC);
data/spatialite-5.0.0/src/dxf/dxf_loader.c:3853:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (blk->block_id), SQLITE_STATIC);
data/spatialite-5.0.0/src/dxf/dxf_parser.c:752:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (org->key);
data/spatialite-5.0.0/src/dxf/dxf_parser.c:755:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (org->value);
data/spatialite-5.0.0/src/dxf/dxf_parser.c:781:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (label);
data/spatialite-5.0.0/src/dxf/dxf_parser.c:886:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (block_id);
data/spatialite-5.0.0/src/dxf/dxf_parser.c:919:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (org->block_id);
data/spatialite-5.0.0/src/dxf/dxf_parser.c:1579:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (layer);
data/spatialite-5.0.0/src/dxf/dxf_parser.c:1582:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (id);
data/spatialite-5.0.0/src/dxf/dxf_parser.c:1717:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (name);
data/spatialite-5.0.0/src/dxf/dxf_parser.c:2454:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (name);
data/spatialite-5.0.0/src/dxf/dxf_parser.c:2466:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (name);
data/spatialite-5.0.0/src/dxf/dxf_parser.c:2478:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (id);
data/spatialite-5.0.0/src/dxf/dxf_parser.c:2490:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (id);
data/spatialite-5.0.0/src/dxf/dxf_parser.c:2502:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (label);
data/spatialite-5.0.0/src/dxf/dxf_parser.c:2530:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (key);
data/spatialite-5.0.0/src/dxf/dxf_parser.c:2544:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (value);
data/spatialite-5.0.0/src/dxf/dxf_parser.c:3457:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen (path);
data/spatialite-5.0.0/src/dxf/dxf_parser.c:3519:17: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((c = getc (fl)) != EOF)
data/spatialite-5.0.0/src/dxf/dxf_writer.c:415:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (layer);
data/spatialite-5.0.0/src/dxf/dxf_writer.c:552:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (db_handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/gaiaaux/gg_sqlaux.c:83:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (name);
data/spatialite-5.0.0/src/gaiaaux/gg_sqlaux.c:577:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (value);
data/spatialite-5.0.0/src/gaiaaux/gg_sqlaux.c:655:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = (strlen (value) - 1); i >= 0; i--)
data/spatialite-5.0.0/src/gaiaaux/gg_sqlaux.c:728:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (value);
data/spatialite-5.0.0/src/gaiaaux/gg_sqlaux.c:1223:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (dms0);
data/spatialite-5.0.0/src/gaiaaux/gg_sqlaux.c:1266:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (url);
data/spatialite-5.0.0/src/gaiaaux/gg_sqlaux.c:1308:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (encoded);
data/spatialite-5.0.0/src/gaiaaux/gg_sqlaux.c:1393:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (last + 1);
data/spatialite-5.0.0/src/gaiaaux/gg_sqlaux.c:1423:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (last + 1);
data/spatialite-5.0.0/src/gaiaaux/gg_sqlaux.c:1454:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (path);
data/spatialite-5.0.0/src/gaiaaux/gg_sqlaux.c:1470:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (path + pos + 1);
data/spatialite-5.0.0/src/gaiaaux/gg_sqlaux.c:1491:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (string);
data/spatialite-5.0.0/src/gaiaaux/gg_utf8.c:117:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (*buf);
data/spatialite-5.0.0/src/gaiaaux/gg_utf8.c:222:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (url);
data/spatialite-5.0.0/src/gaiaaux/gg_utf8.c:261:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (url);
data/spatialite-5.0.0/src/gaiaexif/gaia_exif.c:880:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen (name);
data/spatialite-5.0.0/src/gaiaexif/gaia_exif.c:1572:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen (tag->StringValue);
data/spatialite-5.0.0/src/gaiaexif/gaia_exif.c:2343:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen (human);
data/spatialite-5.0.0/src/gaiaexif/gaia_exif.c:3077:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (ll);
data/spatialite-5.0.0/src/gaiageo/gg_advanced.c:3345:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (mem_db, sql, strlen (sql), &stmt_pts, NULL);
data/spatialite-5.0.0/src/gaiageo/gg_advanced.c:3356:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (mem_db, sql, strlen (sql), &stmt_rtree_pts, NULL);
data/spatialite-5.0.0/src/gaiageo/gg_advanced.c:3594:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (mem_db, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/gaiageo/gg_advanced.c:3605:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (mem_db, sql, strlen (sql), &stmt_pts, NULL);
data/spatialite-5.0.0/src/gaiageo/gg_advanced.c:3826:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (mem_db, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/gaiageo/gg_advanced.c:3977:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (mem_db, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/gaiageo/gg_ewkt.c:1868:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 5; i < (int) strlen (dummy); i++)
data/spatialite-5.0.0/src/gaiageo/gg_geoJSON.c:1349:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen (str);
data/spatialite-5.0.0/src/gaiageo/gg_geoJSON.c:1390:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen (str);
data/spatialite-5.0.0/src/gaiageo/gg_geoJSON.c:1416:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen (dirty);
data/spatialite-5.0.0/src/gaiageo/gg_geoJSON.c:1521:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (norm);
data/spatialite-5.0.0/src/gaiageo/gg_geoJSON.c:1535:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (norm);
data/spatialite-5.0.0/src/gaiageo/gg_geoJSON.c:1550:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (norm);
data/spatialite-5.0.0/src/gaiageo/gg_geoJSON.c:1563:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (norm);
data/spatialite-5.0.0/src/gaiageo/gg_gml.c:479:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen (str);
data/spatialite-5.0.0/src/gaiageo/gg_gml.c:493:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (tok->value);
data/spatialite-5.0.0/src/gaiageo/gg_gml.c:509:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (k_tok->value);
data/spatialite-5.0.0/src/gaiageo/gg_gml.c:512:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (v_tok->value);
data/spatialite-5.0.0/src/gaiageo/gg_gml.c:558:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (tok->value);
data/spatialite-5.0.0/src/gaiageo/gg_gml.c:592:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (tok->value);
data/spatialite-5.0.0/src/gaiageo/gg_gml.c:618:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (tok->value);
data/spatialite-5.0.0/src/gaiageo/gg_gml.c:658:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (str);
data/spatialite-5.0.0/src/gaiageo/gg_gml.c:673:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (attr->Value);
data/spatialite-5.0.0/src/gaiageo/gg_gml.c:684:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int i = strlen (attr->Value) - 1;
data/spatialite-5.0.0/src/gaiageo/gg_gml.c:698:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int i = strlen (attr->Value) - 1;
data/spatialite-5.0.0/src/gaiageo/gg_kml.c:471:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen (str);
data/spatialite-5.0.0/src/gaiageo/gg_kml.c:485:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (tok->value);
data/spatialite-5.0.0/src/gaiageo/gg_kml.c:501:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (k_tok->value);
data/spatialite-5.0.0/src/gaiageo/gg_kml.c:504:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (v_tok->value);
data/spatialite-5.0.0/src/gaiageo/gg_kml.c:547:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (tok->value);
data/spatialite-5.0.0/src/gaiageo/gg_kml.c:581:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (tok->value);
data/spatialite-5.0.0/src/gaiageo/gg_kml.c:607:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (tok->value);
data/spatialite-5.0.0/src/gaiageo/gg_kml.c:647:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (str);
data/spatialite-5.0.0/src/gaiageo/gg_relations.c:172:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (msg);
data/spatialite-5.0.0/src/gaiageo/gg_relations.c:187:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (msg);
data/spatialite-5.0.0/src/gaiageo/gg_relations.c:202:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (msg);
data/spatialite-5.0.0/src/gaiageo/gg_relations.c:1675:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (retMatrix);
data/spatialite-5.0.0/src/gaiageo/gg_relations.c:1737:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (retMatrix);
data/spatialite-5.0.0/src/gaiageo/gg_relations.c:3211:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (str);
data/spatialite-5.0.0/src/gaiageo/gg_relations.c:3219:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (str);
data/spatialite-5.0.0/src/gaiageo/gg_relations.c:3227:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (str);
data/spatialite-5.0.0/src/gaiageo/gg_relations.c:3237:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (gstr);
data/spatialite-5.0.0/src/gaiageo/gg_relations.c:3273:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (str);
data/spatialite-5.0.0/src/gaiageo/gg_relations.c:3281:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (str);
data/spatialite-5.0.0/src/gaiageo/gg_relations.c:3289:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (str);
data/spatialite-5.0.0/src/gaiageo/gg_relations.c:3299:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (gstr);
data/spatialite-5.0.0/src/gaiageo/gg_rttopo.c:149:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (msg);
data/spatialite-5.0.0/src/gaiageo/gg_rttopo.c:188:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (msg);
data/spatialite-5.0.0/src/gaiageo/gg_rttopo.c:2343:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (result);
data/spatialite-5.0.0/src/gaiageo/gg_rttopo.c:2387:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (result);
data/spatialite-5.0.0/src/gaiageo/gg_rttopo.c:2819:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*len = strlen (p_encoded);
data/spatialite-5.0.0/src/gaiageo/gg_rttopo.c:2876:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int length = strlen (encodedpolyline);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:169:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen (str);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:227:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen (name);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:257:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen (org->Name);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:379:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (org->TxtValue);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:677:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen ((char *) field_name);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:701:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (path);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:767:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (errMsg);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:775:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (errMsg);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:789:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (errMsg);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:804:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (errMsg);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:819:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (errMsg);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:835:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (errMsg);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:851:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (errMsg);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:878:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (fld->Name);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:1143:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (fld->Name) > 10)
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:1149:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (buf);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:1161:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (buf) > 10)
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:1165:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy (buf_shp, buf, strlen (buf));
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:1177:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (path);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:1329:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (errMsg);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:1337:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (errMsg);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:1460:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen ((char *) buf) != 8)
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:1509:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = strlen ((char *) buf) - 1; i >= 0; i--)
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:1517:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen ((char *) buf);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:2769:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (errMsg);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:2783:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (errMsg);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:2981:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (fld->Value->TxtValue) == 8)
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:2993:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (fld->Value->TxtValue);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:2999:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (dynbuf);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:3016:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (dynbuf) < fld->Length)
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:3018:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (dynbuf));
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:3033:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (dummy) <= fld->Length)
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:3035:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dummy, strlen (dummy));
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:3041:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (dummy) <= fld->Length)
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:3043:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dummy, strlen (dummy));
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:3085:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (dummy);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:3114:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (dummy);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:3145:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (dummy);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:3185:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (dummy);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:3288:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (dummy);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:3481:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (dummy);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:3633:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (dummy);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:3794:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (dummy);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:4117:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (dummy);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:4337:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (dummy);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:4403:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (dummy);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:4510:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (dummy);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:4581:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (dummy);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:5082:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen ((char *) field_name);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:5106:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (path);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:5122:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (errMsg);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:5130:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (errMsg);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:5141:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (errMsg);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:5151:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (errMsg);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:5162:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (errMsg);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:5174:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (errMsg);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:5268:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (fld->Name) > 10)
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:5274:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (buf);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:5286:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (buf) > 10)
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:5290:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy (bf, buf, strlen (buf));
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:5313:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (errMsg);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:5321:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (errMsg);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:5376:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (fld->Value->TxtValue) == 8)
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:5388:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (fld->Value->TxtValue);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:5394:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (dynbuf);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:5411:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (dynbuf) < fld->Length)
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:5413:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (dynbuf));
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:5428:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (dummy) <= fld->Length)
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:5430:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dummy, strlen (dummy));
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:5436:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (dummy) <= fld->Length)
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:5438:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dummy, strlen (dummy));
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:5453:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (dummy);
data/spatialite-5.0.0/src/gaiageo/gg_shape.c:5561:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (errMsg);
data/spatialite-5.0.0/src/gaiageo/gg_transform.c:2715:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (proj_string);
data/spatialite-5.0.0/src/gaiageo/gg_transform.c:2780:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (wkt);
data/spatialite-5.0.0/src/gaiageo/gg_transform.c:2817:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/gaiageo/gg_wkb.c:4906:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen ((const char *) blob_hex);
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:67:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = strlen (buffer) - 1; i > 0; i--)
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:79:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (buffer, "0");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:118:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen (text);
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:2769:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen (string);
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3484:7: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (buf, " ");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3662:7: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (buf, " ");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3775:6: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (buf, " ");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3979:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (endJson, "}");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3986:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (endJson, "}");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:3992:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (endJson, "}");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:4034:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (endJson, "}");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:4040:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (endJson, "}");
data/spatialite-5.0.0/src/gaiageo/gg_wkt.c:4045:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (endJson, "}");
data/spatialite-5.0.0/src/gaiageo/gg_xml.c:111:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen ((const char *) prefix);
data/spatialite-5.0.0/src/gaiageo/gg_xml.c:119:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen ((const char *) href);
data/spatialite-5.0.0/src/gaiageo/gg_xml.c:373:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen (schemaURI);
data/spatialite-5.0.0/src/gaiageo/gg_xml.c:547:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen ((const char *) cur_node->content);
data/spatialite-5.0.0/src/gaiageo/gg_xml.c:654:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen ((const char *) cur_node->content);
data/spatialite-5.0.0/src/gaiageo/gg_xml.c:742:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen ((const char *) cur_node->content);
data/spatialite-5.0.0/src/gaiageo/gg_xml.c:1104:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (value);
data/spatialite-5.0.0/src/gaiageo/gg_xml.c:1136:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (value);
data/spatialite-5.0.0/src/gaiageo/gg_xml.c:1170:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (value);
data/spatialite-5.0.0/src/gaiageo/gg_xml.c:1260:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (value);
data/spatialite-5.0.0/src/gaiageo/gg_xml.c:1314:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (value);
data/spatialite-5.0.0/src/gaiageo/gg_xml.c:1368:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (value);
data/spatialite-5.0.0/src/gaiageo/gg_xml.c:1477:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (value);
data/spatialite-5.0.0/src/gaiageo/gg_xml.c:1509:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (value);
data/spatialite-5.0.0/src/gaiageo/gg_xml.c:1543:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (value);
data/spatialite-5.0.0/src/gaiageo/gg_xml.c:1800:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uri_len = (short) strlen ((const char *) schemaURI);
data/spatialite-5.0.0/src/gaiageo/gg_xml.c:1802:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fileid_len = (short) strlen ((const char *) fileIdentifier);
data/spatialite-5.0.0/src/gaiageo/gg_xml.c:1804:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
parentid_len = strlen ((const char *) parentIdentifier);
data/spatialite-5.0.0/src/gaiageo/gg_xml.c:1806:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name_len = (short) strlen ((const char *) name);
data/spatialite-5.0.0/src/gaiageo/gg_xml.c:1808:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
title_len = (short) strlen ((const char *) title);
data/spatialite-5.0.0/src/gaiageo/gg_xml.c:1810:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
abstract_len = (short) strlen ((const char *) abstract);
data/spatialite-5.0.0/src/gaiageo/gg_xml.c:2844:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int enclen = (int) strlen ((const char *) xml_doc->encoding);
data/spatialite-5.0.0/src/gaiageo/gg_xml.c:3330:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen (str);
data/spatialite-5.0.0/src/gaiageo/gg_xml.c:3340:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (ptr);
data/spatialite-5.0.0/src/gaiageo/gg_xml.c:3371:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen ((const char *)
data/spatialite-5.0.0/src/gaiageo/gg_xml.c:4413:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int enclen = strlen ((const char *) xml_doc->encoding);
data/spatialite-5.0.0/src/gaiageo/gg_xml.c:4460:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, timestamp, strlen (timestamp), SQLITE_STATIC);
data/spatialite-5.0.0/src/gaiageo/gg_xml.c:4727:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/gaiageo/gg_xml.c:4757:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (ver);
data/spatialite-5.0.0/src/gaiageo/lemon/lemon_src/lemon.c:59:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define lemonStrlen(X) ((int)strlen(X))
data/spatialite-5.0.0/src/gaiageo/lemon/lemon_src/lemon.c:4603:16: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
nextChar = fgetc(in);
data/spatialite-5.0.0/src/gaiageo/lex.Ewkt.c:941:14: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
(c = getc( yyin )) != EOF && c != '\n'; ++n ) \
data/spatialite-5.0.0/src/gaiageo/lex.Ewkt.c:1107:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
{ Ewktget_extra(yyscanner)->ewkt_col += (int) strlen(yytext); Ewktget_extra(yyscanner)->EwktLval.dval = atof(yytext); return EWKT_NUM; }
data/spatialite-5.0.0/src/gaiageo/lex.Ewkt.c:1179:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
{ Ewktget_extra(yyscanner)->ewkt_col += (int) strlen(yytext); } /* ignore but count white space */
data/spatialite-5.0.0/src/gaiageo/lex.Ewkt.c:1188:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
{ Ewktget_extra(yyscanner)->ewkt_col += (int) strlen(yytext); return -1; }
data/spatialite-5.0.0/src/gaiageo/lex.Ewkt.c:1928:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return yy_scan_bytes( yystr, (int) strlen(yystr) , yyscanner);
data/spatialite-5.0.0/src/gaiageo/lex.GeoJson.c:975:14: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
(c = getc( yyin )) != EOF && c != '\n'; ++n ) \
data/spatialite-5.0.0/src/gaiageo/lex.GeoJson.c:1141:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
{ GeoJsonget_extra(yyscanner)->geoJson_col += (int) strlen(yytext); GeoJsonget_extra(yyscanner)->GeoJsonLval.dval = atof(yytext); return GEOJSON_NUM; }
data/spatialite-5.0.0/src/gaiageo/lex.GeoJson.c:1145:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
{ GeoJsonget_extra(yyscanner)->geoJson_col += (int) strlen(yytext); GeoJsonget_extra(yyscanner)->GeoJsonLval.ival = atoi(yytext+6); return GEOJSON_SHORT_SRID; }
data/spatialite-5.0.0/src/gaiageo/lex.GeoJson.c:1149:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
{ GeoJsonget_extra(yyscanner)->geoJson_col += (int) strlen(yytext); GeoJsonget_extra(yyscanner)->GeoJsonLval.ival = atoi(yytext+22); return GEOJSON_LONG_SRID; }
data/spatialite-5.0.0/src/gaiageo/lex.GeoJson.c:1233:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
{ GeoJsonget_extra(yyscanner)->geoJson_col += (int) strlen(yytext); } /* ignore but count white space */
data/spatialite-5.0.0/src/gaiageo/lex.GeoJson.c:1242:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
{ GeoJsonget_extra(yyscanner)->geoJson_col += (int) strlen(yytext); return -1; }
data/spatialite-5.0.0/src/gaiageo/lex.GeoJson.c:1982:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return yy_scan_bytes( yystr, (int) strlen(yystr) , yyscanner);
data/spatialite-5.0.0/src/gaiageo/lex.Gml.c:837:14: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
(c = getc( yyin )) != EOF && c != '\n'; ++n ) \
data/spatialite-5.0.0/src/gaiageo/lex.Gml.c:1032:103: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
{ gml_freeString(&(Gmlget_extra(yyscanner)->GmlLval.pval)); Gmlget_extra(yyscanner)->gml_col += (int) strlen(yytext); } /* ignore but count white space */
data/spatialite-5.0.0/src/gaiageo/lex.Gml.c:1041:103: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
{ gml_freeString(&(Gmlget_extra(yyscanner)->GmlLval.pval)); Gmlget_extra(yyscanner)->gml_col += (int) strlen(yytext); return -1; }
data/spatialite-5.0.0/src/gaiageo/lex.Gml.c:1781:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return yy_scan_bytes( yystr, (int) strlen(yystr) , yyscanner);
data/spatialite-5.0.0/src/gaiageo/lex.Kml.c:837:14: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
(c = getc( yyin )) != EOF && c != '\n'; ++n ) \
data/spatialite-5.0.0/src/gaiageo/lex.Kml.c:1032:103: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
{ kml_freeString(&(Kmlget_extra(yyscanner)->KmlLval.pval)); Kmlget_extra(yyscanner)->kml_col += (int) strlen(yytext); } /* ignore but count white space */
data/spatialite-5.0.0/src/gaiageo/lex.Kml.c:1041:103: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
{ kml_freeString(&(Kmlget_extra(yyscanner)->KmlLval.pval)); Kmlget_extra(yyscanner)->kml_col += (int) strlen(yytext); return -1; }
data/spatialite-5.0.0/src/gaiageo/lex.Kml.c:1781:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return yy_scan_bytes( yystr, (int) strlen(yystr) , yyscanner);
data/spatialite-5.0.0/src/gaiageo/lex.VanuatuWkt.c:976:14: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
(c = getc( yyin )) != EOF && c != '\n'; ++n ) \
data/spatialite-5.0.0/src/gaiageo/lex.VanuatuWkt.c:1142:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
{ VanuatuWktget_extra(yyscanner)->vanuatu_col += (int) strlen(yytext); VanuatuWktget_extra(yyscanner)->VanuatuWktlval.dval = atof(yytext); return VANUATU_NUM; }
data/spatialite-5.0.0/src/gaiageo/lex.VanuatuWkt.c:1291:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
{ VanuatuWktget_extra(yyscanner)->vanuatu_col += (int) strlen(yytext); } /* ignore but count white space */
data/spatialite-5.0.0/src/gaiageo/lex.VanuatuWkt.c:1300:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
{ VanuatuWktget_extra(yyscanner)->vanuatu_col += (int) strlen(yytext); return -1; }
data/spatialite-5.0.0/src/gaiageo/lex.VanuatuWkt.c:2040:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return yy_scan_bytes( yystr, (int) strlen(yystr) , yyscanner);
data/spatialite-5.0.0/src/geopackage/gaia_cvt_gpkg.c:130:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (column);
data/spatialite-5.0.0/src/geopackage/gaia_cvt_gpkg.c:565:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
in_sql, strlen (in_sql), &xstmt_in, NULL);
data/spatialite-5.0.0/src/geopackage/gaia_cvt_gpkg.c:575:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
out_sql, strlen (out_sql), &xstmt_out, NULL);
data/spatialite-5.0.0/src/geopackage/gaia_cvt_gpkg.c:736:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
in_sql, strlen (in_sql), &xstmt_in, NULL);
data/spatialite-5.0.0/src/geopackage/gaia_cvt_gpkg.c:746:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
out_sql, strlen (out_sql), &xstmt_out, NULL);
data/spatialite-5.0.0/src/geopackage/gpkgBinary.c:448:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (type);
data/spatialite-5.0.0/src/geopackage/gpkgGetImageType.c:93:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_result_text (context, "tiff", strlen ("tiff"),
data/spatialite-5.0.0/src/geopackage/gpkgGetImageType.c:97:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_result_text (context, "png", strlen ("png"),
data/spatialite-5.0.0/src/geopackage/gpkgGetImageType.c:101:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_result_text (context, "jpeg", strlen ("jpeg"),
data/spatialite-5.0.0/src/geopackage/gpkgGetImageType.c:105:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_result_text (context, "x-webp", strlen ("x-webp"),
data/spatialite-5.0.0/src/geopackage/gpkgGetImageType.c:109:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_result_text (context, "unknown", strlen ("unknown"),
data/spatialite-5.0.0/src/geopackage/gpkgInsertEpsgSRID.c:101:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sqlcmd, strlen (sqlcmd), &sql_stmt, NULL);
data/spatialite-5.0.0/src/geopackage/gpkgInsertEpsgSRID.c:109:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (first->ref_sys_name), SQLITE_STATIC);
data/spatialite-5.0.0/src/geopackage/gpkgInsertEpsgSRID.c:113:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (first->auth_name), SQLITE_STATIC);
data/spatialite-5.0.0/src/geopackage/gpkgInsertEpsgSRID.c:115:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (first->srs_wkt) == 0)
data/spatialite-5.0.0/src/geopackage/gpkgInsertEpsgSRID.c:122:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (first->srs_wkt), SQLITE_STATIC);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:224:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (column);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:321:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size = strlen ((const char *) p);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:523:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:557:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (dbf_field->
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:590:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:626:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen (buf);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:776:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:822:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:990:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (dummy);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:1017:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (dummy);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:1459:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (sql_statement.Buffer), &stmt, NULL);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:1513:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (dbf_field->
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:1556:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (dbf_field->
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:1686:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:1719:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (dbf_field->
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:1752:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:1827:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:2004:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (dummy);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:2023:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (dummy);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:2185:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (sql_statement.Buffer), &stmt, NULL);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:2235:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (dbf_field->
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:2278:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (dbf_field->
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:2374:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen (basename);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:2598:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (filename);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:2680:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (filename);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:2695:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (filename);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:2707:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (filename);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:2719:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (filename);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:2731:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (filename);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:3191:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen (srs);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:3246:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:3330:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (table);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:3333:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (geometry);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:3429:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen (tn);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:3478:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:3525:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:3591:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:3865:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:4035:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:4169:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:4295:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:4408:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *converted = sqlite3_malloc (strlen (string) + 1);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:4411:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (converted);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:4466:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:4489:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_malloc (strlen (string) + 1);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:4495:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen (converted);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:4838:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:5212:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:5610:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:5714:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:5823:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen (x);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:6052:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen (name);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:6114:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:6414:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:6450:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (prop->txt_value),
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:6682:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen (item->basename);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:6777:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen (item->basename);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:6908:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (sql_statement.Buffer), &stmt, NULL);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:6989:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql1, strlen (sql1), &stmt1, NULL);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:6996:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql2, strlen (sql2), &stmt2, NULL);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:7980:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (sql_statement.Buffer), &stmt_in, NULL);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:7990:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (sqlite, sql2.Buffer, strlen (sql2.Buffer),
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:8379:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:8487:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen (cell.value.text_value);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:8563:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen (cell.value.text_value);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:8604:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (sql_statement.Buffer), &stmt, NULL);
data/spatialite-5.0.0/src/shapefiles/shapefiles.c:8648:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (cell.value.text_value),
data/spatialite-5.0.0/src/shapefiles/validator.c:355:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (error);
data/spatialite-5.0.0/src/shapefiles/validator.c:361:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (warning);
data/spatialite-5.0.0/src/shapefiles/validator.c:367:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (summary);
data/spatialite-5.0.0/src/shapefiles/validator.c:1089:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/shapefiles/validator.c:1139:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, p_type, strlen (p_type), SQLITE_STATIC);
data/spatialite-5.0.0/src/shapefiles/validator.c:1140:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 2, p_dims, strlen (p_dims), SQLITE_STATIC);
data/spatialite-5.0.0/src/shapefiles/validator.c:1420:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/shapefiles/validator.c:1572:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt_out, NULL);
data/spatialite-5.0.0/src/shapefiles/validator.c:1719:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (msg);
data/spatialite-5.0.0/src/shapefiles/validator.c:1869:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/shapefiles/validator.c:1880:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (msg);
data/spatialite-5.0.0/src/shapefiles/validator.c:1907:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (msg);
data/spatialite-5.0.0/src/shapefiles/validator.c:1921:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt_out, NULL);
data/spatialite-5.0.0/src/shapefiles/validator.c:1932:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (msg);
data/spatialite-5.0.0/src/shapefiles/validator.c:1951:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (msg);
data/spatialite-5.0.0/src/shapefiles/validator.c:2078:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (msg);
data/spatialite-5.0.0/src/shapefiles/validator.c:2103:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (msg);
data/spatialite-5.0.0/src/shapefiles/validator.c:2128:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (msg);
data/spatialite-5.0.0/src/shapefiles/validator.c:2151:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (msg);
data/spatialite-5.0.0/src/shapefiles/validator.c:2731:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (msg);
data/spatialite-5.0.0/src/shapefiles/validator.c:2755:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (msg);
data/spatialite-5.0.0/src/shapefiles/validator.c:2781:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (msg);
data/spatialite-5.0.0/src/shapefiles/validator.c:2808:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (msg);
data/spatialite-5.0.0/src/shapefiles/validator.c:2873:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (error);
data/spatialite-5.0.0/src/shapefiles/validator.c:2879:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (warning);
data/spatialite-5.0.0/src/shapefiles/validator.c:2885:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (extra);
data/spatialite-5.0.0/src/shapefiles/validator.c:2940:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (msg);
data/spatialite-5.0.0/src/shapefiles/validator.c:3090:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/shapefiles/validator.c:3101:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (msg);
data/spatialite-5.0.0/src/shapefiles/validator.c:3175:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (msg);
data/spatialite-5.0.0/src/shapefiles/validator.c:3672:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (msg);
data/spatialite-5.0.0/src/shapefiles/validator.c:3694:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (msg);
data/spatialite-5.0.0/src/shapefiles/validator.c:3719:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (msg);
data/spatialite-5.0.0/src/shapefiles/validator.c:3744:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (msg);
data/spatialite-5.0.0/src/spatialite/create_routing.c:93:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (errmsg);
data/spatialite-5.0.0/src/spatialite/create_routing.c:320:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/create_routing.c:383:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/create_routing.c:734:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (db_handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/create_routing.c:765:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (db_handle, sql, strlen (sql), &stmt_ins_nodes,
data/spatialite-5.0.0/src/spatialite/create_routing.c:798:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (db_handle, sql, strlen (sql), &stmt_ins_links,
data/spatialite-5.0.0/src/spatialite/create_routing.c:846:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (from);
data/spatialite-5.0.0/src/spatialite/create_routing.c:883:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (to);
data/spatialite-5.0.0/src/spatialite/create_routing.c:1129:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt_ins_nodes, 2, from, strlen (from),
data/spatialite-5.0.0/src/spatialite/create_routing.c:1159:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt_ins_nodes, 2, to, strlen (to),
data/spatialite-5.0.0/src/spatialite/create_routing.c:1196:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (from),
data/spatialite-5.0.0/src/spatialite/create_routing.c:1208:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (to),
data/spatialite-5.0.0/src/spatialite/create_routing.c:1239:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (to),
data/spatialite-5.0.0/src/spatialite/create_routing.c:1252:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (from),
data/spatialite-5.0.0/src/spatialite/create_routing.c:1284:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (from), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/create_routing.c:1295:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (to), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/create_routing.c:1372:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (db_handle, sql, strlen (sql), &stmt_update_nodes,
data/spatialite-5.0.0/src/spatialite/create_routing.c:1395:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (db_handle, sql, strlen (sql), &stmt_check_nodes,
data/spatialite-5.0.0/src/spatialite/create_routing.c:1476:7: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if (mismatch)
data/spatialite-5.0.0/src/spatialite/create_routing.c:1506:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen (code);
data/spatialite-5.0.0/src/spatialite/create_routing.c:1654:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (db_handle, sql, strlen (sql),
data/spatialite-5.0.0/src/spatialite/create_routing.c:1669:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (db_handle, sql, strlen (sql),
data/spatialite-5.0.0/src/spatialite/create_routing.c:1684:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (db_handle, sql, strlen (sql), &stmt_sel_nodes,
data/spatialite-5.0.0/src/spatialite/create_routing.c:1702:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (db_handle, sql, strlen (sql),
data/spatialite-5.0.0/src/spatialite/create_routing.c:1717:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (db_handle, sql, strlen (sql),
data/spatialite-5.0.0/src/spatialite/create_routing.c:1732:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (db_handle, sql, strlen (sql), &stmt_sel_nodes,
data/spatialite-5.0.0/src/spatialite/create_routing.c:1769:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (code), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/create_routing.c:1790:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (code), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/create_routing.c:1918:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (input_table) + 1;
data/spatialite-5.0.0/src/spatialite/create_routing.c:1926:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (from_column) + 1;
data/spatialite-5.0.0/src/spatialite/create_routing.c:1934:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (to_column) + 1;
data/spatialite-5.0.0/src/spatialite/create_routing.c:1945:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (geom_column) + 1;
data/spatialite-5.0.0/src/spatialite/create_routing.c:1957:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (name_column) + 1;
data/spatialite-5.0.0/src/spatialite/create_routing.c:2111:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (db_handle, sql, strlen (sql), &stmt_out, NULL);
data/spatialite-5.0.0/src/spatialite/create_routing.c:2136:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (db_handle, sql, strlen (sql), &stmt_from, NULL);
data/spatialite-5.0.0/src/spatialite/create_routing.c:2151:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (db_handle, sql, strlen (sql), &stmt_to, NULL);
data/spatialite-5.0.0/src/spatialite/create_routing.c:2428:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (db_handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/create_routing.c:2440:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen (geom);
data/spatialite-5.0.0/src/spatialite/create_routing.c:2750:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (db_handle, sql, strlen (sql), &stmt_q1, NULL);
data/spatialite-5.0.0/src/spatialite/create_routing.c:2764:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (db_handle, sql, strlen (sql), &stmt_ins, NULL);
data/spatialite-5.0.0/src/spatialite/create_routing.c:2780:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (db_handle, sql, strlen (sql), &stmt_q2, NULL);
data/spatialite-5.0.0/src/spatialite/create_routing.c:2803:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (db_handle, sql, strlen (sql), &stmt_upd, NULL);
data/spatialite-5.0.0/src/spatialite/extra_tables.c:162:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql_statement, strlen (sql_statement),
data/spatialite-5.0.0/src/spatialite/extra_tables.c:175:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt_del, 1, table, strlen (table), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/extra_tables.c:176:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt_del, 2, column, strlen (column), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/extra_tables.c:198:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt_out, 1, table, strlen (table),
data/spatialite-5.0.0/src/spatialite/extra_tables.c:200:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt_out, 2, column, strlen (column),
data/spatialite-5.0.0/src/spatialite/extra_tables.c:272:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql_statement, strlen (sql_statement),
data/spatialite-5.0.0/src/spatialite/extra_tables.c:284:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql_statement, strlen (sql_statement),
data/spatialite-5.0.0/src/spatialite/extra_tables.c:297:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (sqlite, sql_statement, strlen (sql_statement),
data/spatialite-5.0.0/src/spatialite/extra_tables.c:408:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql_statement, strlen (sql_statement),
data/spatialite-5.0.0/src/spatialite/extra_tables.c:456:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql_statement, strlen (sql_statement),
data/spatialite-5.0.0/src/spatialite/extra_tables.c:504:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql_statement, strlen (sql_statement),
data/spatialite-5.0.0/src/spatialite/extra_tables.c:550:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql_statement, strlen (sql_statement),
data/spatialite-5.0.0/src/spatialite/extra_tables.c:591:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql_statement, strlen (sql_statement),
data/spatialite-5.0.0/src/spatialite/extra_tables.c:613:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt_out, 1, table, strlen (table),
data/spatialite-5.0.0/src/spatialite/extra_tables.c:705:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql_statement, strlen (sql_statement),
data/spatialite-5.0.0/src/spatialite/extra_tables.c:717:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql_statement, strlen (sql_statement),
data/spatialite-5.0.0/src/spatialite/mbrcache.c:510:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (handle, sql_statement, strlen (sql_statement),
data/spatialite-5.0.0/src/spatialite/mbrcache.c:906:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (vtable);
data/spatialite-5.0.0/src/spatialite/mbrcache.c:915:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (table);
data/spatialite-5.0.0/src/spatialite/mbrcache.c:924:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (column);
data/spatialite-5.0.0/src/spatialite/mbrcache.c:932:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (table);
data/spatialite-5.0.0/src/spatialite/mbrcache.c:935:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (column);
data/spatialite-5.0.0/src/spatialite/mbrcache.c:1338:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_result_text (pContext, envelope, strlen (envelope),
data/spatialite-5.0.0/src/spatialite/metatables.c:205:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/metatables.c:213:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, table, strlen (table), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/metatables.c:217:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 2, geom, strlen (geom), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/metatables.c:218:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 3, operation, strlen (operation), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/metatables.c:3041:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (sqlite, sql_statement, strlen (sql_statement),
data/spatialite-5.0.0/src/spatialite/metatables.c:3673:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (sqlite, sql_statement, strlen (sql_statement),
data/spatialite-5.0.0/src/spatialite/metatables.c:3759:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (sqlite, sql_statement, strlen (sql_statement),
data/spatialite-5.0.0/src/spatialite/metatables.c:3770:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, table, strlen (table), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/metatables.c:3771:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 2, column, strlen (column), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/metatables.c:3981:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (p_table);
data/spatialite-5.0.0/src/spatialite/metatables.c:3984:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (p_column);
data/spatialite-5.0.0/src/spatialite/metatables.c:4717:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (sqlite, sql_statement, strlen (sql_statement),
data/spatialite-5.0.0/src/spatialite/metatables.c:4728:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, table, strlen (table), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/metatables.c:4729:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 2, column, strlen (column), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/metatables.c:4830:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (p_table);
data/spatialite-5.0.0/src/spatialite/metatables.c:4833:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (p_column);
data/spatialite-5.0.0/src/spatialite/metatables.c:5370:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (sqlite, sql_statement, strlen (sql_statement),
data/spatialite-5.0.0/src/spatialite/metatables.c:5381:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, table, strlen (table), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/metatables.c:5408:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (sqlite, sql_statement, strlen (sql_statement),
data/spatialite-5.0.0/src/spatialite/metatables.c:5477:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (sqlite, sql_statement, strlen (sql_statement),
data/spatialite-5.0.0/src/spatialite/metatables.c:5488:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, table, strlen (table), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/metatables.c:5518:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (sqlite, sql_statement, strlen (sql_statement),
data/spatialite-5.0.0/src/spatialite/metatables.c:5601:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (column_name);
data/spatialite-5.0.0/src/spatialite/metatables.c:5653:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (table_name);
data/spatialite-5.0.0/src/spatialite/metatables.c:5656:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (geometry_column);
data/spatialite-5.0.0/src/spatialite/metatables.c:5882:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/metatables.c:6053:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/metatables.c:6113:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/metatables.c:6190:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/metatables.c:6256:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/metatables.c:6404:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/metatables.c:6583:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/metatables.c:6725:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/metatables.c:6856:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/metatables.c:6978:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:96:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:105:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, xlink_href, strlen (xlink_href), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:175:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:191:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 2, title, strlen (title),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:193:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 3, abstract, strlen (abstract),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:195:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 4, file_name, strlen (file_name),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:197:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 5, xlink_href, strlen (xlink_href),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:204:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 2, xlink_href, strlen (xlink_href),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:214:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, xlink_href, strlen (xlink_href),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:217:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 3, title, strlen (title),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:219:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 4, abstract, strlen (abstract),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:221:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 5, file_name, strlen (file_name),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:227:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, xlink_href, strlen (xlink_href),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:263:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:272:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, xlink_href, strlen (xlink_href), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:297:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:336:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:381:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:394:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, name, strlen (name), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:423:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:463:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:472:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, name, strlen (name), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:505:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:572:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:585:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, name, strlen (name), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:658:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:695:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:735:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:744:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, style_name, strlen (style_name), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:781:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:830:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:839:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, style_name, strlen (style_name), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:859:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:900:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:909:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, coverage_name, strlen (coverage_name),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:933:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:964:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:1047:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:1172:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:1181:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, coverage_name, strlen (coverage_name),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:1216:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:1225:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, coverage_name, strlen (coverage_name),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:1227:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 2, style_name, strlen (style_name), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:1262:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:1271:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, coverage_name, strlen (coverage_name),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:1332:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:1374:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:1410:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:1445:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:1494:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:1503:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, style_name, strlen (style_name), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:1523:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:1562:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:1642:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:1682:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:1691:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, style_name, strlen (style_name), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:1728:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:1802:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:1811:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, coverage_name, strlen (coverage_name),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:1887:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:1896:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, coverage_name, strlen (coverage_name),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:1931:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:1940:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, coverage_name, strlen (coverage_name),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:1942:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 2, style_name, strlen (style_name), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:1977:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:1986:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, coverage_name, strlen (coverage_name),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:2056:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:2065:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, coverage_name, strlen (coverage_name),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:2067:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 2, f_table_name, strlen (f_table_name),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:2070:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (f_geometry_column), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:2071:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 4, title, strlen (title), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:2072:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 5, abstract, strlen (abstract),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:2101:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:2110:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, coverage_name, strlen (coverage_name),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:2112:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 2, f_table_name, strlen (f_table_name),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:2115:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (f_geometry_column), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:2160:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:2169:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, coverage_name, strlen (coverage_name),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:2171:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 2, view_name, strlen (view_name),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:2174:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (view_geometry), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:2175:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 4, title, strlen (title), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:2176:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 5, abstract, strlen (abstract),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:2205:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:2214:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, coverage_name, strlen (coverage_name),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:2216:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 2, view_name, strlen (view_name),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:2219:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (view_geometry), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:2263:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:2272:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, coverage_name, strlen (coverage_name),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:2274:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 2, virt_name, strlen (virt_name),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:2277:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (virt_geometry), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:2278:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 4, title, strlen (title), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:2279:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 5, abstract, strlen (abstract),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:2306:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:2315:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, coverage_name, strlen (coverage_name),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:2317:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 2, virt_name, strlen (virt_name),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:2320:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (virt_geometry), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:2397:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:2406:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, coverage_name, strlen (coverage_name),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:2408:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 2, f_table_name, strlen (f_table_name),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:2411:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (f_geometry_column), sqlite3_free);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:2412:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 4, topogeo_name, strlen (topogeo_name),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:2414:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 5, title, strlen (title), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:2415:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 6, abstract, strlen (abstract),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:2444:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:2453:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, coverage_name, strlen (coverage_name),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:2455:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 2, f_table_name, strlen (f_table_name),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:2458:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (f_geometry_column), sqlite3_free);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:2459:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 4, topogeo_name, strlen (topogeo_name),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:2541:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:2550:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, coverage_name, strlen (coverage_name),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:2552:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 2, f_table_name, strlen (f_table_name),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:2555:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (f_geometry_column), sqlite3_free);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:2556:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 4, toponet_name, strlen (toponet_name),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:2558:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 5, title, strlen (title), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:2559:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 6, abstract, strlen (abstract),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:2588:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:2597:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, coverage_name, strlen (coverage_name),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:2599:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 2, f_table_name, strlen (f_table_name),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:2602:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (f_geometry_column), sqlite3_free);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:2603:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 4, toponet_name, strlen (toponet_name),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:2641:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:2650:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, coverage_name, strlen (coverage_name),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:2684:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:2693:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, coverage_name, strlen (coverage_name),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:2721:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:2730:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, coverage_name, strlen (coverage_name),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:2733:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 2, keyword, strlen (keyword), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:2752:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:2761:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, coverage_name, strlen (coverage_name),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:2782:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:2791:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, coverage_name, strlen (coverage_name),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:2850:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:2859:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, title, strlen (title),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:2861:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 2, abstract, strlen (abstract),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:2864:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (coverage_name), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:2871:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:2880:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, title, strlen (title),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:2882:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 2, abstract, strlen (abstract),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:2891:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (coverage_name), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:2935:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:2944:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, license, strlen (license), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:2946:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (coverage_name), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:2953:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:2962:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, copyright, strlen (copyright),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:2964:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 2, coverage_name, strlen (coverage_name),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:2973:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:2982:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, copyright, strlen (copyright),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:2984:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 2, license, strlen (license), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:2986:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (coverage_name), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:3014:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:3023:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, coverage_name, strlen (coverage_name),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:3155:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:3208:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:3217:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, coverage_name, strlen (coverage_name),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:3263:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:3272:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, coverage_name, strlen (coverage_name),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:3303:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:3312:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, coverage_name, strlen (coverage_name),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:3352:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:3361:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, coverage_name, strlen (coverage_name),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:3363:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 2, keyword, strlen (keyword), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:3403:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:3412:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, coverage_name, strlen (coverage_name),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:3414:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 2, keyword, strlen (keyword), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:3466:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt_upd_cvg, 9, coverage_name, strlen (coverage_name),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:3480:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt_null_srid, 1, coverage_name, strlen (coverage_name),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:3590:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt_upd_cvg, 9, coverage_name, strlen (coverage_name),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:3605:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt_srid, 1, coverage_name, strlen (coverage_name),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:3681:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (coverage_name), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:3732:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt_srid, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:3744:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt_upd_cvg, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:3755:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt_null_srid, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:3766:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt_upd_srid, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:3815:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:3835:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, coverage_name, strlen (coverage_name),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:3837:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 2, coverage_name, strlen (coverage_name),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:3867:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt_ext,
data/spatialite-5.0.0/src/spatialite/se_helpers.c:3979:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt_virt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:4073:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:4082:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, coverage_name, strlen (coverage_name),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:4115:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:4124:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, coverage_name, strlen (coverage_name),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:4175:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:4184:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, coverage_name, strlen (coverage_name),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:4212:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:4221:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, coverage_name, strlen (coverage_name),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:4262:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:4271:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, coverage_name, strlen (coverage_name),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:4302:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:4311:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, coverage_name, strlen (coverage_name),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:4351:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:4360:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, coverage_name, strlen (coverage_name),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:4362:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 2, keyword, strlen (keyword), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:4402:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:4411:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, coverage_name, strlen (coverage_name),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:4413:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 2, keyword, strlen (keyword), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:4439:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:4448:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, coverage_name, strlen (coverage_name),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:4450:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 2, keyword, strlen (keyword), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:4497:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt_upd_cvg, 9, coverage_name, strlen (coverage_name),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:4511:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt_null_srid, 1, coverage_name, strlen (coverage_name),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:4621:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt_upd_cvg, 9, coverage_name, strlen (coverage_name),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:4636:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt_srid, 1, coverage_name, strlen (coverage_name),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:4712:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (coverage_name), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:4762:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt_srid, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:4774:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt_upd_cvg, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:4785:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt_null_srid, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:4796:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt_upd_srid, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:4815:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:4834:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, coverage_name, strlen (coverage_name),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:4859:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt_ext,
data/spatialite-5.0.0/src/spatialite/se_helpers.c:4994:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:5002:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, fileIdentifier, strlen (fileIdentifier),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:5046:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:5071:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:5080:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, fileIdentifier, strlen (fileIdentifier),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:5109:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:5121:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, scope, strlen (scope), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:5132:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 2, scope, strlen (scope), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:5164:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:5173:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, url, strlen (url), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:5174:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 2, title, strlen (title), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:5175:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 3, abstract, strlen (abstract),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:5194:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:5203:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, url, strlen (url), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:5231:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:5240:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, url, strlen (url), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:5268:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:5277:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, url, strlen (url), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:5300:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:5309:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, url, strlen (url), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:5330:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:5339:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, url, strlen (url), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:5388:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:5397:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, title, strlen (title), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:5398:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 2, abstract, strlen (abstract),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:5400:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 3, url, strlen (url), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:5428:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:5436:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, url, strlen (url), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:5493:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:5503:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 2, getmap_url, strlen (getmap_url),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:5505:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 3, layer_name, strlen (layer_name),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:5507:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 4, title, strlen (title), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:5508:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 5, abstract, strlen (abstract),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:5510:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 6, version, strlen (version), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:5511:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 7, ref_sys, strlen (ref_sys), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:5512:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 8, image_format, strlen (image_format),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:5514:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 9, style, strlen (style), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:5540:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 16, bgcolor, strlen (bgcolor),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:5549:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (getfeatureinfo_url), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:5570:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:5580:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 2, getmap_url, strlen (getmap_url),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:5582:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 3, layer_name, strlen (layer_name),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:5584:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 4, version, strlen (version), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:5585:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 5, ref_sys, strlen (ref_sys), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:5586:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 6, image_format, strlen (image_format),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:5588:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 7, style, strlen (style), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:5636:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:5644:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, url, strlen (url), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:5645:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 2, layer_name, strlen (layer_name), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:5673:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:5682:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, url, strlen (url), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:5683:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 2, layer_name, strlen (layer_name), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:5707:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:5716:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, url, strlen (url), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:5717:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 2, layer_name, strlen (layer_name), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:5764:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:5773:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, title, strlen (title), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:5774:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 2, abstract, strlen (abstract),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:5776:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 3, url, strlen (url), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:5777:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 4, layer_name, strlen (layer_name),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:5818:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:5827:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, license, strlen (license), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:5828:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 2, url, strlen (url), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:5830:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (layer_name), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:5837:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:5846:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, copyright, strlen (copyright),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:5848:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 2, url, strlen (url), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:5850:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (layer_name), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:5858:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:5867:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, copyright, strlen (copyright),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:5869:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 2, license, strlen (license), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:5870:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 3, url, strlen (url), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:5872:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (layer_name), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:5908:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:5920:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, bgcolor, strlen (bgcolor),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:5922:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 2, url, strlen (url), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:5923:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 3, layer_name, strlen (layer_name),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:5962:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:5978:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (getfeatureinfo_url), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:5979:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 3, url, strlen (url), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:5980:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 4, layer_name, strlen (layer_name),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:6020:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:6035:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 3, url, strlen (url), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:6036:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 4, layer_name, strlen (layer_name),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:6076:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:6101:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 5, url, strlen (url), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:6102:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 6, layer_name, strlen (layer_name),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:6132:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:6141:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, url, strlen (url), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:6142:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 2, layer_name, strlen (layer_name), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:6178:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:6187:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, url, strlen (url), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:6188:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 2, layer_name, strlen (layer_name), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:6189:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 3, key, strlen (key), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:6190:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 4, value, strlen (value), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:6206:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:6215:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, url, strlen (url), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:6216:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 2, layer_name, strlen (layer_name), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:6217:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 3, key, strlen (key), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:6218:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 4, value, strlen (value), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:6242:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:6252:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, value, strlen (value), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:6253:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 2, url, strlen (url), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:6254:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 3, layer_name, strlen (layer_name),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:6282:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:6291:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, url, strlen (url), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:6292:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 2, layer_name, strlen (layer_name), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:6293:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 3, ref_sys, strlen (ref_sys), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:6309:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:6318:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, url, strlen (url), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:6319:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 2, layer_name, strlen (layer_name), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:6320:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 3, ref_sys, strlen (ref_sys), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:6337:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:6347:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, ref_sys, strlen (ref_sys), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:6348:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 2, url, strlen (url), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:6349:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 3, layer_name, strlen (layer_name),
data/spatialite-5.0.0/src/spatialite/se_helpers.c:6382:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:6392:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 2, key, strlen (key), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:6393:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 3, value, strlen (value), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:6427:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:6435:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, url, strlen (url), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:6436:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 2, layer_name, strlen (layer_name), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:6437:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 3, key, strlen (key), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:6438:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 4, value, strlen (value), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:6476:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:6485:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, url, strlen (url), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:6486:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 2, layer_name, strlen (layer_name), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:6487:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 3, key, strlen (key), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:6488:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 4, value, strlen (value), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:6556:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:6565:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 2, ref_sys, strlen (ref_sys), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:6603:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:6611:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, url, strlen (url), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:6612:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 2, layer_name, strlen (layer_name), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:6613:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 3, ref_sys, strlen (ref_sys), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:6650:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:6658:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, url, strlen (url), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:6659:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 2, layer_name, strlen (layer_name), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:6660:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 3, ref_sys, strlen (ref_sys), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:6722:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:6731:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, getmap_url, strlen (getmap_url), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:6732:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 2, layer_name, strlen (layer_name), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:6816:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:6825:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, getmap_url, strlen (getmap_url), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:6826:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 2, layer_name, strlen (layer_name), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:6899:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:6909:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (license_name), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:6913:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 2, url, strlen (url), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:6942:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:6952:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (license_name), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:6985:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:6993:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, new_name, strlen (new_name), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:6994:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 2, old_name, strlen (old_name), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:7031:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:7039:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, url, strlen (url), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/se_helpers.c:7041:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (license_name), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/spatialite.c:255:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t sz = strlen (z);
data/spatialite-5.0.0/src/spatialite/spatialite.c:306:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
x.szSep = (int) strlen (x.zSep);
data/spatialite-5.0.0/src/spatialite/spatialite.c:416:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (p_result);
data/spatialite-5.0.0/src/spatialite/spatialite.c:499:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (p_result);
data/spatialite-5.0.0/src/spatialite/spatialite.c:517:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (p_result);
data/spatialite-5.0.0/src/spatialite/spatialite.c:538:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (p_result);
data/spatialite-5.0.0/src/spatialite/spatialite.c:566:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (p_result);
data/spatialite-5.0.0/src/spatialite/spatialite.c:744:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (p_result);
data/spatialite-5.0.0/src/spatialite/spatialite.c:767:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (p_result);
data/spatialite-5.0.0/src/spatialite/spatialite.c:1485:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& *(rtree_table + strlen (rtree_table) - 1) == '"')
data/spatialite-5.0.0/src/spatialite/spatialite.c:1489:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (rtree_table);
data/spatialite-5.0.0/src/spatialite/spatialite.c:1594:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& *(rtree_table + strlen (rtree_table) - 1) == '"')
data/spatialite-5.0.0/src/spatialite/spatialite.c:1598:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (rtree_table);
data/spatialite-5.0.0/src/spatialite/spatialite.c:2038:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (file == NULL || strlen (file) == 0)
data/spatialite-5.0.0/src/spatialite/spatialite.c:2417:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (name);
data/spatialite-5.0.0/src/spatialite/spatialite.c:2533:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (name);
data/spatialite-5.0.0/src/spatialite/spatialite.c:3673:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (name);
data/spatialite-5.0.0/src/spatialite/spatialite.c:3790:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (name);
data/spatialite-5.0.0/src/spatialite/spatialite.c:3982:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_result_text (context, spheroid, strlen (spheroid), free);
data/spatialite-5.0.0/src/spatialite/spatialite.c:4010:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_result_text (context, prime_meridian, strlen (prime_meridian),
data/spatialite-5.0.0/src/spatialite/spatialite.c:4039:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_result_text (context, projection, strlen (projection), free);
data/spatialite-5.0.0/src/spatialite/spatialite.c:4066:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_result_text (context, datum, strlen (datum), free);
data/spatialite-5.0.0/src/spatialite/spatialite.c:4093:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_result_text (context, unit, strlen (unit), free);
data/spatialite-5.0.0/src/spatialite/spatialite.c:4116:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_result_text (context, result, strlen (result), free);
data/spatialite-5.0.0/src/spatialite/spatialite.c:4195:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql_statement, strlen (sql_statement),
data/spatialite-5.0.0/src/spatialite/spatialite.c:4228:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql_statement, strlen (sql_statement),
data/spatialite-5.0.0/src/spatialite/spatialite.c:4239:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, table, strlen (table), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/spatialite.c:4240:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 2, column, strlen (column), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/spatialite.c:4603:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/spatialite.c:4612:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, table, strlen (table), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/spatialite.c:4667:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (sqlite, sql_statement, strlen (sql_statement),
data/spatialite-5.0.0/src/spatialite/spatialite.c:4891:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql_statement, strlen (sql_statement),
data/spatialite-5.0.0/src/spatialite/spatialite.c:4903:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, p_table, strlen (p_table), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/spatialite.c:4904:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 2, column, strlen (column), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/spatialite.c:4928:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/spatialite.c:4939:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, table, strlen (table), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/spatialite.c:4940:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 2, column, strlen (column), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/spatialite.c:4956:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/spatialite.c:4967:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, table, strlen (table), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/spatialite.c:4968:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 2, column, strlen (column), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/spatialite.c:4984:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/spatialite.c:4995:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, table, strlen (table), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/spatialite.c:4996:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 2, column, strlen (column), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/spatialite.c:5390:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql2, strlen (sql2), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/spatialite.c:5401:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, table, strlen (table), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/spatialite.c:5617:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql_statement, strlen (sql_statement),
data/spatialite-5.0.0/src/spatialite/spatialite.c:5630:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, p_table, strlen (p_table), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/spatialite.c:5631:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 2, column, strlen (column), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/spatialite.c:5955:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/spatialite.c:5965:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, table, strlen (table), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/spatialite.c:6136:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql_statement, strlen (sql_statement),
data/spatialite-5.0.0/src/spatialite/spatialite.c:6148:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, table, strlen (table), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/spatialite.c:6149:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 2, column, strlen (column), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/spatialite.c:6385:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql_statement, strlen (sql_statement),
data/spatialite-5.0.0/src/spatialite/spatialite.c:6397:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, table, strlen (table), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/spatialite.c:6398:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 2, column, strlen (column), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/spatialite.c:6422:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/spatialite.c:6432:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, table, strlen (table), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/spatialite.c:6433:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 2, column, strlen (column), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/spatialite.c:6449:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/spatialite.c:6459:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, table, strlen (table), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/spatialite.c:6460:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 2, column, strlen (column), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/spatialite.c:6476:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/spatialite.c:6486:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, table, strlen (table), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/spatialite.c:6487:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 2, column, strlen (column), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/spatialite.c:6619:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql_statement, strlen (sql_statement),
data/spatialite-5.0.0/src/spatialite/spatialite.c:6632:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen ((const char *) table), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/spatialite.c:6634:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen ((const char *) column), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/spatialite.c:7257:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql_statement, strlen (sql_statement),
data/spatialite-5.0.0/src/spatialite/spatialite.c:7525:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (sqlite, sql_statement, strlen (sql_statement),
data/spatialite-5.0.0/src/spatialite/spatialite.c:7561:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (sqlite, sql_statement, strlen (sql_statement),
data/spatialite-5.0.0/src/spatialite/spatialite.c:7573:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (first->auth_name), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/spatialite.c:7575:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (first->srs_wkt) == 0)
data/spatialite-5.0.0/src/spatialite/spatialite.c:7582:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (first->srs_wkt), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/spatialite.c:7888:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_result_text (context, scope, strlen (scope), sqlite3_free);
data/spatialite-5.0.0/src/spatialite/spatialite.c:7962:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql_statement, strlen (sql_statement),
data/spatialite-5.0.0/src/spatialite/spatialite.c:8007:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql_statement, strlen (sql_statement),
data/spatialite-5.0.0/src/spatialite/spatialite.c:8036:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (sqlite, sql_statement, strlen (sql_statement),
data/spatialite-5.0.0/src/spatialite/spatialite.c:8073:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql_statement, strlen (sql_statement),
data/spatialite-5.0.0/src/spatialite/spatialite.c:8205:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/spatialite.c:8332:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql_statement, strlen (sql_statement),
data/spatialite-5.0.0/src/spatialite/spatialite.c:8389:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql_statement, strlen (sql_statement),
data/spatialite-5.0.0/src/spatialite/spatialite.c:8431:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql_statement, strlen (sql_statement),
data/spatialite-5.0.0/src/spatialite/spatialite.c:8569:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql_statement, strlen (sql_statement),
data/spatialite-5.0.0/src/spatialite/spatialite.c:8656:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/spatialite.c:8878:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/spatialite.c:8889:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen ((const char *) table), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/spatialite.c:8943:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/spatialite.c:8953:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen ((const char *) table), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/spatialite.c:9832:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen (bgcolor);
data/spatialite-5.0.0/src/spatialite/spatialite.c:10696:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_result_text (context, url, strlen (url), sqlite3_free);
data/spatialite-5.0.0/src/spatialite/spatialite.c:10830:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_result_text (context, url, strlen (url), sqlite3_free);
data/spatialite-5.0.0/src/spatialite/spatialite.c:11603:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (name);
data/spatialite-5.0.0/src/spatialite/spatialite.c:11611:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (dummy);
data/spatialite-5.0.0/src/spatialite/spatialite.c:11619:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (xdummy);
data/spatialite-5.0.0/src/spatialite/spatialite.c:11636:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (desc);
data/spatialite-5.0.0/src/spatialite/spatialite.c:11644:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (dummy);
data/spatialite-5.0.0/src/spatialite/spatialite.c:11652:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (xdummy);
data/spatialite-5.0.0/src/spatialite/spatialite.c:16932:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (p_dim);
data/spatialite-5.0.0/src/spatialite/spatialite.c:16940:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (p_result);
data/spatialite-5.0.0/src/spatialite/spatialite.c:17036:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (gpb_type);
data/spatialite-5.0.0/src/spatialite/spatialite.c:17145:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (p_type);
data/spatialite-5.0.0/src/spatialite/spatialite.c:17153:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (p_result);
data/spatialite-5.0.0/src/spatialite/spatialite.c:17234:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (p_type);
data/spatialite-5.0.0/src/spatialite/spatialite.c:17242:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (p_result);
data/spatialite-5.0.0/src/spatialite/spatialite.c:20958:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen (text) < 5) || (strlen (text) > 7))
data/spatialite-5.0.0/src/spatialite/spatialite.c:20958:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen (text) < 5) || (strlen (text) > 7))
data/spatialite-5.0.0/src/spatialite/spatialite.c:20963:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (text) == 5)
data/spatialite-5.0.0/src/spatialite/spatialite.c:20985:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (text) == 6)
data/spatialite-5.0.0/src/spatialite/spatialite.c:21023:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (text) == 7)
data/spatialite-5.0.0/src/spatialite/spatialite.c:23961:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_result_text (context, msg, strlen (msg), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/spatialite.c:23981:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_result_text (context, path, strlen (path), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/spatialite.c:24009:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_result_text (context, path, strlen (path), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/spatialite.c:24047:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_result_text (context, proj_string, strlen (proj_string), free);
data/spatialite-5.0.0/src/spatialite/spatialite.c:24133:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_result_text (context, wkt_expr, strlen (wkt_expr), free);
data/spatialite-5.0.0/src/spatialite/spatialite.c:24300:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_result_text (context, msg, strlen (msg), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/spatialite.c:24323:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_result_text (context, msg, strlen (msg), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/spatialite.c:24346:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_result_text (context, msg, strlen (msg), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/spatialite.c:24494:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (str);
data/spatialite-5.0.0/src/spatialite/spatialite.c:27748:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_result_text (context, matrix, strlen (matrix),
data/spatialite-5.0.0/src/spatialite/spatialite.c:31166:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_result_text (context, msg, strlen (msg), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/spatialite.c:31186:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_result_text (context, msg, strlen (msg), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/spatialite.c:31238:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_result_error (context, msg, strlen (msg));
data/spatialite-5.0.0/src/spatialite/spatialite.c:32020:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen (geo_hash);
data/spatialite-5.0.0/src/spatialite/spatialite.c:32059:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (name);
data/spatialite-5.0.0/src/spatialite/spatialite.c:32154:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen (x3d);
data/spatialite-5.0.0/src/spatialite/spatialite.c:32908:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_result_text (context, message, strlen (message), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/spatialite.c:33487:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_result_text (context, txt, strlen (txt), sqlite3_free);
data/spatialite-5.0.0/src/spatialite/spatialite.c:33513:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (txt);
data/spatialite-5.0.0/src/spatialite/spatialite.c:33527:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_result_text (context, txt, strlen (txt), sqlite3_free);
data/spatialite-5.0.0/src/spatialite/spatialite.c:33892:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_result_text (context, uuid, strlen (uuid), SQLITE_TRANSIENT);
data/spatialite-5.0.0/src/spatialite/spatialite.c:33936:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_result_text (context, checksum, strlen (checksum), free);
data/spatialite-5.0.0/src/spatialite/spatialite.c:34010:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_result_text (context, checksum, strlen (checksum), free);
data/spatialite-5.0.0/src/spatialite/spatialite.c:34379:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_result_text (context, encoded, strlen (encoded), free);
data/spatialite-5.0.0/src/spatialite/spatialite.c:34421:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_result_text (context, url, strlen (url), free);
data/spatialite-5.0.0/src/spatialite/spatialite.c:34489:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_result_text (context, basename, strlen (basename), free);
data/spatialite-5.0.0/src/spatialite/spatialite.c:34555:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_result_text (context, filename, strlen (filename), free);
data/spatialite-5.0.0/src/spatialite/spatialite.c:34589:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_result_text (context, dir, strlen (dir), free);
data/spatialite-5.0.0/src/spatialite/spatialite.c:34620:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_result_text (context, name, strlen (name), free);
data/spatialite-5.0.0/src/spatialite/spatialite.c:34651:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_result_text (context, name, strlen (name), free);
data/spatialite-5.0.0/src/spatialite/spatialite.c:34681:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_result_text (context, ext, strlen (ext), free);
data/spatialite-5.0.0/src/spatialite/spatialite.c:34711:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_result_text (context, clean, strlen (clean), free);
data/spatialite-5.0.0/src/spatialite/spatialite.c:35705:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (mime);
data/spatialite-5.0.0/src/spatialite/spatialite.c:35737:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_result_text (context, mime, strlen (mime), free);
data/spatialite-5.0.0/src/spatialite/spatialite.c:36242:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen (filename);
data/spatialite-5.0.0/src/spatialite/spatialite.c:37134:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_result_text (context, msg, strlen (msg), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/spatialite.c:37211:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_result_text (context, path, strlen (path), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/spatialite.c:37417:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_result_text (context, varname, strlen (varname), free);
data/spatialite-5.0.0/src/spatialite/spatialite.c:37471:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_result_text (context, varlist, strlen (varlist), sqlite3_free);
data/spatialite-5.0.0/src/spatialite/spatialite.c:37490:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char mark_stop = *(name + strlen (name) - 1);
data/spatialite-5.0.0/src/spatialite/spatialite.c:37673:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_result_text (context, var_arg, strlen (var_arg), sqlite3_free);
data/spatialite-5.0.0/src/spatialite/spatialite.c:37734:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_result_text (context, sql, strlen (sql), free);
data/spatialite-5.0.0/src/spatialite/spatialite.c:37825:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_result_text (context, sql, strlen (sql), free);
data/spatialite-5.0.0/src/spatialite/spatialite.c:38759:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_result_text (context, value, strlen (value), free);
data/spatialite-5.0.0/src/spatialite/spatialite.c:38792:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_result_text (context, value, strlen (value), free);
data/spatialite-5.0.0/src/spatialite/spatialite.c:39266:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_result_text (context, err_msg, strlen (err_msg), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/spatialite.c:41603:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_result_text (context, dms, strlen (dms), free);
data/spatialite-5.0.0/src/spatialite/spatialite.c:43654:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen ((const char *) xml);
data/spatialite-5.0.0/src/spatialite/spatialite.c:44114:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_result_text (context, schema_uri, strlen (schema_uri), free);
data/spatialite-5.0.0/src/spatialite/spatialite.c:44143:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (file_identifier), free);
data/spatialite-5.0.0/src/spatialite/spatialite.c:44172:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (parent_identifier), free);
data/spatialite-5.0.0/src/spatialite/spatialite.c:44440:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_result_text (context, name, strlen (name), free);
data/spatialite-5.0.0/src/spatialite/spatialite.c:44468:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_result_text (context, title, strlen (title), free);
data/spatialite-5.0.0/src/spatialite/spatialite.c:44496:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_result_text (context, abstract, strlen (abstract), free);
data/spatialite-5.0.0/src/spatialite/spatialite.c:44599:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_result_text (context, encoding, strlen (encoding), free);
data/spatialite-5.0.0/src/spatialite/spatialite.c:44629:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_result_text (context, schema_uri, strlen (schema_uri), free);
data/spatialite-5.0.0/src/spatialite/spatialite.c:44648:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_result_text (context, msg, strlen (msg), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/spatialite.c:44667:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_result_text (context, msg, strlen (msg), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/spatialite.c:44710:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_result_text (context, msg, strlen (msg), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/spatialite.c:46203:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_result_text (context, text, strlen (text), sqlite3_free);
data/spatialite-5.0.0/src/spatialite/spatialite.c:46551:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_result_text (context, text, strlen (text), sqlite3_free);
data/spatialite-5.0.0/src/spatialite/spatialite.c:46943:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (cache->lastPostgreSqlError),
data/spatialite-5.0.0/src/spatialite/spatialite.c:47134:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_result_text (context, "ROUND", strlen ("ROUND"),
data/spatialite-5.0.0/src/spatialite/spatialite.c:47138:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_result_text (context, "FLAT", strlen ("FLAT"),
data/spatialite-5.0.0/src/spatialite/spatialite.c:47142:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_result_text (context, "SQUARE", strlen ("SQUARE"),
data/spatialite-5.0.0/src/spatialite/spatialite.c:47169:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_result_text (context, "ROUND", strlen ("ROUND"),
data/spatialite-5.0.0/src/spatialite/spatialite.c:47173:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_result_text (context, "MITRE", strlen ("MITRE"),
data/spatialite-5.0.0/src/spatialite/spatialite.c:47177:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_result_text (context, "BEVEL", strlen ("BEVEL"),
data/spatialite-5.0.0/src/spatialite/spatialite.c:47435:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen ((const char *) string);
data/spatialite-5.0.0/src/spatialite/srid_aux.c:259:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (mux[1]);
data/spatialite-5.0.0/src/spatialite/srid_aux.c:267:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (mux[2]);
data/spatialite-5.0.0/src/spatialite/srid_aux.c:281:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen (mux[1]);
data/spatialite-5.0.0/src/spatialite/srid_aux.c:293:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen (mux[1]);
data/spatialite-5.0.0/src/spatialite/srid_aux.c:330:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (mux[1]);
data/spatialite-5.0.0/src/spatialite/srid_aux.c:337:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (mux[2]);
data/spatialite-5.0.0/src/spatialite/srid_aux.c:351:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen (mux[1]);
data/spatialite-5.0.0/src/spatialite/srid_aux.c:363:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen (mux[1]);
data/spatialite-5.0.0/src/spatialite/srid_aux.c:401:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (p);
data/spatialite-5.0.0/src/spatialite/srid_aux.c:432:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (p);
data/spatialite-5.0.0/src/spatialite/srid_aux.c:458:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/srid_aux.c:491:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/srid_aux.c:522:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/srid_aux.c:577:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/srid_aux.c:610:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/srid_aux.c:641:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/srid_aux.c:702:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/srid_aux.c:790:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/srid_aux.c:809:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (spheroid);
data/spatialite-5.0.0/src/spatialite/srid_aux.c:823:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/srid_aux.c:853:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/srid_aux.c:984:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/srid_aux.c:1003:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (prime_meridian);
data/spatialite-5.0.0/src/spatialite/srid_aux.c:1017:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/srid_aux.c:1047:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/srid_aux.c:1162:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/srid_aux.c:1181:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (projection);
data/spatialite-5.0.0/src/spatialite/srid_aux.c:1195:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/srid_aux.c:1225:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/srid_aux.c:1372:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/srid_aux.c:1391:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (datum);
data/spatialite-5.0.0/src/spatialite/srid_aux.c:1405:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/srid_aux.c:1435:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/srid_aux.c:1541:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/srid_aux.c:1560:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (unit);
data/spatialite-5.0.0/src/spatialite/srid_aux.c:1574:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/srid_aux.c:1604:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/srid_aux.c:1683:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/srid_aux.c:1702:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (unit);
data/spatialite-5.0.0/src/spatialite/srid_aux.c:1716:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/srid_aux.c:1777:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (proj4text);
data/spatialite-5.0.0/src/spatialite/srid_aux.c:1886:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (iter->proj4text);
data/spatialite-5.0.0/src/spatialite/srid_aux.c:1948:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (srtext);
data/spatialite-5.0.0/src/spatialite/srid_aux.c:1992:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (auth);
data/spatialite-5.0.0/src/spatialite/statistics.c:128:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/statistics.c:135:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, table, strlen (table), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/statistics.c:136:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 2, column, strlen (column), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/statistics.c:195:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/statistics.c:201:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, table, strlen (table), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/statistics.c:202:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 2, column, strlen (column), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/statistics.c:250:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/statistics.c:257:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, table, strlen (table), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/statistics.c:258:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 2, column, strlen (column), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/statistics.c:317:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/statistics.c:324:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, table, strlen (table), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/statistics.c:325:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 2, column, strlen (column), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/statistics.c:373:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/statistics.c:380:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, table, strlen (table), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/statistics.c:381:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 2, column, strlen (column), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/statistics.c:440:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/statistics.c:447:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, table, strlen (table), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/statistics.c:448:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 2, column, strlen (column), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/statistics.c:514:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (col_name);
data/spatialite-5.0.0/src/spatialite/statistics.c:642:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/statistics.c:651:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, table, strlen (table), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/statistics.c:652:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 2, column, strlen (column), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/statistics.c:654:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 4, p->col_name, strlen (p->col_name),
data/spatialite-5.0.0/src/spatialite/statistics.c:732:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/statistics.c:741:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, table, strlen (table), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/statistics.c:742:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 2, column, strlen (column), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/statistics.c:744:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 4, p->col_name, strlen (p->col_name),
data/spatialite-5.0.0/src/spatialite/statistics.c:822:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/statistics.c:831:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, table, strlen (table), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/statistics.c:832:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 2, column, strlen (column), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/statistics.c:834:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 4, p->col_name, strlen (p->col_name),
data/spatialite-5.0.0/src/spatialite/statistics.c:1027:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (p->col_name);
data/spatialite-5.0.0/src/spatialite/statistics.c:1279:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (sqlite, sql_statement, strlen (sql_statement),
data/spatialite-5.0.0/src/spatialite/statistics.c:1950:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen (cvg);
data/spatialite-5.0.0/src/spatialite/statistics.c:5057:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen (name);
data/spatialite-5.0.0/src/spatialite/table_cloner.c:631:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (create_sql);
data/spatialite-5.0.0/src/spatialite/table_cloner.c:1032:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (cloner->sqlite, sql, strlen (sql), &stmt_in, NULL);
data/spatialite-5.0.0/src/spatialite/table_cloner.c:1117:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (cloner->sqlite, sql, strlen (sql), &stmt_out, NULL);
data/spatialite-5.0.0/src/spatialite/table_cloner.c:1279:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (name);
data/spatialite-5.0.0/src/spatialite/table_cloner.c:1282:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (sql);
data/spatialite-5.0.0/src/spatialite/table_cloner.c:1303:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (from);
data/spatialite-5.0.0/src/spatialite/table_cloner.c:1306:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (to);
data/spatialite-5.0.0/src/spatialite/table_cloner.c:1349:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (references);
data/spatialite-5.0.0/src/spatialite/table_cloner.c:1357:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (on_update);
data/spatialite-5.0.0/src/spatialite/table_cloner.c:1363:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (on_delete);
data/spatialite-5.0.0/src/spatialite/table_cloner.c:1369:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (match);
data/spatialite-5.0.0/src/spatialite/table_cloner.c:1408:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (name);
data/spatialite-5.0.0/src/spatialite/table_cloner.c:1430:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (name);
data/spatialite-5.0.0/src/spatialite/table_cloner.c:1433:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (type);
data/spatialite-5.0.0/src/spatialite/table_cloner.c:1441:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (deflt);
data/spatialite-5.0.0/src/spatialite/table_cloner.c:1689:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen (create_sql);
data/spatialite-5.0.0/src/spatialite/table_cloner.c:2132:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (db_prefix);
data/spatialite-5.0.0/src/spatialite/table_cloner.c:2135:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (in_table);
data/spatialite-5.0.0/src/spatialite/table_cloner.c:2138:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (out_table);
data/spatialite-5.0.0/src/spatialite/virtualXL.c:141:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (pPath);
data/spatialite-5.0.0/src/spatialite/virtualXL.c:147:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (path);
data/spatialite-5.0.0/src/spatialite/virtualXL.c:282:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen (cell.value.text_value);
data/spatialite-5.0.0/src/spatialite/virtualXL.c:487:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0; i < (int) strlen (buf); i++)
data/spatialite-5.0.0/src/spatialite/virtualXL.c:848:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (cell.value.text_value), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/virtualbbox.c:526:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (table);
data/spatialite-5.0.0/src/spatialite/virtualbbox.c:558:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (col_name);
data/spatialite-5.0.0/src/spatialite/virtualbbox.c:586:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (col_type);
data/spatialite-5.0.0/src/spatialite/virtualbbox.c:776:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (sql_statement.Buffer), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/virtualdbf.c:113:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen (buf);
data/spatialite-5.0.0/src/spatialite/virtualdbf.c:165:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (pPath);
data/spatialite-5.0.0/src/spatialite/virtualdbf.c:171:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (path);
data/spatialite-5.0.0/src/spatialite/virtualdbf.c:177:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (pEncoding);
data/spatialite-5.0.0/src/spatialite/virtualdbf.c:184:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (encoding);
data/spatialite-5.0.0/src/spatialite/virtualdbf.c:194:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (pColnameCase);
data/spatialite-5.0.0/src/spatialite/virtualdbf.c:201:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (ColnameCase);
data/spatialite-5.0.0/src/spatialite/virtualdbf.c:526:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0; i < (int) strlen (buf); i++)
data/spatialite-5.0.0/src/spatialite/virtualdbf.c:888:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (pFld->Value->TxtValue),
data/spatialite-5.0.0/src/spatialite/virtualelementary.c:158:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (sqlite, sql_statement, strlen (sql_statement),
data/spatialite-5.0.0/src/spatialite/virtualelementary.c:194:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (db_prefix);
data/spatialite-5.0.0/src/spatialite/virtualelementary.c:782:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (elem->db, sql_statement, strlen (sql_statement),
data/spatialite-5.0.0/src/spatialite/virtualelementary.c:925:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (cursor->db_prefix), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/virtualelementary.c:934:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (cursor->f_table_name),
data/spatialite-5.0.0/src/spatialite/virtualelementary.c:944:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (cursor->f_geometry_column),
data/spatialite-5.0.0/src/spatialite/virtualfdo.c:891:8: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (prefix, "(");
data/spatialite-5.0.0/src/spatialite/virtualfdo.c:904:8: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (prefix, "(");
data/spatialite-5.0.0/src/spatialite/virtualfdo.c:914:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (sql_statement.Buffer), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/virtualfdo.c:1138:8: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (prefix, " ");
data/spatialite-5.0.0/src/spatialite/virtualfdo.c:1152:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (sql_statement.Buffer), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/virtualfdo.c:1360:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen (wkt);
data/spatialite-5.0.0/src/spatialite/virtualfdo.c:1782:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (db_prefix);
data/spatialite-5.0.0/src/spatialite/virtualfdo.c:1785:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (table);
data/spatialite-5.0.0/src/spatialite/virtualfdo.c:1814:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (col_name);
data/spatialite-5.0.0/src/spatialite/virtualfdo.c:1817:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (col_type);
data/spatialite-5.0.0/src/spatialite/virtualfdo.c:1863:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (col_name);
data/spatialite-5.0.0/src/spatialite/virtualfdo.c:1898:8: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (prefix, "(");
data/spatialite-5.0.0/src/spatialite/virtualfdo.c:2023:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (sql_statement.Buffer), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/virtualgeojson.c:125:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0; i < strlen (buf); i++)
data/spatialite-5.0.0/src/spatialite/virtualgeojson.c:199:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (name);
data/spatialite-5.0.0/src/spatialite/virtualgeojson.c:339:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (stack->key);
data/spatialite-5.0.0/src/spatialite/virtualgeojson.c:347:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (stack->value);
data/spatialite-5.0.0/src/spatialite/virtualgeojson.c:359:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (stack->numvalue);
data/spatialite-5.0.0/src/spatialite/virtualgeojson.c:642:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen (parent_key);
data/spatialite-5.0.0/src/spatialite/virtualgeojson.c:797:17: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((c = getc (parser->in)) != EOF)
data/spatialite-5.0.0/src/spatialite/virtualgeojson.c:958:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const char *end_p = buf + strlen (buf);
data/spatialite-5.0.0/src/spatialite/virtualgeojson.c:1003:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (stack->key);
data/spatialite-5.0.0/src/spatialite/virtualgeojson.c:1020:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (stack->value);
data/spatialite-5.0.0/src/spatialite/virtualgeojson.c:1091:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (stack->numvalue);
data/spatialite-5.0.0/src/spatialite/virtualgeojson.c:1542:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen (name);
data/spatialite-5.0.0/src/spatialite/virtualgeojson.c:2283:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (pPath);
data/spatialite-5.0.0/src/spatialite/virtualgeojson.c:2289:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (path);
data/spatialite-5.0.0/src/spatialite/virtualgeojson.c:2303:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (pColnameCase);
data/spatialite-5.0.0/src/spatialite/virtualgeojson.c:2310:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (ColnameCase);
data/spatialite-5.0.0/src/spatialite/virtualgeojson.c:2343:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (argv[2]);
data/spatialite-5.0.0/src/spatialite/virtualgeojson.c:2680:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (db, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/virtualgeojson.c:2685:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, argv[2], strlen (argv[2]), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/virtualgeojson.c:2750:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (p_vt->db, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/virtualgeojson.c:2755:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, p_vt->TableName, strlen (p_vt->TableName),
data/spatialite-5.0.0/src/spatialite/virtualgeojson.c:2891:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0; i < (int) strlen (buf); i++)
data/spatialite-5.0.0/src/spatialite/virtualgeojson.c:3297:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (prop->txt_value), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/virtualgpkg.c:319:8: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (prefix, "(");
data/spatialite-5.0.0/src/spatialite/virtualgpkg.c:332:8: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (prefix, "(");
data/spatialite-5.0.0/src/spatialite/virtualgpkg.c:352:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (sql_statement.Buffer), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/virtualgpkg.c:419:8: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (prefix, " ");
data/spatialite-5.0.0/src/spatialite/virtualgpkg.c:439:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (sql_statement.Buffer), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/virtualgpkg.c:618:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (db_prefix);
data/spatialite-5.0.0/src/spatialite/virtualgpkg.c:621:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (table);
data/spatialite-5.0.0/src/spatialite/virtualgpkg.c:647:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (col_name);
data/spatialite-5.0.0/src/spatialite/virtualgpkg.c:650:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (col_type);
data/spatialite-5.0.0/src/spatialite/virtualgpkg.c:678:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (col_name);
data/spatialite-5.0.0/src/spatialite/virtualgpkg.c:773:8: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (prefix, "(");
data/spatialite-5.0.0/src/spatialite/virtualgpkg.c:905:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (sql_statement.Buffer), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/virtualknn.c:338:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen (table);
data/spatialite-5.0.0/src/spatialite/virtualknn.c:341:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen (column);
data/spatialite-5.0.0/src/spatialite/virtualknn.c:392:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (sqlite, sql_statement, strlen (sql_statement),
data/spatialite-5.0.0/src/spatialite/virtualknn.c:422:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (sqlite, sql_statement, strlen (sql_statement),
data/spatialite-5.0.0/src/spatialite/virtualknn.c:501:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (sqlite, sql_statement, strlen (sql_statement),
data/spatialite-5.0.0/src/spatialite/virtualknn.c:574:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (sqlite, sql_statement, strlen (sql_statement),
data/spatialite-5.0.0/src/spatialite/virtualknn.c:621:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (sqlite, sql_statement, strlen (sql_statement),
data/spatialite-5.0.0/src/spatialite/virtualknn.c:692:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (sqlite, sql_statement, strlen (sql_statement),
data/spatialite-5.0.0/src/spatialite/virtualknn.c:739:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen (tn);
data/spatialite-5.0.0/src/spatialite/virtualknn.c:1451:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (knn->db, sql_statement, strlen (sql_statement),
data/spatialite-5.0.0/src/spatialite/virtualknn.c:1467:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (knn->db, sql_statement, strlen (sql_statement),
data/spatialite-5.0.0/src/spatialite/virtualknn.c:1476:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (knn->db, sql_statement, strlen (sql_statement),
data/spatialite-5.0.0/src/spatialite/virtualknn.c:1484:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (knn->db, sql_statement, strlen (sql_statement),
data/spatialite-5.0.0/src/spatialite/virtualknn.c:1494:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (knn->db, sql_statement, strlen (sql_statement),
data/spatialite-5.0.0/src/spatialite/virtualknn.c:1521:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (knn->db, sql_statement, strlen (sql_statement),
data/spatialite-5.0.0/src/spatialite/virtualknn.c:1546:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (knn->db, sql_statement, strlen (sql_statement),
data/spatialite-5.0.0/src/spatialite/virtualknn.c:1591:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (knn->db, sql_statement, strlen (sql_statement),
data/spatialite-5.0.0/src/spatialite/virtualknn.c:1721:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (ctx->table_name), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/virtualknn.c:1727:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (ctx->column_name), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/virtualnetwork.c:980:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen (name);
data/spatialite-5.0.0/src/spatialite/virtualnetwork.c:1003:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (from_code);
data/spatialite-5.0.0/src/spatialite/virtualnetwork.c:1010:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (to_code);
data/spatialite-5.0.0/src/spatialite/virtualnetwork.c:1025:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (name);
data/spatialite-5.0.0/src/spatialite/virtualnetwork.c:1159:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (sql_statement.Buffer), &stmt,
data/spatialite-5.0.0/src/spatialite/virtualnetwork.c:1421:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen (pA->Name);
data/spatialite-5.0.0/src/spatialite/virtualnetwork.c:1449:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/virtualnetwork.c:1650:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (table);
data/spatialite-5.0.0/src/spatialite/virtualnetwork.c:1653:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (from);
data/spatialite-5.0.0/src/spatialite/virtualnetwork.c:1656:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (to);
data/spatialite-5.0.0/src/spatialite/virtualnetwork.c:1659:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (geom);
data/spatialite-5.0.0/src/spatialite/virtualnetwork.c:1674:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (name);
data/spatialite-5.0.0/src/spatialite/virtualnetwork.c:1780:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (code);
data/spatialite-5.0.0/src/spatialite/virtualnetwork.c:1865:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/virtualnetwork.c:2453:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_result_text (pContext, algorithm, strlen (algorithm),
data/spatialite-5.0.0/src/spatialite/virtualnetwork.c:2466:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (cursor->solution->From->Code),
data/spatialite-5.0.0/src/spatialite/virtualnetwork.c:2476:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (row_node->Node->Code),
data/spatialite-5.0.0/src/spatialite/virtualnetwork.c:2524:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (algorithm), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/virtualnetwork.c:2545:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (cursor->solution->From->
data/spatialite-5.0.0/src/spatialite/virtualnetwork.c:2557:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (cursor->solution->To->
data/spatialite-5.0.0/src/spatialite/virtualnetwork.c:2602:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (algorithm), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/virtualnetwork.c:2615:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (row->Arc->NodeFrom->
data/spatialite-5.0.0/src/spatialite/virtualnetwork.c:2626:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (row->Arc->NodeTo->Code),
data/spatialite-5.0.0/src/spatialite/virtualnetwork.c:2646:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (row->Name),
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:795:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen (name);
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:822:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (from_code);
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:829:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (to_code);
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:894:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (name);
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:1179:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (sql_statement.Buffer), &stmt,
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:1371:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen (pA->Name);
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:1429:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen (pA->Name);
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:1889:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (code);
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:2958:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (str);
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:3536:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:3563:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:3689:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (code);
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:3699:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (code);
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:4343:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen (destination->Code);
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:4984:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (table);
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:4987:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (from);
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:4990:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (to);
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:4993:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (geom);
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:5008:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (name);
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:5116:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (code);
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:5204:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:5316:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (node_from);
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:5319:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (node_to);
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:5483:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:5697:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:5774:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:5880:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:5955:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:6082:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (node);
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:6142:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (node);
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:6271:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:6509:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:6887:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int l = strlen (p_node_to->codNode);
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:6938:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int l = strlen (p2p->toCandidate->codNodeFrom);
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:8014:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_result_text (pContext, algorithm, strlen (algorithm),
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:8024:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_result_text (pContext, algorithm, strlen (algorithm),
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:8034:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_result_text (pContext, algorithm, strlen (algorithm),
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:8052:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_result_text (pContext, delimiter, strlen (delimiter),
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:8069:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_result_text (pContext, role, strlen (role), SQLITE_TRANSIENT);
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:8082:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (cursor->pVtab->multiSolution->
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:8097:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (row_node->Node->Code),
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:8182:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (algorithm), SQLITE_TRANSIENT);
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:8197:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (algorithm), SQLITE_TRANSIENT);
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:8214:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (algorithm), SQLITE_TRANSIENT);
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:8232:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (delimiter), SQLITE_TRANSIENT);
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:8260:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (algorithm), SQLITE_TRANSIENT);
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:8275:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (algorithm), SQLITE_TRANSIENT);
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:8292:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (algorithm), SQLITE_TRANSIENT);
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:8310:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (delimiter), SQLITE_TRANSIENT);
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:8329:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_result_text (pContext, role, strlen (role),
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:8344:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (row->Undefined),
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:8353:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (row->From->Code),
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:8364:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (row->Undefined),
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:8423:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (algorithm), SQLITE_TRANSIENT);
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:8438:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (algorithm), SQLITE_TRANSIENT);
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:8455:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (algorithm), SQLITE_TRANSIENT);
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:8473:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (delimiter), SQLITE_TRANSIENT);
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:8498:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_result_text (pContext, role, strlen (role),
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:8518:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (row->From->Code),
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:8528:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (row->To->Code), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:8612:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_result_text (pContext, role, strlen (role),
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:8626:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (row->linkRef->Link->
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:8639:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (row->linkRef->Link->
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:8675:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (row->linkRef->Name),
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:8705:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (algorithm),
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:8719:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (algorithm),
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:8742:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (algorithm),
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:8764:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (delimiter),
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:8793:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_result_text (pContext, role, strlen (role),
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:8815:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (row->linkRef->
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:8834:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (row->linkRef->
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:8915:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (row->linkRef->Name),
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:8961:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_result_text (pContext, role, strlen (role),
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:8975:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (row->linkRef->Link->
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:8988:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (row->linkRef->Link->
data/spatialite-5.0.0/src/spatialite/virtualrouting.c:9009:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (row->linkRef->Name),
data/spatialite-5.0.0/src/spatialite/virtualshape.c:175:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen (buf);
data/spatialite-5.0.0/src/spatialite/virtualshape.c:231:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (pPath);
data/spatialite-5.0.0/src/spatialite/virtualshape.c:237:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (path);
data/spatialite-5.0.0/src/spatialite/virtualshape.c:243:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (pEncoding);
data/spatialite-5.0.0/src/spatialite/virtualshape.c:250:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (encoding);
data/spatialite-5.0.0/src/spatialite/virtualshape.c:263:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (pColnameCase);
data/spatialite-5.0.0/src/spatialite/virtualshape.c:270:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (ColnameCase);
data/spatialite-5.0.0/src/spatialite/virtualshape.c:301:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (argv[2]);
data/spatialite-5.0.0/src/spatialite/virtualshape.c:645:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (db, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/virtualshape.c:650:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, argv[2], strlen (argv[2]), SQLITE_STATIC);
data/spatialite-5.0.0/src/spatialite/virtualshape.c:718:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (p_vt->db, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/virtualshape.c:723:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, p_vt->TableName, strlen (p_vt->TableName),
data/spatialite-5.0.0/src/spatialite/virtualshape.c:878:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0; i < (int) strlen (buf); i++)
data/spatialite-5.0.0/src/spatialite/virtualshape.c:1246:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (pFld->Value->TxtValue),
data/spatialite-5.0.0/src/spatialite/virtualspatialindex.c:154:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (sqlite, sql_statement, strlen (sql_statement),
data/spatialite-5.0.0/src/spatialite/virtualspatialindex.c:184:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (sqlite, sql_statement, strlen (sql_statement),
data/spatialite-5.0.0/src/spatialite/virtualspatialindex.c:268:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (sqlite, sql_statement, strlen (sql_statement),
data/spatialite-5.0.0/src/spatialite/virtualspatialindex.c:344:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (sqlite, sql_statement, strlen (sql_statement),
data/spatialite-5.0.0/src/spatialite/virtualspatialindex.c:391:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (sqlite, sql_statement, strlen (sql_statement),
data/spatialite-5.0.0/src/spatialite/virtualspatialindex.c:472:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (sqlite, sql_statement, strlen (sql_statement),
data/spatialite-5.0.0/src/spatialite/virtualspatialindex.c:523:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen (tn);
data/spatialite-5.0.0/src/spatialite/virtualspatialindex.c:827:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (spidx->db, sql_statement, strlen (sql_statement),
data/spatialite-5.0.0/src/spatialite/virtualxpath.c:193:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (prefix);
data/spatialite-5.0.0/src/spatialite/virtualxpath.c:197:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (href);
data/spatialite-5.0.0/src/spatialite/virtualxpath.c:744:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (cursor->pVtab->db, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/spatialite/virtualxpath.c:804:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen (exp);
data/spatialite-5.0.0/src/spatialite/virtualxpath.c:1016:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (xParent), SQLITE_TRANSIENT);
data/spatialite-5.0.0/src/spatialite/virtualxpath.c:1024:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (xNode), SQLITE_TRANSIENT);
data/spatialite-5.0.0/src/spatialite/virtualxpath.c:1032:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (xAttribute), SQLITE_TRANSIENT);
data/spatialite-5.0.0/src/spatialite/virtualxpath.c:1040:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (xValue), SQLITE_TRANSIENT);
data/spatialite-5.0.0/src/spatialite/virtualxpath.c:1044:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (cursor->xpathExpr), SQLITE_STATIC);
data/spatialite-5.0.0/src/srsinit/epsg_update/auto_epsg.c:90:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (name);
data/spatialite-5.0.0/src/srsinit/epsg_update/auto_epsg.c:93:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (proj4text);
data/spatialite-5.0.0/src/srsinit/epsg_update/auto_epsg.c:116:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen (wkt);
data/spatialite-5.0.0/src/srsinit/epsg_update/auto_epsg.c:137:17: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((c = getc (fl_epsg)) != EOF)
data/spatialite-5.0.0/src/srsinit/epsg_update/auto_epsg.c:147:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen (line);
data/spatialite-5.0.0/src/srsinit/epsg_update/auto_epsg.c:189:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (line);
data/spatialite-5.0.0/src/srsinit/epsg_update/auto_epsg.c:220:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen (line);
data/spatialite-5.0.0/src/srsinit/epsg_update/auto_epsg.c:246:17: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((c = getc (fl_wkt)) != EOF)
data/spatialite-5.0.0/src/srsinit/epsg_update/auto_epsg_ext.c:126:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (name);
data/spatialite-5.0.0/src/srsinit/epsg_update/auto_epsg_ext.c:129:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (proj4text);
data/spatialite-5.0.0/src/srsinit/epsg_update/auto_epsg_ext.c:132:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (srtext);
data/spatialite-5.0.0/src/srsinit/epsg_update/auto_epsg_ext.c:135:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (unit);
data/spatialite-5.0.0/src/srsinit/epsg_update/auto_epsg_ext.c:138:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (axis_1);
data/spatialite-5.0.0/src/srsinit/epsg_update/auto_epsg_ext.c:141:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (orientation_1);
data/spatialite-5.0.0/src/srsinit/epsg_update/auto_epsg_ext.c:144:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (axis_2);
data/spatialite-5.0.0/src/srsinit/epsg_update/auto_epsg_ext.c:147:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (orientation_2);
data/spatialite-5.0.0/src/srsinit/epsg_update/auto_epsg_ext.c:150:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (spheroid);
data/spatialite-5.0.0/src/srsinit/epsg_update/auto_epsg_ext.c:153:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (prime_meridian);
data/spatialite-5.0.0/src/srsinit/epsg_update/auto_epsg_ext.c:156:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (datum);
data/spatialite-5.0.0/src/srsinit/epsg_update/auto_epsg_ext.c:159:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (projection);
data/spatialite-5.0.0/src/srsinit/epsg_update/auto_epsg_ext.c:212:17: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((c = getc (fl_epsg)) != EOF)
data/spatialite-5.0.0/src/srsinit/epsg_update/epsg_from_gdal-proj6.c:53:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (proj4text);
data/spatialite-5.0.0/src/srsinit/epsg_update/epsg_from_gdal-proj6.c:81:17: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((c = getc (in)) != EOF)
data/spatialite-5.0.0/src/srsinit/epsg_update/epsg_from_gdal-proj6.c:127:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen (crs->proj4text);
data/spatialite-5.0.0/src/srsinit/epsg_update/epsg_from_gdal-proj6.c:204:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (proj4) > 0)
data/spatialite-5.0.0/src/srsinit/epsg_update/epsg_from_gdal-proj6.c:207:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen (proj4);
data/spatialite-5.0.0/src/srsinit/epsg_update/epsg_from_gdal.c:97:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (proj4) > 0)
data/spatialite-5.0.0/src/srsinit/epsg_update/epsg_from_gdal.c:100:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen (proj4);
data/spatialite-5.0.0/src/srsinit/srs_init.c:119:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (auth_name);
data/spatialite-5.0.0/src/srsinit/srs_init.c:130:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (ref_sys_name);
data/spatialite-5.0.0/src/srsinit/srs_init.c:200:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (auth_name);
data/spatialite-5.0.0/src/srsinit/srs_init.c:211:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (ref_sys_name);
data/spatialite-5.0.0/src/srsinit/srs_init.c:224:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (spheroid);
data/spatialite-5.0.0/src/srsinit/srs_init.c:232:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (prime_meridian);
data/spatialite-5.0.0/src/srsinit/srs_init.c:240:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (datum);
data/spatialite-5.0.0/src/srsinit/srs_init.c:248:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (projection);
data/spatialite-5.0.0/src/srsinit/srs_init.c:256:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (unit);
data/spatialite-5.0.0/src/srsinit/srs_init.c:264:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (axis_1);
data/spatialite-5.0.0/src/srsinit/srs_init.c:272:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (orientation_1);
data/spatialite-5.0.0/src/srsinit/srs_init.c:280:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (axis_2);
data/spatialite-5.0.0/src/srsinit/srs_init.c:288:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (orientation_2);
data/spatialite-5.0.0/src/srsinit/srs_init.c:314:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (text);
data/spatialite-5.0.0/src/srsinit/srs_init.c:325:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
olen = strlen (p->proj4text);
data/spatialite-5.0.0/src/srsinit/srs_init.c:344:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (text);
data/spatialite-5.0.0/src/srsinit/srs_init.c:355:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
olen = strlen (p->srs_wkt);
data/spatialite-5.0.0/src/srsinit/srs_init.c:466:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/srsinit/srs_init.c:484:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt_aux, NULL);
data/spatialite-5.0.0/src/srsinit/srs_init.c:501:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 2, p->auth_name, strlen (p->auth_name),
data/spatialite-5.0.0/src/srsinit/srs_init.c:504:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 4, p->ref_sys_name, strlen (p->ref_sys_name),
data/spatialite-5.0.0/src/srsinit/srs_init.c:506:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 5, p->proj4text, strlen (p->proj4text),
data/spatialite-5.0.0/src/srsinit/srs_init.c:511:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (p->srs_wkt) == 0)
data/spatialite-5.0.0/src/srsinit/srs_init.c:514:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 6, p->srs_wkt, strlen (p->srs_wkt),
data/spatialite-5.0.0/src/srsinit/srs_init.c:552:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (p->spheroid), SQLITE_STATIC);
data/spatialite-5.0.0/src/srsinit/srs_init.c:560:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (p->prime_meridian),
data/spatialite-5.0.0/src/srsinit/srs_init.c:569:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (p->datum), SQLITE_STATIC);
data/spatialite-5.0.0/src/srsinit/srs_init.c:577:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (p->projection), SQLITE_STATIC);
data/spatialite-5.0.0/src/srsinit/srs_init.c:584:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt_aux, 8, p->unit, strlen (p->unit),
data/spatialite-5.0.0/src/srsinit/srs_init.c:593:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (p->axis_1), SQLITE_STATIC);
data/spatialite-5.0.0/src/srsinit/srs_init.c:601:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (p->orientation_1),
data/spatialite-5.0.0/src/srsinit/srs_init.c:610:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (p->axis_2), SQLITE_STATIC);
data/spatialite-5.0.0/src/srsinit/srs_init.c:618:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (p->orientation_2),
data/spatialite-5.0.0/src/srsinit/srs_init.c:924:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/srsinit/srs_init.c:941:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt_aux, NULL);
data/spatialite-5.0.0/src/srsinit/srs_init.c:954:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 2, first->auth_name, strlen (first->auth_name),
data/spatialite-5.0.0/src/srsinit/srs_init.c:958:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (first->ref_sys_name), SQLITE_STATIC);
data/spatialite-5.0.0/src/srsinit/srs_init.c:959:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 5, first->proj4text, strlen (first->proj4text),
data/spatialite-5.0.0/src/srsinit/srs_init.c:964:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (first->srs_wkt) == 0)
data/spatialite-5.0.0/src/srsinit/srs_init.c:968:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (first->srs_wkt), SQLITE_STATIC);
data/spatialite-5.0.0/src/srsinit/srs_init.c:1006:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (first->spheroid), SQLITE_STATIC);
data/spatialite-5.0.0/src/srsinit/srs_init.c:1014:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (first->prime_meridian),
data/spatialite-5.0.0/src/srsinit/srs_init.c:1023:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (first->datum), SQLITE_STATIC);
data/spatialite-5.0.0/src/srsinit/srs_init.c:1031:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (first->projection), SQLITE_STATIC);
data/spatialite-5.0.0/src/srsinit/srs_init.c:1039:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (first->unit), SQLITE_STATIC);
data/spatialite-5.0.0/src/srsinit/srs_init.c:1047:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (first->axis_1), SQLITE_STATIC);
data/spatialite-5.0.0/src/srsinit/srs_init.c:1055:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (first->orientation_1),
data/spatialite-5.0.0/src/srsinit/srs_init.c:1064:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (first->axis_2), SQLITE_STATIC);
data/spatialite-5.0.0/src/srsinit/srs_init.c:1072:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (first->orientation_2),
data/spatialite-5.0.0/src/stored_procedures/stored_procedures.c:123:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (errmsg);
data/spatialite-5.0.0/src/stored_procedures/stored_procedures.c:204:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 1; i < (int) strlen (str); i++)
data/spatialite-5.0.0/src/stored_procedures/stored_procedures.c:216:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (end + 1 >= (int) strlen (str))
data/spatialite-5.0.0/src/stored_procedures/stored_procedures.c:223:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
value_len = strlen (str + start);
data/spatialite-5.0.0/src/stored_procedures/stored_procedures.c:400:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size += strlen (item->varname) + 7;
data/spatialite-5.0.0/src/stored_procedures/stored_procedures.c:455:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (xsql);
data/spatialite-5.0.0/src/stored_procedures/stored_procedures.c:477:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (sql);
data/spatialite-5.0.0/src/stored_procedures/stored_procedures.c:539:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sql_len = strlen (sql);
data/spatialite-5.0.0/src/stored_procedures/stored_procedures.c:559:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (item->varname);
data/spatialite-5.0.0/src/stored_procedures/stored_procedures.c:943:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/stored_procedures/stored_procedures.c:949:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, varname, strlen (varname), SQLITE_STATIC);
data/spatialite-5.0.0/src/stored_procedures/stored_procedures.c:982:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return strlen (var->Value);
data/spatialite-5.0.0/src/stored_procedures/stored_procedures.c:991:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen (stored_var);
data/spatialite-5.0.0/src/stored_procedures/stored_procedures.c:1036:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (raw);
data/spatialite-5.0.0/src/stored_procedures/stored_procedures.c:1054:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf_size = strlen (raw);
data/spatialite-5.0.0/src/stored_procedures/stored_procedures.c:1059:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf_size -= (strlen (item->varname) + 2) * item->count;
data/spatialite-5.0.0/src/stored_procedures/stored_procedures.c:1130:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (k = 0; k < (int) strlen (replacement_value); k++)
data/spatialite-5.0.0/src/stored_procedures/stored_procedures.c:1331:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/stored_procedures/stored_procedures.c:1343:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, name, strlen (name), SQLITE_STATIC);
data/spatialite-5.0.0/src/stored_procedures/stored_procedures.c:1344:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 2, title, strlen (title), SQLITE_STATIC);
data/spatialite-5.0.0/src/stored_procedures/stored_procedures.c:1375:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/stored_procedures/stored_procedures.c:1387:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, name, strlen (name), SQLITE_STATIC);
data/spatialite-5.0.0/src/stored_procedures/stored_procedures.c:1424:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/stored_procedures/stored_procedures.c:1436:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, name, strlen (name), SQLITE_STATIC);
data/spatialite-5.0.0/src/stored_procedures/stored_procedures.c:1466:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/stored_procedures/stored_procedures.c:1478:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, title, strlen (title), SQLITE_STATIC);
data/spatialite-5.0.0/src/stored_procedures/stored_procedures.c:1479:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 2, name, strlen (name), SQLITE_STATIC);
data/spatialite-5.0.0/src/stored_procedures/stored_procedures.c:1510:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/stored_procedures/stored_procedures.c:1523:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 2, name, strlen (name), SQLITE_STATIC);
data/spatialite-5.0.0/src/stored_procedures/stored_procedures.c:1553:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/stored_procedures/stored_procedures.c:1565:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, name, strlen (name), SQLITE_STATIC);
data/spatialite-5.0.0/src/stored_procedures/stored_procedures.c:1566:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 2, title, strlen (title), SQLITE_STATIC);
data/spatialite-5.0.0/src/stored_procedures/stored_procedures.c:1567:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 3, value, strlen (value), SQLITE_STATIC);
data/spatialite-5.0.0/src/stored_procedures/stored_procedures.c:1596:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/stored_procedures/stored_procedures.c:1608:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, name, strlen (name), SQLITE_STATIC);
data/spatialite-5.0.0/src/stored_procedures/stored_procedures.c:1633:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p_value = malloc (strlen (var_with_val) + 1);
data/spatialite-5.0.0/src/stored_procedures/stored_procedures.c:1657:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/stored_procedures/stored_procedures.c:1669:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, name, strlen (name), SQLITE_STATIC);
data/spatialite-5.0.0/src/stored_procedures/stored_procedures.c:1699:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/stored_procedures/stored_procedures.c:1711:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, title, strlen (title), SQLITE_STATIC);
data/spatialite-5.0.0/src/stored_procedures/stored_procedures.c:1712:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 2, name, strlen (name), SQLITE_STATIC);
data/spatialite-5.0.0/src/stored_procedures/stored_procedures.c:1742:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/stored_procedures/stored_procedures.c:1754:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, value, strlen (value), SQLITE_STATIC);
data/spatialite-5.0.0/src/stored_procedures/stored_procedures.c:1755:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 2, name, strlen (name), SQLITE_STATIC);
data/spatialite-5.0.0/src/stored_procedures/stored_procedures.c:1835:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = strlen (buffer) - 1; i > 0; i--)
data/spatialite-5.0.0/src/stored_procedures/stored_procedures.c:1847:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (buffer, "0");
data/spatialite-5.0.0/src/stored_procedures/stored_procedures.c:2014:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (db_path) > 0)
data/spatialite-5.0.0/src/stored_procedures/stored_procedures.c:2208:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (pSql) == 0)
data/spatialite-5.0.0/src/stored_procedures/stored_procedures.c:2211:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, pSql, strlen (pSql), &stmt,
data/spatialite-5.0.0/src/stored_procedures/stored_procedures.c:2257:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line = do_title_bar (strlen (nm));
data/spatialite-5.0.0/src/stored_procedures/stored_procedures.c:2265:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line = do_title_bar (strlen (nm));
data/spatialite-5.0.0/src/stored_procedures/stored_procedures.c:2465:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (filepath);
data/spatialite-5.0.0/src/topology/gaia_auxnet.c:1166:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/topology/gaia_auxnet.c:1194:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
xnetwork_name = malloc (strlen (str) + 1);
data/spatialite-5.0.0/src/topology/gaia_auxnet.c:1512:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (msg);
data/spatialite-5.0.0/src/topology/gaia_auxnet.c:1965:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (net->db_handle, sql, strlen (sql), &stmt_in, NULL);
data/spatialite-5.0.0/src/topology/gaia_auxnet.c:2049:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (net->db_handle, sql, strlen (sql), &stmt_in, NULL);
data/spatialite-5.0.0/src/topology/gaia_auxnet.c:2138:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (net->db_handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/topology/gaia_auxnet.c:2236:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (net->db_handle, sql, strlen (sql), &stmt_in, NULL);
data/spatialite-5.0.0/src/topology/gaia_auxnet.c:2320:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (net->db_handle, sql, strlen (sql), &stmt_in, NULL);
data/spatialite-5.0.0/src/topology/gaia_auxnet.c:2412:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (net->db_handle, sql, strlen (sql), &stmt_in, NULL);
data/spatialite-5.0.0/src/topology/gaia_auxnet.c:2505:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (net->db_handle, sql, strlen (sql), &stmt_in, NULL);
data/spatialite-5.0.0/src/topology/gaia_auxnet.c:2595:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (net->db_handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/topology/gaia_auxnet.c:2791:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (net->db_handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/topology/gaia_auxnet.c:2894:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (net->db_handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/topology/gaia_auxnet.c:3063:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (net->db_handle, sql, strlen (sql), &stmt_out, NULL);
data/spatialite-5.0.0/src/topology/gaia_auxnet.c:3088:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (net->db_handle, sql, strlen (sql), &stmt_in, NULL);
data/spatialite-5.0.0/src/topology/gaia_auxnet.c:3338:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (net->db_handle, sql, strlen (sql), &stmt_in, NULL);
data/spatialite-5.0.0/src/topology/gaia_auxnet.c:3355:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (net->db_handle, sql, strlen (sql), &stmt_out, NULL);
data/spatialite-5.0.0/src/topology/gaia_auxnet.c:3962:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (net->db_handle, select, strlen (select), &stmt_ref,
data/spatialite-5.0.0/src/topology/gaia_auxnet.c:3978:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (net->db_handle, insert, strlen (insert), &stmt_ins,
data/spatialite-5.0.0/src/topology/gaia_auxnet.c:4002:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (net->db_handle, sql, strlen (sql), &stmt_seed_link,
data/spatialite-5.0.0/src/topology/gaia_auxnet.c:4025:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (net->db_handle, sql, strlen (sql), &stmt_node,
data/spatialite-5.0.0/src/topology/gaia_auxnet.c:4054:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (net->db_handle, sql, strlen (sql), &stmt_link,
data/spatialite-5.0.0/src/topology/gaia_auxnet.c:4122:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (direction, "?");
data/spatialite-5.0.0/src/topology/gaia_auxnet.c:4314:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (network->db_handle, sql, strlen (sql), &stmt_links,
data/spatialite-5.0.0/src/topology/gaia_auxnet.c:4357:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (network->db_handle, sql, strlen (sql), &stmt_ref,
data/spatialite-5.0.0/src/topology/gaia_auxnet.c:4389:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (network->db_handle, sql, strlen (sql), &stmt_rev,
data/spatialite-5.0.0/src/topology/gaia_auxnet.c:4407:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (network->db_handle, sql, strlen (sql), &stmt_ins,
data/spatialite-5.0.0/src/topology/gaia_auxtopo.c:2110:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/topology/gaia_auxtopo.c:2137:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
xtopology_name = malloc (strlen (str) + 1);
data/spatialite-5.0.0/src/topology/gaia_auxtopo.c:2579:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (msg);
data/spatialite-5.0.0/src/topology/gaia_auxtopo.c:2899:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (topo->db_handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/topology/gaia_auxtopo.c:2971:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (topo->db_handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/topology/gaia_auxtopo.c:2996:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (topo->db_handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/topology/gaia_auxtopo.c:3056:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (topo->db_handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/topology/gaia_auxtopo.c:3124:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (topo->db_handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/topology/gaia_auxtopo.c:3148:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (topo->db_handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/topology/gaia_auxtopo.c:3661:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (topo->db_handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/topology/gaia_auxtopo.c:3697:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (topo->db_handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/topology/gaia_auxtopo.c:3866:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (topo->db_handle, sql, strlen (sql), &stmt_in, NULL);
data/spatialite-5.0.0/src/topology/gaia_auxtopo.c:3962:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (topo->db_handle, sql, strlen (sql), &stmt_in, NULL);
data/spatialite-5.0.0/src/topology/gaia_auxtopo.c:4049:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (topo->db_handle, sql, strlen (sql), &stmt_in, NULL);
data/spatialite-5.0.0/src/topology/gaia_auxtopo.c:4148:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (topo->db_handle, sql, strlen (sql), &stmt_in, NULL);
data/spatialite-5.0.0/src/topology/gaia_auxtopo.c:4243:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (topo->db_handle, sql, strlen (sql), &stmt_in, NULL);
data/spatialite-5.0.0/src/topology/gaia_auxtopo.c:4336:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (topo->db_handle, sql, strlen (sql), &stmt_in, NULL);
data/spatialite-5.0.0/src/topology/gaia_auxtopo.c:4431:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (topo->db_handle, sql, strlen (sql), &stmt_in, NULL);
data/spatialite-5.0.0/src/topology/gaia_auxtopo.c:4661:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (topo->db_handle, sql, strlen (sql), &stmt_in, NULL);
data/spatialite-5.0.0/src/topology/gaia_auxtopo.c:4683:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (topo->db_handle, sql, strlen (sql), &stmt_out,
data/spatialite-5.0.0/src/topology/gaia_auxtopo.c:4705:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (topo->db_handle, sql, strlen (sql), &stmt_rtree,
data/spatialite-5.0.0/src/topology/gaia_auxtopo.c:4879:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (topo->db_handle, sql, strlen (sql), &stmt_in, NULL);
data/spatialite-5.0.0/src/topology/gaia_auxtopo.c:4987:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (topo->db_handle, sql, strlen (sql), &stmt_in, NULL);
data/spatialite-5.0.0/src/topology/gaia_auxtopo.c:5144:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (topo->db_handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:133:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (topo->db_handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:254:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (topo->db_handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:353:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt_dustbin, 2, message, strlen (message),
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:575:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (topo->db_handle, sql_in, strlen (sql_in), &stmt,
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:588:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (topo->db_handle, sql_out, strlen (sql_out),
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:601:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (topo->db_handle, sql_in2, strlen (sql_in2),
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:691:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (topo->db_handle, sql_in, strlen (sql_in), &stmt,
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:705:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (topo->db_handle, sql_out, strlen (sql_out),
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:719:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (topo->db_handle, sql_in2, strlen (sql_in2),
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:804:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (topo->db_handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:951:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (topo->db_handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:1070:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (topo->db_handle, sql, strlen (sql), &stmt_out,
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:1096:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (topo->db_handle, sql, strlen (sql), &stmt_in, NULL);
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:1183:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (topo->db_handle, sql, strlen (sql), &stmt_out,
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:1216:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (topo->db_handle, sql, strlen (sql), &stmt_in, NULL);
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:1446:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (topo->db_handle, sql, strlen (sql), &stmt_snap,
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:1467:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (topo->db_handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:1623:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (topo->db_handle, sql, strlen (sql), &stmt_snap,
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:1644:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (topo->db_handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:2736:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (topo->db_handle, select, strlen (select), &stmt_ref,
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:2752:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (topo->db_handle, insert, strlen (insert), &stmt_ins,
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:2776:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (topo->db_handle, sql, strlen (sql), &stmt_seed_edge,
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:2799:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (topo->db_handle, sql, strlen (sql), &stmt_seed_face,
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:2822:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (topo->db_handle, sql, strlen (sql), &stmt_node,
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:2849:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (topo->db_handle, sql, strlen (sql), &stmt_edge,
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:2878:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (topo->db_handle, sql, strlen (sql), &stmt_face,
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:3054:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (topo->db_handle, sql, strlen (sql), &stmt_face,
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:3078:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (topo->db_handle, sql, strlen (sql), &stmt_edge,
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:3097:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (topo->db_handle, sql, strlen (sql), &stmt_rem,
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:3616:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (topo->db_handle, sql, strlen (sql), &stmt_holes,
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:3659:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (topo->db_handle, sql, strlen (sql), &stmt_ref,
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:3692:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (topo->db_handle, sql, strlen (sql), &stmt_rev,
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:3711:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (topo->db_handle, sql, strlen (sql), &stmt_ins,
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:4055:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (direction, "?");
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:4108:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt_ins, 4, matrix, strlen (matrix),
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:4241:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (topo->db_handle, sql, strlen (sql), &stmt_edges,
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:4280:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (topo->db_handle, sql, strlen (sql), &stmt_ref,
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:4299:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (topo->db_handle, sql, strlen (sql), &stmt_ins,
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:5605:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (topo->db_handle, select, strlen (select), &stmt_ref,
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:5621:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (topo->db_handle, insert, strlen (insert), &stmt_ins,
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:5645:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (topo->db_handle, sql, strlen (sql), &stmt_rels,
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:5669:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (topo->db_handle, sql, strlen (sql), &stmt_edge,
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:5692:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (topo->db_handle, sql, strlen (sql), &stmt_face,
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:5715:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (topo->db_handle, sql, strlen (sql), &stmt_node,
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:5897:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (topo->db_handle, select, strlen (select), &stmt_ref,
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:5913:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (topo->db_handle, insert, strlen (insert), &stmt_ins,
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:5970:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (topo->db_handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:6038:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (topo->db_handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:6295:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
geometry_name = malloc (strlen ("geometry") + 1);
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:6306:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
geometry_name = malloc (strlen (dummy) + 1);
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:6896:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (topo->db_handle, select, strlen (select), &stmt_ref,
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:6912:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (topo->db_handle, insert, strlen (insert), &stmt_ins,
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:6934:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (topo->db_handle, sql, strlen (sql), &stmt_rels,
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:6956:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (topo->db_handle, sql, strlen (sql), &stmt_node,
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:6977:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (topo->db_handle, sql, strlen (sql), &stmt_edge,
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:7000:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (topo->db_handle, sql, strlen (sql), &stmt_face,
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:7226:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
geometry_name = malloc (strlen ("geometry") + 1);
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:7237:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
geometry_name = malloc (strlen (dummy) + 1);
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:7444:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (topo->db_handle, select, strlen (select), &stmt_ref,
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:7460:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (topo->db_handle, insert, strlen (insert), &stmt_ins,
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:7481:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (topo->db_handle, sql, strlen (sql), &stmt_rels,
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:7503:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (topo->db_handle, sql, strlen (sql), &stmt_node,
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:7524:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (topo->db_handle, sql, strlen (sql), &stmt_edge,
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:7547:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (topo->db_handle, sql, strlen (sql), &stmt_face,
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:7851:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (topo->db_handle, select, strlen (select), &stmt_in,
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:7867:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (topo->db_handle, insert, strlen (insert), &stmt_out,
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:7980:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (topo->db_handle, sql, strlen (sql), &stmt1, NULL);
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:8006:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (topo->db_handle, sql, strlen (sql), &stmt2, NULL);
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:8022:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (topo->db_handle, sql, strlen (sql), &stmt3, NULL);
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:8261:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (topo->db_handle, sql, strlen (sql), &stmt1, NULL);
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:8278:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (topo->db_handle, sql, strlen (sql), &stmt2, NULL);
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:8473:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (topo->db_handle, sql, strlen (sql), &stmt_in, NULL);
data/spatialite-5.0.0/src/topology/gaia_auxtopo_table.c:8490:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (topo->db_handle, sql, strlen (sql), &stmt_out,
data/spatialite-5.0.0/src/topology/gaia_netstmts.c:98:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (net->db_handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/topology/gaia_netstmts.c:137:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (net->db_handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/topology/gaia_netstmts.c:172:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (net->db_handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/topology/gaia_netstmts.c:207:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (net->db_handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/topology/gaia_netstmts.c:239:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (net->db_handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/topology/gaia_netstmts.c:276:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (net->db_handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/topology/gaia_netstmts.c:305:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (net->db_handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/topology/gaia_netstmts.c:334:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (net->db_handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/topology/gaia_netstmts.c:366:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (net->db_handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/topology/gaia_network.c:665:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_result_text (context, newpos, strlen (newpos), sqlite3_free);
data/spatialite-5.0.0/src/topology/gaia_network.c:781:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_result_text (context, newpos, strlen (newpos), sqlite3_free);
data/spatialite-5.0.0/src/topology/gaia_network.c:1075:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_result_text (context, newpos, strlen (newpos), sqlite3_free);
data/spatialite-5.0.0/src/topology/gaia_network.c:1191:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_result_text (context, newpos, strlen (newpos), sqlite3_free);
data/spatialite-5.0.0/src/topology/gaia_network.c:2916:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (table_name);
data/spatialite-5.0.0/src/topology/gaia_network.c:2921:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (column_name);
data/spatialite-5.0.0/src/topology/gaia_network.c:3616:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (net_out->db_handle, sql, strlen (sql), &stmt_in,
data/spatialite-5.0.0/src/topology/gaia_network.c:3634:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (net_out->db_handle, sql, strlen (sql), &stmt_out,
data/spatialite-5.0.0/src/topology/gaia_network.c:3729:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (net_out->db_handle, sql, strlen (sql), &stmt_in,
data/spatialite-5.0.0/src/topology/gaia_network.c:3749:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (net_out->db_handle, sql, strlen (sql), &stmt_out,
data/spatialite-5.0.0/src/topology/gaia_network.c:3872:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/topology/gaia_network.c:3900:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
xnetwork_name = malloc (strlen (str) + 1);
data/spatialite-5.0.0/src/topology/gaia_topology.c:155:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (name);
data/spatialite-5.0.0/src/topology/gaia_topology.c:158:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (type);
data/spatialite-5.0.0/src/topology/gaia_topology.c:784:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_result_text (context, newpos, strlen (newpos), sqlite3_free);
data/spatialite-5.0.0/src/topology/gaia_topology.c:886:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_result_text (context, newpos, strlen (newpos), sqlite3_free);
data/spatialite-5.0.0/src/topology/gaia_topology.c:1108:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_result_text (context, newpos, strlen (newpos), sqlite3_free);
data/spatialite-5.0.0/src/topology/gaia_topology.c:1381:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_result_text (context, newpos, strlen (newpos), sqlite3_free);
data/spatialite-5.0.0/src/topology/gaia_topology.c:3110:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_result_text (context, retlist, strlen (retlist), sqlite3_free);
data/spatialite-5.0.0/src/topology/gaia_topology.c:3290:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_result_text (context, retlist, strlen (retlist), sqlite3_free);
data/spatialite-5.0.0/src/topology/gaia_topology.c:3546:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_result_text (context, retlist, strlen (retlist), sqlite3_free);
data/spatialite-5.0.0/src/topology/gaia_topology.c:3920:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (table_name);
data/spatialite-5.0.0/src/topology/gaia_topology.c:3925:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (column_name);
data/spatialite-5.0.0/src/topology/gaia_topology.c:7455:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (topo_out->db_handle, sql, strlen (sql), &stmt_in,
data/spatialite-5.0.0/src/topology/gaia_topology.c:7474:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (topo_out->db_handle, sql, strlen (sql), &stmt_out,
data/spatialite-5.0.0/src/topology/gaia_topology.c:7569:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (topo_out->db_handle, sql, strlen (sql), &stmt_in,
data/spatialite-5.0.0/src/topology/gaia_topology.c:7589:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (topo_out->db_handle, sql, strlen (sql), &stmt_out,
data/spatialite-5.0.0/src/topology/gaia_topology.c:7690:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (topo_out->db_handle, sql, strlen (sql), &stmt_in,
data/spatialite-5.0.0/src/topology/gaia_topology.c:7711:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (topo_out->db_handle, sql, strlen (sql), &stmt_out,
data/spatialite-5.0.0/src/topology/gaia_topology.c:7854:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/topology/gaia_topology.c:7881:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
xtopology_name = malloc (strlen (str) + 1);
data/spatialite-5.0.0/src/topology/gaia_topology.c:8732:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (topo->db_handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/topology/gaia_topology.c:8888:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
xreftable = malloc (strlen (ref_table) + 1);
data/spatialite-5.0.0/src/topology/gaia_topology.c:8890:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
xrefcolumn = malloc (strlen (ref_column) + 1);
data/spatialite-5.0.0/src/topology/gaia_topostmts.c:108:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (topo->db_handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/topology/gaia_topostmts.c:145:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (topo->db_handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/topology/gaia_topostmts.c:180:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (topo->db_handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/topology/gaia_topostmts.c:217:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (topo->db_handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/topology/gaia_topostmts.c:254:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (topo->db_handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/topology/gaia_topostmts.c:290:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (topo->db_handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/topology/gaia_topostmts.c:324:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (topo->db_handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/topology/gaia_topostmts.c:355:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (topo->db_handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/topology/gaia_topostmts.c:393:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (topo->db_handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/topology/gaia_topostmts.c:422:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (topo->db_handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/topology/gaia_topostmts.c:451:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (topo->db_handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/topology/gaia_topostmts.c:492:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (topo->db_handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/topology/gaia_topostmts.c:527:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (topo->db_handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/topology/gaia_topostmts.c:562:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (topo->db_handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/topology/gaia_topostmts.c:594:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (topo->db_handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/topology/gaia_topostmts.c:626:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (topo->db_handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/topology/gaia_topostmts.c:661:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (topo->db_handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/src/topology/lwn_network.c:412:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (message);
data/spatialite-5.0.0/src/topology/net_callbacks.c:850:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (accessor->db_handle, sql, strlen (sql),
data/spatialite-5.0.0/src/topology/net_callbacks.c:1007:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (accessor->db_handle, sql, strlen (sql), &stmt_aux,
data/spatialite-5.0.0/src/topology/net_callbacks.c:1124:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (accessor->db_handle, sql, strlen (sql),
data/spatialite-5.0.0/src/topology/net_callbacks.c:1401:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (accessor->db_handle, sql, strlen (sql), &stmt,
data/spatialite-5.0.0/src/topology/net_callbacks.c:1622:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (accessor->db_handle, sql, strlen (sql),
data/spatialite-5.0.0/src/topology/net_callbacks.c:1777:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (accessor->db_handle, sql, strlen (sql),
data/spatialite-5.0.0/src/topology/net_callbacks.c:2060:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (accessor->db_handle, sql, strlen (sql), &stmt,
data/spatialite-5.0.0/src/topology/net_callbacks.c:2155:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (accessor->db_handle, sql, strlen (sql), &stmt_aux,
data/spatialite-5.0.0/src/topology/topo_callbacks.c:1552:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (accessor->db_handle, sql, strlen (sql), &stmt_aux,
data/spatialite-5.0.0/src/topology/topo_callbacks.c:1677:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (accessor->db_handle, sql, strlen (sql),
data/spatialite-5.0.0/src/topology/topo_callbacks.c:1952:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (accessor->db_handle, sql, strlen (sql),
data/spatialite-5.0.0/src/topology/topo_callbacks.c:2089:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (accessor->db_handle, sql, strlen (sql),
data/spatialite-5.0.0/src/topology/topo_callbacks.c:2777:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (accessor->db_handle, sql, strlen (sql), &stmt,
data/spatialite-5.0.0/src/topology/topo_callbacks.c:3023:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (accessor->db_handle, sql, strlen (sql), &stmt_aux,
data/spatialite-5.0.0/src/topology/topo_callbacks.c:3363:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (accessor->db_handle, sql, strlen (sql), &stmt,
data/spatialite-5.0.0/src/topology/topo_callbacks.c:3487:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (accessor->db_handle, sql, strlen (sql),
data/spatialite-5.0.0/src/topology/topo_callbacks.c:3665:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (accessor->db_handle, sql, strlen (sql),
data/spatialite-5.0.0/src/topology/topo_callbacks.c:4096:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (accessor->db_handle, sql, strlen (sql),
data/spatialite-5.0.0/src/topology/topo_callbacks.c:4366:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (accessor->db_handle, sql, strlen (sql), &stmt,
data/spatialite-5.0.0/src/topology/topo_callbacks.c:4918:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (accessor->db_handle, sql, strlen (sql), &stmt,
data/spatialite-5.0.0/src/topology/topo_callbacks.c:5150:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (accessor->db_handle, sql, strlen (sql),
data/spatialite-5.0.0/src/topology/topo_callbacks.c:5327:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (accessor->db_handle, sql, strlen (sql), &stmt_aux,
data/spatialite-5.0.0/src/topology/topo_callbacks.c:5493:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (accessor->db_handle, sql, strlen (sql), &stmt,
data/spatialite-5.0.0/src/virtualtext/virtualtext.c:117:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen (value);
data/spatialite-5.0.0/src/virtualtext/virtualtext.c:138:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen (value);
data/spatialite-5.0.0/src/virtualtext/virtualtext.c:191:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (pPath);
data/spatialite-5.0.0/src/virtualtext/virtualtext.c:197:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (path);
data/spatialite-5.0.0/src/virtualtext/virtualtext.c:203:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (pEncoding);
data/spatialite-5.0.0/src/virtualtext/virtualtext.c:210:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (encoding);
data/spatialite-5.0.0/src/virtualtext/virtualtext.c:238:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (argv[8]) == 3)
data/spatialite-5.0.0/src/virtualtext/virtualtext.c:308:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (dummyName);
data/spatialite-5.0.0/src/virtualtext/virtualtext.c:319:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (sql, ")");
data/spatialite-5.0.0/src/virtualtext/virtualtext.c:488:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0; i < (int) strlen (buf); i++)
data/spatialite-5.0.0/src/virtualtext/virtualtext.c:883:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_result_text (pContext, value, strlen (value),
data/spatialite-5.0.0/src/virtualtext/virtualtext.c:1301:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen (string);
data/spatialite-5.0.0/src/virtualtext/virtualtext.c:1332:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen (str);
data/spatialite-5.0.0/src/virtualtext/virtualtext.c:1354:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (str);
data/spatialite-5.0.0/src/virtualtext/virtualtext.c:1474:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (txt->field_buffer) == 0)
data/spatialite-5.0.0/src/virtualtext/virtualtext.c:1632:10: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c1 = getc (txt->text_file);
data/spatialite-5.0.0/src/virtualtext/virtualtext.c:1633:10: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c2 = getc (txt->text_file);
data/spatialite-5.0.0/src/virtualtext/virtualtext.c:1634:10: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c3 = getc (txt->text_file);
data/spatialite-5.0.0/src/virtualtext/virtualtext.c:1646:8: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = getc (txt->text_file);
data/spatialite-5.0.0/src/virtualtext/virtualtext.c:1918:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (str);
data/spatialite-5.0.0/src/wfs/wfs_in.c:204:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (name);
data/spatialite-5.0.0/src/wfs/wfs_in.c:231:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (name);
data/spatialite-5.0.0/src/wfs/wfs_in.c:323:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (layer_name);
data/spatialite-5.0.0/src/wfs/wfs_in.c:456:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (srs_name);
data/spatialite-5.0.0/src/wfs/wfs_in.c:469:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (keyword);
data/spatialite-5.0.0/src/wfs/wfs_in.c:482:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (name);
data/spatialite-5.0.0/src/wfs/wfs_in.c:489:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (title);
data/spatialite-5.0.0/src/wfs/wfs_in.c:497:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (abstract);
data/spatialite-5.0.0/src/wfs/wfs_in.c:830:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (version);
data/spatialite-5.0.0/src/wfs/wfs_in.c:846:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (url);
data/spatialite-5.0.0/src/wfs/wfs_in.c:849:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0; i < (int) strlen (ptr->request_url); i++)
data/spatialite-5.0.0/src/wfs/wfs_in.c:855:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (ptr->request_url, "?");
data/spatialite-5.0.0/src/wfs/wfs_in.c:869:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (url);
data/spatialite-5.0.0/src/wfs/wfs_in.c:872:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0; i < (int) strlen (ptr->describe_url); i++)
data/spatialite-5.0.0/src/wfs/wfs_in.c:878:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (ptr->describe_url, "?");
data/spatialite-5.0.0/src/wfs/wfs_in.c:940:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen ((const char *) (node->content));
data/spatialite-5.0.0/src/wfs/wfs_in.c:958:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (p_base);
data/spatialite-5.0.0/src/wfs/wfs_in.c:1300:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (errBuf.Buffer);
data/spatialite-5.0.0/src/wfs/wfs_in.c:1315:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (msg);
data/spatialite-5.0.0/src/wfs/wfs_in.c:1854:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (col->pValue), SQLITE_STATIC);
data/spatialite-5.0.0/src/wfs/wfs_in.c:1925:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (err);
data/spatialite-5.0.0/src/wfs/wfs_in.c:1946:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen (col->pValue);
data/spatialite-5.0.0/src/wfs/wfs_in.c:1970:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen (geo->geometry_value);
data/spatialite-5.0.0/src/wfs/wfs_in.c:2111:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen ((const char *) (node->content));
data/spatialite-5.0.0/src/wfs/wfs_in.c:2316:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (pk_column_name) >= sizeof (auto_pk_name) - 1)
data/spatialite-5.0.0/src/wfs/wfs_in.c:2404:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (errMsg);
data/spatialite-5.0.0/src/wfs/wfs_in.c:2457:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (errMsg);
data/spatialite-5.0.0/src/wfs/wfs_in.c:2481:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (errMsg);
data/spatialite-5.0.0/src/wfs/wfs_in.c:2557:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (sqlite, sql.Buffer, strlen (sql.Buffer), &stmt,
data/spatialite-5.0.0/src/wfs/wfs_in.c:2567:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (errMsg);
data/spatialite-5.0.0/src/wfs/wfs_in.c:2585:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (errMsg);
data/spatialite-5.0.0/src/wfs/wfs_in.c:3495:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (errBuf.Buffer);
data/spatialite-5.0.0/src/wfs/wfs_in.c:3507:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (alt_describe_uri);
data/spatialite-5.0.0/src/wfs/wfs_in.c:3524:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (msg);
data/spatialite-5.0.0/src/wfs/wfs_in.c:3572:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (err);
data/spatialite-5.0.0/src/wfs/wfs_in.c:3694:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen (in);
data/spatialite-5.0.0/src/wfs/wfs_in.c:3729:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen ((const char *) (node->content));
data/spatialite-5.0.0/src/wfs/wfs_in.c:4165:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (errBuf.Buffer);
data/spatialite-5.0.0/src/wfs/wfs_in.c:4455:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (url);
data/spatialite-5.0.0/src/wfs/wfs_in.c:4508:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (url);
data/spatialite-5.0.0/src/wfs/wfs_in.c:4700:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (msg);
data/spatialite-5.0.0/src/wfs/wfs_in.c:4720:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (msg);
data/spatialite-5.0.0/src/wfs/wfs_in.c:4898:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (msg);
data/spatialite-5.0.0/test/check_bufovflw.c:1126:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/test/check_bufovflw.c:1181:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/test/check_bufovflw.c:1236:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/test/check_bufovflw.c:1291:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/test/check_bufovflw.c:1344:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/test/check_bufovflw.c:1399:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/test/check_bufovflw.c:1454:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/test/check_bufovflw.c:1509:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/test/check_bufovflw.c:1563:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/test/check_bufovflw.c:1621:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/test/check_bufovflw.c:1680:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/test/check_clone_table.c:68:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/test/check_control_points.c:62:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/test/check_createBaseTables.c:105:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen ("PRAGMA application_id"), &stmt, NULL);
data/spatialite-5.0.0/test/check_cutter.c:68:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/test/check_cutter.c:103:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/test/check_extension.c:141:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (results[1]) == 0)
data/spatialite-5.0.0/test/check_extension.c:177:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (results[1]) == 0)
data/spatialite-5.0.0/test/check_extension.c:233:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (results[1]) == 0)
data/spatialite-5.0.0/test/check_extension.c:269:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (results[1]) == 0)
data/spatialite-5.0.0/test/check_extension.c:305:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (results[1]) == 0)
data/spatialite-5.0.0/test/check_gaia_utf8.c:94:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
gaiaConvertToUTF8 (converter, "Hello world", strlen ("Hello world"),
data/spatialite-5.0.0/test/check_gaia_utf8.c:96:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (memcmp ("Hello world", test_str1, strlen ("Hello world") + 1) != 0)
data/spatialite-5.0.0/test/check_gaia_utf8.c:110:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
gaiaConvertToUTF8 (converter, "Hello world", strlen ("Hello world"),
data/spatialite-5.0.0/test/check_gpkgGetImageFormat.c:113:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (db_handle, sql_statement, strlen (sql_statement),
data/spatialite-5.0.0/test/check_gpkgGetImageFormat_nonblob.c:82:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (db_handle, sql_statement, strlen (sql_statement),
data/spatialite-5.0.0/test/check_gpkgGetImageFormat_nonimage.c:83:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (db_handle, sql_statement, strlen (sql_statement),
data/spatialite-5.0.0/test/check_gpkgGetImageFormat_png.c:113:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (db_handle, sql_statement, strlen (sql_statement),
data/spatialite-5.0.0/test/check_gpkgGetImageFormat_tiff.c:113:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (db_handle, sql_statement, strlen (sql_statement),
data/spatialite-5.0.0/test/check_gpkgGetImageFormat_webp.c:113:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (db_handle, sql_statement, strlen (sql_statement),
data/spatialite-5.0.0/test/check_gpkgInsertEpsgSRID.c:113:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (db_handle, sql_statement, strlen (sql_statement),
data/spatialite-5.0.0/test/check_gpkgVirtual.c:78:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/test/check_gpkgVirtual.c:270:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/test/check_gpkg_base_core_container_data_file_format_application_id.c:101:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen ("PRAGMA application_id"), &stmt, NULL);
data/spatialite-5.0.0/test/check_gpkg_base_core_contents_data_table_def.c:145:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (db_handle, sql_statement, strlen (sql_statement),
data/spatialite-5.0.0/test/check_gpkg_base_core_contents_data_table_def.c:168:3: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen ("("));
data/spatialite-5.0.0/test/check_gpkg_base_core_contents_data_table_def.c:188:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncasecmp (token, "CONSTRAINT", strlen ("CONSTRAINT")) ==
data/spatialite-5.0.0/test/check_gpkg_base_core_contents_data_table_def.c:266:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
malloc (strlen (token) + strlen (",") + strlen (nexttoken) +
data/spatialite-5.0.0/test/check_gpkg_base_core_contents_data_table_def.c:266:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
malloc (strlen (token) + strlen (",") + strlen (nexttoken) +
data/spatialite-5.0.0/test/check_gpkg_base_core_contents_data_table_def.c:266:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
malloc (strlen (token) + strlen (",") + strlen (nexttoken) +
data/spatialite-5.0.0/test/check_gpkg_base_core_contents_data_table_def.c:269:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (fulltoken, ",");
data/spatialite-5.0.0/test/check_gpkg_base_core_spatial_ref_sys_data_table_def.c:125:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (db_handle, sql_statement, strlen (sql_statement),
data/spatialite-5.0.0/test/check_gpkg_base_core_spatial_ref_sys_data_table_def.c:148:3: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen ("("));
data/spatialite-5.0.0/test/check_gpkg_opt_extension_mechanism_extensions_data_table_def.c:141:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (db_handle, sql_statement, strlen (sql_statement),
data/spatialite-5.0.0/test/check_gpkg_opt_extension_mechanism_extensions_data_table_def.c:164:3: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen ("("));
data/spatialite-5.0.0/test/check_gpkg_opt_extension_mechanism_extensions_data_table_def.c:182:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncasecmp (token, "CONSTRAINT", strlen ("CONSTRAINT")) == 0)
data/spatialite-5.0.0/test/check_gpkg_opt_extension_mechanism_extensions_data_table_def.c:188:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
malloc (strlen (token) + strlen (",") +
data/spatialite-5.0.0/test/check_gpkg_opt_extension_mechanism_extensions_data_table_def.c:188:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
malloc (strlen (token) + strlen (",") +
data/spatialite-5.0.0/test/check_gpkg_opt_extension_mechanism_extensions_data_table_def.c:189:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (nexttoken1) + strlen (",") +
data/spatialite-5.0.0/test/check_gpkg_opt_extension_mechanism_extensions_data_table_def.c:189:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (nexttoken1) + strlen (",") +
data/spatialite-5.0.0/test/check_gpkg_opt_extension_mechanism_extensions_data_table_def.c:190:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (nexttoken2) + 1);
data/spatialite-5.0.0/test/check_gpkg_opt_extension_mechanism_extensions_data_table_def.c:192:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (fulltoken, ",");
data/spatialite-5.0.0/test/check_gpkg_opt_extension_mechanism_extensions_data_table_def.c:194:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (fulltoken, ",");
data/spatialite-5.0.0/test/check_libxml2.c:511:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
formatted_txt_sz = strlen (txt);
data/spatialite-5.0.0/test/check_map_config.c:63:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/test/check_multithread.c:236:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
num_read = strlen (tmp_line);
data/spatialite-5.0.0/test/check_multithread.c:274:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int result_len = strlen (expected_result);
data/spatialite-5.0.0/test/check_multithread.c:708:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
data->expected_precision[i] = strlen (results[i]);
data/spatialite-5.0.0/test/check_multithread.c:727:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strlen (results[i]) == 0)
data/spatialite-5.0.0/test/check_sql_stmt.h:129:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen (database_name);
data/spatialite-5.0.0/test/check_sql_stmt.h:161:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp (pth1, pth2, strlen (pth2) - 3) == 0)
data/spatialite-5.0.0/test/check_sql_stmt.h:202:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
("_RO", data->database_name + strlen (data->database_name) - 3,
data/spatialite-5.0.0/test/check_sql_stmt.h:203:3: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen ("_RO")) == 0)
data/spatialite-5.0.0/test/check_sql_stmt.h:227:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
("_RO", data->database_name + strlen (data->database_name) - 3,
data/spatialite-5.0.0/test/check_sql_stmt.h:228:3: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen ("_RO")) == 0)
data/spatialite-5.0.0/test/check_sql_stmt.h:337:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
data->expected_precision[i] = strlen (results[i]);
data/spatialite-5.0.0/test/check_sql_stmt.h:355:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strlen (results[i]) == 0)
data/spatialite-5.0.0/test/check_sql_stmt.h:401:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
num_read = strlen (tmp_line);
data/spatialite-5.0.0/test/check_sql_stmt.h:439:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int result_len = strlen (expected_result);
data/spatialite-5.0.0/test/check_srid_fncts.c:67:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/test/check_styling.c:64:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/test/check_tempgeom.c:259:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/test/check_virtualelem.c:110:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/test/check_virtualknn.c:108:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/test/check_virtualknn.c:376:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (sqlite, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/test/check_virtualxpath.c:101:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 2, path, strlen (path), SQLITE_STATIC);
data/spatialite-5.0.0/test/check_virtualxpath.c:152:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_prepare_v2 (db_handle, sql_statement, strlen (sql_statement),
data/spatialite-5.0.0/test/routing_test.c:525:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/test/routing_test.c:594:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/test/routing_test.c:675:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int ind = strlen (base_name) - 4;
data/spatialite-5.0.0/test/routing_test.c:695:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 2, list_ids, strlen (list_ids),
data/spatialite-5.0.0/test/routing_test.c:703:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, list_ids, strlen (list_ids),
data/spatialite-5.0.0/test/routing_test.c:718:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 2, list_codes, strlen (list_codes),
data/spatialite-5.0.0/test/routing_test.c:727:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, list_codes, strlen (list_codes),
data/spatialite-5.0.0/test/routing_test.c:757:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int ind = strlen (base_name) - 4;
data/spatialite-5.0.0/test/routing_test.c:852:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/test/routing_test.c:907:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt, NULL);
data/spatialite-5.0.0/test/routing_test.c:915:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, data_name, strlen (data_name),
data/spatialite-5.0.0/test/routing_test.c:918:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 2, base_name, strlen (base_name), SQLITE_STATIC);
data/spatialite-5.0.0/test/routing_test.c:991:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt_alg, NULL);
data/spatialite-5.0.0/test/routing_test.c:994:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt_req, NULL);
data/spatialite-5.0.0/test/routing_test.c:997:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt_opt, NULL);
data/spatialite-5.0.0/test/routing_test.c:1004:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt_tsp_1, NULL);
data/spatialite-5.0.0/test/routing_test.c:1015:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt_tsp_2, NULL);
data/spatialite-5.0.0/test/routing_test.c:1028:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt_rng_1, NULL);
data/spatialite-5.0.0/test/routing_test.c:1039:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt_rng_2, NULL);
data/spatialite-5.0.0/test/routing_test.c:1054:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt_p2p_1, NULL);
data/spatialite-5.0.0/test/routing_test.c:1067:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (handle, sql, strlen (sql), &stmt_p2p_2, NULL);
data/spatialite-5.0.0/test/scandir4win.h:66:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen (dirname);
data/spatialite-5.0.0/test/scandir4win.h:73:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (path, "\\");
data/spatialite-5.0.0/test/scandir4win.h:104:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (d.d_name, wfd.cFileName, sizeof d.d_name);
data/spatialite-5.0.0/test/scandir4win.h:106:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
d.d_namlen = strlen (wfd.cFileName);
data/spatialite-5.0.0/test/test_helpers.h:19:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int nlen = strlen (needle);
data/spatialite-5.0.0/test/test_helpers.h:20:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int hlen = strlen (haystack) - nlen + 1;
ANALYSIS SUMMARY:
Hits = 6580
Lines analyzed = 653471 in approximately 21.05 seconds (31038 lines/second)
Physical Source Lines of Code (SLOC) = 574430
Hits@level = [0] 8052 [1] 2018 [2] 3837 [3] 36 [4] 689 [5] 0
Hits@level+ = [0+] 14632 [1+] 6580 [2+] 4562 [3+] 725 [4+] 689 [5+] 0
Hits/KSLOC@level+ = [0+] 25.4722 [1+] 11.4548 [2+] 7.94179 [3+] 1.26212 [4+] 1.19945 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.