Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/starlink-ast-9.2.3+dfsg/wcslib/proj.h
Examining data/starlink-ast-9.2.3+dfsg/wcslib/wcsmath.h
Examining data/starlink-ast-9.2.3+dfsg/wcslib/proj.c
Examining data/starlink-ast-9.2.3+dfsg/wcslib/wcstrig.h
Examining data/starlink-ast-9.2.3+dfsg/wcslib/tpn.c
Examining data/starlink-ast-9.2.3+dfsg/wcslib/wcstrig.c
Examining data/starlink-ast-9.2.3+dfsg/src/ffluxframe.c
Examining data/starlink-ast-9.2.3+dfsg/src/timemap.h
Examining data/starlink-ast-9.2.3+dfsg/src/ffitschan.c
Examining data/starlink-ast-9.2.3+dfsg/src/nullregion.h
Examining data/starlink-ast-9.2.3+dfsg/src/specmap.h
Examining data/starlink-ast-9.2.3+dfsg/src/fmoc.c
Examining data/starlink-ast-9.2.3+dfsg/src/fbox.c
Examining data/starlink-ast-9.2.3+dfsg/src/ratemap.h
Examining data/starlink-ast-9.2.3+dfsg/src/fzoommap.c
Examining data/starlink-ast-9.2.3+dfsg/src/zoommap.h
Examining data/starlink-ast-9.2.3+dfsg/src/fregion.c
Examining data/starlink-ast-9.2.3+dfsg/src/slamap.c
Examining data/starlink-ast-9.2.3+dfsg/src/object.c
Examining data/starlink-ast-9.2.3+dfsg/src/interval.c
Examining data/starlink-ast-9.2.3+dfsg/src/permmap.h
Examining data/starlink-ast-9.2.3+dfsg/src/pointlist.h
Examining data/starlink-ast-9.2.3+dfsg/src/fpolymap.c
Examining data/starlink-ast-9.2.3+dfsg/src/mapping.c
Examining data/starlink-ast-9.2.3+dfsg/src/fkeymap.c
Examining data/starlink-ast-9.2.3+dfsg/src/grismmap.c
Examining data/starlink-ast-9.2.3+dfsg/src/ratemap.c
Examining data/starlink-ast-9.2.3+dfsg/src/xmlchan.c
Examining data/starlink-ast-9.2.3+dfsg/src/skyaxis.h
Examining data/starlink-ast-9.2.3+dfsg/src/f77.h
Examining data/starlink-ast-9.2.3+dfsg/src/wcsmap.h
Examining data/starlink-ast-9.2.3+dfsg/src/keymap.c
Examining data/starlink-ast-9.2.3+dfsg/src/grf_5.6.c
Examining data/starlink-ast-9.2.3+dfsg/src/sphmap.c
Examining data/starlink-ast-9.2.3+dfsg/src/err_drama.c
Examining data/starlink-ast-9.2.3+dfsg/src/fcmpmap.c
Examining data/starlink-ast-9.2.3+dfsg/src/circle.c
Examining data/starlink-ast-9.2.3+dfsg/src/ems.h
Examining data/starlink-ast-9.2.3+dfsg/src/intramap.h
Examining data/starlink-ast-9.2.3+dfsg/src/grf.h
Examining data/starlink-ast-9.2.3+dfsg/src/fnormmap.c
Examining data/starlink-ast-9.2.3+dfsg/src/version.h
Examining data/starlink-ast-9.2.3+dfsg/src/fframe.c
Examining data/starlink-ast-9.2.3+dfsg/src/fyamlchan.c
Examining data/starlink-ast-9.2.3+dfsg/src/dssmap.h
Examining data/starlink-ast-9.2.3+dfsg/src/stccatalogentrylocation.h
Examining data/starlink-ast-9.2.3+dfsg/src/funitnormmap.c
Examining data/starlink-ast-9.2.3+dfsg/src/mathmap.h
Examining data/starlink-ast-9.2.3+dfsg/src/stc.c
Examining data/starlink-ast-9.2.3+dfsg/src/dsbspecframe.c
Examining data/starlink-ast-9.2.3+dfsg/src/fmatrixmap.c
Examining data/starlink-ast-9.2.3+dfsg/src/fintramap.c
Examining data/starlink-ast-9.2.3+dfsg/src/fgrismmap.c
Examining data/starlink-ast-9.2.3+dfsg/src/fobject.c
Examining data/starlink-ast-9.2.3+dfsg/src/fchannel.c
Examining data/starlink-ast-9.2.3+dfsg/src/globals.c
Examining data/starlink-ast-9.2.3+dfsg/src/error.h
Examining data/starlink-ast-9.2.3+dfsg/src/ellipse.c
Examining data/starlink-ast-9.2.3+dfsg/src/permmap.c
Examining data/starlink-ast-9.2.3+dfsg/src/dsbspecframe.h
Examining data/starlink-ast-9.2.3+dfsg/src/mapping.h
Examining data/starlink-ast-9.2.3+dfsg/src/axis.h
Examining data/starlink-ast-9.2.3+dfsg/src/stcobsdatalocation.h
Examining data/starlink-ast-9.2.3+dfsg/src/normmap.h
Examining data/starlink-ast-9.2.3+dfsg/src/funitmap.c
Examining data/starlink-ast-9.2.3+dfsg/src/fspecframe.c
Examining data/starlink-ast-9.2.3+dfsg/src/mocchan.h
Examining data/starlink-ast-9.2.3+dfsg/src/fluxframe.c
Examining data/starlink-ast-9.2.3+dfsg/src/region.h
Examining data/starlink-ast-9.2.3+dfsg/src/fpcdmap.c
Examining data/starlink-ast-9.2.3+dfsg/src/timeframe.c
Examining data/starlink-ast-9.2.3+dfsg/src/lutmap.h
Examining data/starlink-ast-9.2.3+dfsg/src/mocchan.c
Examining data/starlink-ast-9.2.3+dfsg/src/loader.h
Examining data/starlink-ast-9.2.3+dfsg/src/c2f77.c
Examining data/starlink-ast-9.2.3+dfsg/src/fluxframe.h
Examining data/starlink-ast-9.2.3+dfsg/src/ftable.c
Examining data/starlink-ast-9.2.3+dfsg/src/fmocchan.c
Examining data/starlink-ast-9.2.3+dfsg/src/plot3d.c
Examining data/starlink-ast-9.2.3+dfsg/src/channel.h
Examining data/starlink-ast-9.2.3+dfsg/src/fplot3d.c
Examining data/starlink-ast-9.2.3+dfsg/src/grf3d_pgplot.c
Examining data/starlink-ast-9.2.3+dfsg/src/memory.c
Examining data/starlink-ast-9.2.3+dfsg/src/selectormap.c
Examining data/starlink-ast-9.2.3+dfsg/src/stcsearchlocation.h
Examining data/starlink-ast-9.2.3+dfsg/src/unitnormmap.h
Examining data/starlink-ast-9.2.3+dfsg/src/polygon.c
Examining data/starlink-ast-9.2.3+dfsg/src/switchmap.h
Examining data/starlink-ast-9.2.3+dfsg/src/interval.h
Examining data/starlink-ast-9.2.3+dfsg/src/fnullregion.c
Examining data/starlink-ast-9.2.3+dfsg/src/plot3d.h
Examining data/starlink-ast-9.2.3+dfsg/src/pg3d.h
Examining data/starlink-ast-9.2.3+dfsg/src/fchebymap.c
Examining data/starlink-ast-9.2.3+dfsg/src/nullregion.c
Examining data/starlink-ast-9.2.3+dfsg/src/fstcschan.c
Examining data/starlink-ast-9.2.3+dfsg/src/circle.h
Examining data/starlink-ast-9.2.3+dfsg/src/frame.c
Examining data/starlink-ast-9.2.3+dfsg/src/shiftmap.h
Examining data/starlink-ast-9.2.3+dfsg/src/normmap.c
Examining data/starlink-ast-9.2.3+dfsg/src/zoommap.c
Examining data/starlink-ast-9.2.3+dfsg/src/fellipse.c
Examining data/starlink-ast-9.2.3+dfsg/src/timemap.c
Examining data/starlink-ast-9.2.3+dfsg/src/unitnormmap.c
Examining data/starlink-ast-9.2.3+dfsg/src/fpolygon.c
Examining data/starlink-ast-9.2.3+dfsg/src/specmap.c
Examining data/starlink-ast-9.2.3+dfsg/src/pointset.h
Examining data/starlink-ast-9.2.3+dfsg/src/unit.c
Examining data/starlink-ast-9.2.3+dfsg/src/winmap.c
Examining data/starlink-ast-9.2.3+dfsg/src/cmpregion.h
Examining data/starlink-ast-9.2.3+dfsg/src/specfluxframe.h
Examining data/starlink-ast-9.2.3+dfsg/src/globals.h
Examining data/starlink-ast-9.2.3+dfsg/src/fshiftmap.c
Examining data/starlink-ast-9.2.3+dfsg/src/prism.c
Examining data/starlink-ast-9.2.3+dfsg/src/stccatalogentrylocation.c
Examining data/starlink-ast-9.2.3+dfsg/src/fitstable.c
Examining data/starlink-ast-9.2.3+dfsg/src/skyaxis.c
Examining data/starlink-ast-9.2.3+dfsg/src/frameset.c
Examining data/starlink-ast-9.2.3+dfsg/src/fsphmap.c
Examining data/starlink-ast-9.2.3+dfsg/src/fpermmap.c
Examining data/starlink-ast-9.2.3+dfsg/src/box.c
Examining data/starlink-ast-9.2.3+dfsg/src/yamlchan.h
Examining data/starlink-ast-9.2.3+dfsg/src/fspecmap.c
Examining data/starlink-ast-9.2.3+dfsg/src/moc.h
Examining data/starlink-ast-9.2.3+dfsg/src/slamap.h
Examining data/starlink-ast-9.2.3+dfsg/src/grf_3.2.c
Examining data/starlink-ast-9.2.3+dfsg/src/yamlchan.c
Examining data/starlink-ast-9.2.3+dfsg/src/stcobsdatalocation.c
Examining data/starlink-ast-9.2.3+dfsg/src/c2f77.h
Examining data/starlink-ast-9.2.3+dfsg/src/xphmap.c
Examining data/starlink-ast-9.2.3+dfsg/src/pcdmap.h
Examining data/starlink-ast-9.2.3+dfsg/src/mathmap.c
Examining data/starlink-ast-9.2.3+dfsg/src/unitmap.c
Examining data/starlink-ast-9.2.3+dfsg/src/switchmap.c
Examining data/starlink-ast-9.2.3+dfsg/src/chebymap.h
Examining data/starlink-ast-9.2.3+dfsg/src/ferror.c
Examining data/starlink-ast-9.2.3+dfsg/src/ftranmap.c
Examining data/starlink-ast-9.2.3+dfsg/src/skyframe.c
Examining data/starlink-ast-9.2.3+dfsg/src/skyframe.h
Examining data/starlink-ast-9.2.3+dfsg/src/fratemap.c
Examining data/starlink-ast-9.2.3+dfsg/src/unitmap.h
Examining data/starlink-ast-9.2.3+dfsg/src/winmap.h
Examining data/starlink-ast-9.2.3+dfsg/src/err_ems.c
Examining data/starlink-ast-9.2.3+dfsg/src/err.h
Examining data/starlink-ast-9.2.3+dfsg/src/memory.h
Examining data/starlink-ast-9.2.3+dfsg/src/tranmap.h
Examining data/starlink-ast-9.2.3+dfsg/src/cmpregion.c
Examining data/starlink-ast-9.2.3+dfsg/src/fmathmap.c
Examining data/starlink-ast-9.2.3+dfsg/src/grismmap.h
Examining data/starlink-ast-9.2.3+dfsg/src/pcdmap.c
Examining data/starlink-ast-9.2.3+dfsg/src/fstccatalogentrylocation.c
Examining data/starlink-ast-9.2.3+dfsg/src/timeframe.h
Examining data/starlink-ast-9.2.3+dfsg/src/matrixmap.c
Examining data/starlink-ast-9.2.3+dfsg/src/fwcsmap.c
Examining data/starlink-ast-9.2.3+dfsg/src/fdssmap.c
Examining data/starlink-ast-9.2.3+dfsg/src/fcmpregion.c
Examining data/starlink-ast-9.2.3+dfsg/src/specframe.h
Examining data/starlink-ast-9.2.3+dfsg/src/shiftmap.c
Examining data/starlink-ast-9.2.3+dfsg/src/error.c
Examining data/starlink-ast-9.2.3+dfsg/src/polygon.h
Examining data/starlink-ast-9.2.3+dfsg/src/axis.c
Examining data/starlink-ast-9.2.3+dfsg/src/frame.h
Examining data/starlink-ast-9.2.3+dfsg/src/fselectormap.c
Examining data/starlink-ast-9.2.3+dfsg/src/wcsmap.c
Examining data/starlink-ast-9.2.3+dfsg/src/channel.c
Examining data/starlink-ast-9.2.3+dfsg/src/flutmap.c
Examining data/starlink-ast-9.2.3+dfsg/src/fmapping.c
Examining data/starlink-ast-9.2.3+dfsg/src/stcschan.h
Examining data/starlink-ast-9.2.3+dfsg/src/polymap.h
Examining data/starlink-ast-9.2.3+dfsg/src/astbad.c
Examining data/starlink-ast-9.2.3+dfsg/src/ellipse.h
Examining data/starlink-ast-9.2.3+dfsg/src/matrixmap.h
Examining data/starlink-ast-9.2.3+dfsg/src/fstcsearchlocation.c
Examining data/starlink-ast-9.2.3+dfsg/src/cmpframe.h
Examining data/starlink-ast-9.2.3+dfsg/src/prism.h
Examining data/starlink-ast-9.2.3+dfsg/src/stc.h
Examining data/starlink-ast-9.2.3+dfsg/src/chebymap.c
Examining data/starlink-ast-9.2.3+dfsg/src/xml.h
Examining data/starlink-ast-9.2.3+dfsg/src/loader.c
Examining data/starlink-ast-9.2.3+dfsg/src/xphmap.h
Examining data/starlink-ast-9.2.3+dfsg/src/fxmlchan.c
Examining data/starlink-ast-9.2.3+dfsg/src/table.c
Examining data/starlink-ast-9.2.3+dfsg/src/fcircle.c
Examining data/starlink-ast-9.2.3+dfsg/src/cmpmap.c
Examining data/starlink-ast-9.2.3+dfsg/src/fdsbspecframe.c
Examining data/starlink-ast-9.2.3+dfsg/src/fcmpframe.c
Examining data/starlink-ast-9.2.3+dfsg/src/sphmap.h
Examining data/starlink-ast-9.2.3+dfsg/src/tranmap.c
Examining data/starlink-ast-9.2.3+dfsg/src/ftimemap.c
Examining data/starlink-ast-9.2.3+dfsg/src/pointset.c
Examining data/starlink-ast-9.2.3+dfsg/src/pointlist.c
Examining data/starlink-ast-9.2.3+dfsg/src/fitschan.h
Examining data/starlink-ast-9.2.3+dfsg/src/grf3d.c
Examining data/starlink-ast-9.2.3+dfsg/src/plot.c
Examining data/starlink-ast-9.2.3+dfsg/src/ftimeframe.c
Examining data/starlink-ast-9.2.3+dfsg/src/specfluxframe.c
Examining data/starlink-ast-9.2.3+dfsg/src/fframeset.c
Examining data/starlink-ast-9.2.3+dfsg/src/xml.c
Examining data/starlink-ast-9.2.3+dfsg/src/fitstable.h
Examining data/starlink-ast-9.2.3+dfsg/src/fitschan.c
Examining data/starlink-ast-9.2.3+dfsg/src/stcsearchlocation.c
Examining data/starlink-ast-9.2.3+dfsg/src/cmpmap.h
Examining data/starlink-ast-9.2.3+dfsg/src/object.h
Examining data/starlink-ast-9.2.3+dfsg/src/fswitchmap.c
Examining data/starlink-ast-9.2.3+dfsg/src/stcresourceprofile.h
Examining data/starlink-ast-9.2.3+dfsg/src/frameset.h
Examining data/starlink-ast-9.2.3+dfsg/src/fwinmap.c
Examining data/starlink-ast-9.2.3+dfsg/src/fprism.c
Examining data/starlink-ast-9.2.3+dfsg/src/xmlchan.h
Examining data/starlink-ast-9.2.3+dfsg/src/moc.c
Examining data/starlink-ast-9.2.3+dfsg/src/grf_pgplot.c
Examining data/starlink-ast-9.2.3+dfsg/src/dssmap.c
Examining data/starlink-ast-9.2.3+dfsg/src/err_null.c
Examining data/starlink-ast-9.2.3+dfsg/src/stcresourceprofile.c
Examining data/starlink-ast-9.2.3+dfsg/src/fspecfluxframe.c
Examining data/starlink-ast-9.2.3+dfsg/src/plot.h
Examining data/starlink-ast-9.2.3+dfsg/src/fstcresourceprofile.c
Examining data/starlink-ast-9.2.3+dfsg/src/box.h
Examining data/starlink-ast-9.2.3+dfsg/src/fskyframe.c
Examining data/starlink-ast-9.2.3+dfsg/src/stcschan.c
Examining data/starlink-ast-9.2.3+dfsg/src/finterval.c
Examining data/starlink-ast-9.2.3+dfsg/src/unit.h
Examining data/starlink-ast-9.2.3+dfsg/src/table.h
Examining data/starlink-ast-9.2.3+dfsg/src/grf3d.h
Examining data/starlink-ast-9.2.3+dfsg/src/fstc.c
Examining data/starlink-ast-9.2.3+dfsg/src/selectormap.h
Examining data/starlink-ast-9.2.3+dfsg/src/intramap.c
Examining data/starlink-ast-9.2.3+dfsg/src/keymap.h
Examining data/starlink-ast-9.2.3+dfsg/src/fpointlist.c
Examining data/starlink-ast-9.2.3+dfsg/src/fslamap.c
Examining data/starlink-ast-9.2.3+dfsg/src/lutmap.c
Examining data/starlink-ast-9.2.3+dfsg/src/grf_2.0.c
Examining data/starlink-ast-9.2.3+dfsg/src/specframe.c
Examining data/starlink-ast-9.2.3+dfsg/src/cmpframe.c
Examining data/starlink-ast-9.2.3+dfsg/src/ffitstable.c
Examining data/starlink-ast-9.2.3+dfsg/src/fstcobsdatalocation.c
Examining data/starlink-ast-9.2.3+dfsg/src/fplot.c
Examining data/starlink-ast-9.2.3+dfsg/src/polymap.c
Examining data/starlink-ast-9.2.3+dfsg/src/region.c
Examining data/starlink-ast-9.2.3+dfsg/ast_err.h
Examining data/starlink-ast-9.2.3+dfsg/ast_test.c
FINAL RESULTS:
data/starlink-ast-9.2.3+dfsg/src/axis.c:771:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
nc += sprintf( axisformat_buff + nc, "%s", log_del );
data/starlink-ast-9.2.3+dfsg/src/axis.c:783:19: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
ncc = sprintf( axisformat_buff + nc, fmt, (int) x );
data/starlink-ast-9.2.3+dfsg/src/axis.c:785:19: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
ncc = sprintf( axisformat_buff + nc, fmt, x );
data/starlink-ast-9.2.3+dfsg/src/axis.c:1590:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( getaxisnormunit_buff, result );
data/starlink-ast-9.2.3+dfsg/src/axis.c:2225:31: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
if( a[ 2 ] != 0 ) strcpy( b, a + 2 );
data/starlink-ast-9.2.3+dfsg/src/axis.c:2928:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf( comment, "Axis units (%s)", lab );
data/starlink-ast-9.2.3+dfsg/src/axis.h:394:63: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
AstAxis *astAxisId_( const char *, ... )__attribute__((format(printf,1,2)));
data/starlink-ast-9.2.3+dfsg/src/box.h:155:119: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
AstBox *astBoxId_( void *, int, const double[], const double[], AstRegion *, const char *, ... )__attribute__((format(printf,6,7)));
data/starlink-ast-9.2.3+dfsg/src/channel.c:4329:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( buff, BAD_STRING );
data/starlink-ast-9.2.3+dfsg/src/channel.c:6515:15: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
nc = vsprintf( buff, fmt, args );
data/starlink-ast-9.2.3+dfsg/src/channel.h:411:69: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
const char *, ... )__attribute__((format(printf,3,4)));
data/starlink-ast-9.2.3+dfsg/src/channel.h:469:97: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void astAddWarning_( void *, int, const char *, const char *, int *, ... )__attribute__((format(printf,3,6)));
data/starlink-ast-9.2.3+dfsg/src/chebymap.h:149:187: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
AstChebyMap *astChebyMapId_( int, int, int, const double[], int, const double[], const double[], const double[], const double[], const double[], const char *, ... )__attribute__((format(printf,11,12)));
data/starlink-ast-9.2.3+dfsg/src/circle.h:157:80: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
AstRegion *, const char *, ... )__attribute__((format(printf,6,7)));
data/starlink-ast-9.2.3+dfsg/src/cmpframe.c:1612:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( buf2, "%s(%d)", buf1, paxis + 1 );
data/starlink-ast-9.2.3+dfsg/src/cmpframe.c:3289:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( buf2, "%s(%d)", buf1, paxis + 1 );
data/starlink-ast-9.2.3+dfsg/src/cmpframe.c:3616:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( (char *) getdomain_buff, "%s-%s", dom1, dom2 );
data/starlink-ast-9.2.3+dfsg/src/cmpframe.c:8308:21: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
nc = sprintf( buf2, "%s(%d)=%s", buf1, paxis + 1,
data/starlink-ast-9.2.3+dfsg/src/cmpframe.c:8322:22: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( buf2, "%s=%s", buf1, setting+value );
data/starlink-ast-9.2.3+dfsg/src/cmpframe.c:8838:62: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
static AstSystemType SystemCode( AstFrame *this, const char *system, int *status ) {
data/starlink-ast-9.2.3+dfsg/src/cmpframe.c:8895:34: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if ( astChrMatch( "Compound", system ) ) {
data/starlink-ast-9.2.3+dfsg/src/cmpframe.c:8903:64: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
static const char *SystemString( AstFrame *this, AstSystemType system, int *status ) {
data/starlink-ast-9.2.3+dfsg/src/cmpframe.c:8960:13: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
switch ( system ) {
data/starlink-ast-9.2.3+dfsg/src/cmpframe.c:9614:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( buf2, "%s(%d)", buf1, paxis + 1 );
data/starlink-ast-9.2.3+dfsg/src/cmpframe.c:9949:58: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
static int ValidateSystem( AstFrame *this, AstSystemType system, const char *method, int *status ) {
data/starlink-ast-9.2.3+dfsg/src/cmpframe.c:10007:9: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if ( system < FIRST_SYSTEM || system > LAST_SYSTEM ) {
data/starlink-ast-9.2.3+dfsg/src/cmpframe.c:10007:34: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if ( system < FIRST_SYSTEM || system > LAST_SYSTEM ) {
data/starlink-ast-9.2.3+dfsg/src/cmpframe.c:10010:47: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
astGetClass( this ), (int) system, astGetClass( this ) );
data/starlink-ast-9.2.3+dfsg/src/cmpframe.c:10014:16: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
result = system;
data/starlink-ast-9.2.3+dfsg/src/cmpframe.h:352:87: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
AstCmpFrame *astCmpFrameId_( void *, void *, const char *, ... )__attribute__((format(printf,3,4)));
data/starlink-ast-9.2.3+dfsg/src/cmpmap.h:222:88: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
AstCmpMap *astCmpMapId_( void *, void *, int, const char *, ... )__attribute__((format(printf,4,5)));
data/starlink-ast-9.2.3+dfsg/src/cmpregion.h:172:94: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
AstCmpRegion *astCmpRegionId_( void *, void *, int, const char *, ... )__attribute__((format(printf,4,5)));
data/starlink-ast-9.2.3+dfsg/src/dsbspecframe.c:753:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( getlabel_buff, "%s (%s)", result, astGetAttrib( this, "sideband" ) );
data/starlink-ast-9.2.3+dfsg/src/dsbspecframe.h:156:79: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
AstDSBSpecFrame *astDSBSpecFrameId_( const char *, ... )__attribute__((format(printf,1,2)));
data/starlink-ast-9.2.3+dfsg/src/ellipse.h:162:146: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
AstEllipse *astEllipseId_( void *, int, const double[2], const double[2], const double[2], AstRegion *, const char *, ... )__attribute__((format(printf,7,8)));
data/starlink-ast-9.2.3+dfsg/src/error.c:393:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( buf, "%d: %s", j, strings[j] );
data/starlink-ast-9.2.3+dfsg/src/error.c:583:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
nc += sprintf( buff + nc, " in routine %s", current_routine );
data/starlink-ast-9.2.3+dfsg/src/error.c:589:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
nc += sprintf( buff + nc, " in file %s", current_file );
data/starlink-ast-9.2.3+dfsg/src/error.c:601:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( message_stack[ imess ], buff );
data/starlink-ast-9.2.3+dfsg/src/error.c:610:9: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
nc = vsprintf( buff, fmt, args );
data/starlink-ast-9.2.3+dfsg/src/error.c:623:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( message_stack[ imess ], buff );
data/starlink-ast-9.2.3+dfsg/src/error.c:710:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
nc += sprintf( buff + nc, " in routine %s", current_routine );
data/starlink-ast-9.2.3+dfsg/src/error.c:716:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
nc += sprintf( buff + nc, " in file %s", current_file );
data/starlink-ast-9.2.3+dfsg/src/error.c:728:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( message_stack[ imess ], buff );
data/starlink-ast-9.2.3+dfsg/src/error.c:737:9: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
nc = vsprintf( buff, fmt, args );
data/starlink-ast-9.2.3+dfsg/src/error.c:750:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( message_stack[ imess ], buff );
data/starlink-ast-9.2.3+dfsg/src/error.h:302:70: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void astError_( int, const char *, int *, ... )__attribute__((format(printf,2,4)));
data/starlink-ast-9.2.3+dfsg/src/error.h:311:69: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void astErrorPublic_( int, const char *, ... )__attribute__((format(printf,2,3)));
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:3070:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( lontype, cval );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:3077:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( lattype, cval );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:3614:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( lontype, cval );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:3621:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( lattype, cval );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:5375:22: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( buf, "The FITS keyword name ('%s') contains an "
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:5382:22: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( buf, "The FITS keyword name ('%s') contains an "
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:5918:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( lontype, cval );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:5925:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( lattype, cval );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:6975:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( cnvtype_text, BAD_STRING );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:7130:20: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf( cnvtype_text, "%s %s", cnvtype_text0, cnvtype_text1 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:7426:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( result + watlen - 1, wat );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:8160:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( msgbuf, "The \"-SIP\" distortion code can only be "
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:8244:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( msgbuf, "The header contains CTYPE values (e.g. "
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:11115:27: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
if( len >= 0 && ( nc = sprintf( formatkey_buff + len, "%s", key ) ) >= 0 ){
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:15892:24: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
len = (int) strlen( strcpy( buf, CardName( this, status ) ) );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:17245:28: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( *val + nc - 1, upq );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:18158:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( lontype, cval );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:18161:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( lattype, cval );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:19595:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( algcode, ctype + 4 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:22833:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( buf, "The spectral CTYPE value %s%s is not legal - "
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:23561:23: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf( buf, "%s", sym );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:23910:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( type, cval );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:23947:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( primsys, cval );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:26171:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( buf + 4, algcode );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:27867:22: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( buf, cval );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:27875:22: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( buf, cval );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:28750:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( lontype + 4, prj_name );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:28751:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( lattype + 4, prj_name );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:28767:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( com, "%s offset from %s",astGetC( skyfrm, attr )+1, skyref );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:28771:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( com, "%s offset from %s",astGetC( skyfrm, attr )+1, skyref );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:29125:21: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
if( cval ) strcpy( orig_system, cval );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:29176:24: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
if( cval ) strcpy( lin_unit, cval );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:29206:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( ctype, orig_system );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:29245:25: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( ctype, orig_system );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:29335:22: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( ctype, orig_system );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:29433:28: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( ctype, orig_system );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:29436:28: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( ctype + 4, ( ix == 0 ) ? "-GRI" : "-GRA" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:29490:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( ctype, orig_system );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:29977:22: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( spectype, cval );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:29979:25: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( sprj, strlen( cval ) > 8 ? "----" : " " );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:30667:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( keyname, CardName( this, status ) );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:32577:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( name + 4, ctype + 8 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:33432:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( buf, "The original FITS header contained a value of %s for "
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:34521:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( lontype, wcscelestial_type );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:34522:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( lonkey, keyname );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:34523:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( lonctype, ctype );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:34573:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( lattype, wcscelestial_type );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:34574:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( latkey, keyname );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:34575:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( latctype, ctype );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:34737:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( buf, "Projection parameter PV%d_%d found, "
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:34748:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( buf, "Projection parameter PV%d_%d found, "
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:35673:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( buf, "The original FITS header contained a value for "
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:35895:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( type, cval );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:37644:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( buf, "%s-%s", newdom, buf2 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:37646:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( buf, "%s", buf2 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:37705:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( buf, "%s coordinates", ckeyval );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:37970:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( buf, "The original FITS header did not specify the "
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:38000:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( buf, "The original FITS header did not specify the "
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:38079:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( sym, sys );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:38104:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( buf, "This FITS header contains references to an unknown "
data/starlink-ast-9.2.3+dfsg/src/fitschan.h:420:70: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
const char *, ... )__attribute__((format(printf,3,4)));
data/starlink-ast-9.2.3+dfsg/src/fitstable.c:1078:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( buff, cval );
data/starlink-ast-9.2.3+dfsg/src/fitstable.c:1716:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( buf, "%.*s(%s)", collen, column, rbuf );
data/starlink-ast-9.2.3+dfsg/src/fitstable.h:147:81: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
AstFitsTable *astFitsTableId_( void *, const char *, ... )__attribute__((format(printf,2,3)));
data/starlink-ast-9.2.3+dfsg/src/fluxframe.c:437:8: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
int system; /* The FluxFrame's System value */
data/starlink-ast-9.2.3+dfsg/src/fluxframe.c:450:8: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if( system < this->nuunits && this->usedunits ) {
data/starlink-ast-9.2.3+dfsg/src/fluxframe.c:451:24: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
this->usedunits[ system ] = astFree( this->usedunits[ system ] );
data/starlink-ast-9.2.3+dfsg/src/fluxframe.c:451:61: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
this->usedunits[ system ] = astFree( this->usedunits[ system ] );
data/starlink-ast-9.2.3+dfsg/src/fluxframe.c:458:43: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
static const char *DefUnit( AstSystemType system, const char *method,
data/starlink-ast-9.2.3+dfsg/src/fluxframe.c:530:23: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
(int) system );
data/starlink-ast-9.2.3+dfsg/src/fluxframe.c:666:52: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
static const char *FluxSystemString( AstSystemType system, int *status ) {
data/starlink-ast-9.2.3+dfsg/src/fluxframe.c:718:13: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
switch ( system ) {
data/starlink-ast-9.2.3+dfsg/src/fluxframe.c:1151:18: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
AstSystemType system; /* Code identifying type of flux coordinates */
data/starlink-ast-9.2.3+dfsg/src/fluxframe.c:1179:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
result = strcpy( getlabel_buff, SystemLabel( system, status ) );
data/starlink-ast-9.2.3+dfsg/src/fluxframe.c:1179:55: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
result = strcpy( getlabel_buff, SystemLabel( system, status ) );
data/starlink-ast-9.2.3+dfsg/src/fluxframe.c:1191:43: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
map = astUnitMapper( DefUnit( system, "astGetLabel",
data/starlink-ast-9.2.3+dfsg/src/fluxframe.c:1196:25: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
result = strcpy( getlabel_buff, new_lab );
data/starlink-ast-9.2.3+dfsg/src/fluxframe.c:1322:18: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
AstSystemType system; /* Code identifying type of sky coordinates */
data/starlink-ast-9.2.3+dfsg/src/fluxframe.c:1366:71: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
astGetClass( this ), astGetClass( this ), (int) system );
data/starlink-ast-9.2.3+dfsg/src/fluxframe.c:1378:43: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
map = astUnitMapper( DefUnit( system, "astGetSymbol",
data/starlink-ast-9.2.3+dfsg/src/fluxframe.c:1383:25: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
result = strcpy( getsymbol_buff, new_sym );
data/starlink-ast-9.2.3+dfsg/src/fluxframe.c:1628:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
pos = sprintf( gettitle_buff, "%s", SystemLabel( astGetSystem( this ), status ) );
data/starlink-ast-9.2.3+dfsg/src/fluxframe.c:1637:20: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
pos += sprintf( gettitle_buff + pos, " at = %s %s", sv, su );
data/starlink-ast-9.2.3+dfsg/src/fluxframe.c:1690:18: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
AstSystemType system; /* The FluxFrame's System value */
data/starlink-ast-9.2.3+dfsg/src/fluxframe.c:1713:25: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
result = DefUnit( system, "astGetUnit", astGetClass( this ), status );
data/starlink-ast-9.2.3+dfsg/src/fluxframe.c:2839:18: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
AstSystemType system; /* The FluxFrame's System value */
data/starlink-ast-9.2.3+dfsg/src/fluxframe.c:2861:17: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if( UnitsOK( system, value, 0, "astSetUnit", astGetClass( this ), status ) ) {
data/starlink-ast-9.2.3+dfsg/src/fluxframe.c:3137:62: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
static AstSystemType SystemCode( AstFrame *this, const char *system, int *status ) {
data/starlink-ast-9.2.3+dfsg/src/fluxframe.c:3194:31: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if ( astChrMatch( "FLXDN", system ) ) {
data/starlink-ast-9.2.3+dfsg/src/fluxframe.c:3197:39: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
} else if ( astChrMatch( "FLXDNW", system ) ) {
data/starlink-ast-9.2.3+dfsg/src/fluxframe.c:3200:37: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
}else if ( astChrMatch( "SFCBR", system ) ) {
data/starlink-ast-9.2.3+dfsg/src/fluxframe.c:3203:38: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
} else if ( astChrMatch( "SRCBR", system ) ) {
data/starlink-ast-9.2.3+dfsg/src/fluxframe.c:3212:47: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
static const char *SystemLabel( AstSystemType system, int *status ) {
data/starlink-ast-9.2.3+dfsg/src/fluxframe.c:3263:13: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
switch ( system ) {
data/starlink-ast-9.2.3+dfsg/src/fluxframe.c:3287:64: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
static const char *SystemString( AstFrame *this, AstSystemType system, int *status ) {
data/starlink-ast-9.2.3+dfsg/src/fluxframe.c:3331:29: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
return FluxSystemString( system, status );
data/starlink-ast-9.2.3+dfsg/src/fluxframe.c:3447:35: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
static int UnitsOK( AstSystemType system, const char *units, int report,
data/starlink-ast-9.2.3+dfsg/src/fluxframe.c:3502:34: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
map = astUnitMapper( DefUnit( system, method, class, status ), units, NULL, NULL );
data/starlink-ast-9.2.3+dfsg/src/fluxframe.c:3517:52: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
class, units, FluxSystemString( system, status ), class );
data/starlink-ast-9.2.3+dfsg/src/fluxframe.c:3525:58: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
static int ValidateSystem( AstFrame *this, AstSystemType system, const char *method, int *status ) {
data/starlink-ast-9.2.3+dfsg/src/fluxframe.c:3583:9: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if ( system < FIRST_SYSTEM || system > LAST_SYSTEM ) {
data/starlink-ast-9.2.3+dfsg/src/fluxframe.c:3583:34: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if ( system < FIRST_SYSTEM || system > LAST_SYSTEM ) {
data/starlink-ast-9.2.3+dfsg/src/fluxframe.c:3586:47: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
astGetClass( this ), (int) system, astGetClass( this ) );
data/starlink-ast-9.2.3+dfsg/src/fluxframe.c:3590:16: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
result = system;
data/starlink-ast-9.2.3+dfsg/src/fluxframe.c:3843:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( buff, "U%s", astSystemString( this, (AstSystemType) i ));
data/starlink-ast-9.2.3+dfsg/src/fluxframe.c:3845:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( comm, "Preferred units for %s", SystemLabel( (AstSystemType) i, status ) );
data/starlink-ast-9.2.3+dfsg/src/fluxframe.c:4234:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( buff, "u%s", astSystemString( new, (AstSystemType) sys ));
data/starlink-ast-9.2.3+dfsg/src/fluxframe.h:159:89: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
AstFluxFrame *astFluxFrameId_( double, void *, const char *, ... )__attribute__((format(printf,3,4)));
data/starlink-ast-9.2.3+dfsg/src/frame.c:2413:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( pfrm_attrib, "%s(%d)", axis_attrib, paxis + 1 );
data/starlink-ast-9.2.3+dfsg/src/frame.c:4783:18: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
AstSystemType system; /* System code */
data/starlink-ast-9.2.3+dfsg/src/frame.c:5007:42: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
result = astSystemString( this, system );
data/starlink-ast-9.2.3+dfsg/src/frame.c:5014:70: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
astGetClass( this ), astGetClass( this ), (int) system );
data/starlink-ast-9.2.3+dfsg/src/frame.c:5024:42: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
result = astSystemString( this, system );
data/starlink-ast-9.2.3+dfsg/src/frame.c:5031:70: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
astGetClass( this ), astGetClass( this ), (int) system );
data/starlink-ast-9.2.3+dfsg/src/frame.c:5077:20: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf( getattrib_buff, "S%s", astFormat( skyframe, 1, -dval ) );
data/starlink-ast-9.2.3+dfsg/src/frame.c:5079:20: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf( getattrib_buff, "N%s", astFormat( skyframe, 1, dval ) );
data/starlink-ast-9.2.3+dfsg/src/frame.c:5103:20: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf( getattrib_buff, "W%s", astFormat( skyframe, 1, -dval ) );
data/starlink-ast-9.2.3+dfsg/src/frame.c:5105:20: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf( getattrib_buff, "E%s", astFormat( skyframe, 1, dval ) );
data/starlink-ast-9.2.3+dfsg/src/frame.c:5192:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( pfrm_attrib, "%s(%d)", axis_attrib, paxis + 1 );
data/starlink-ast-9.2.3+dfsg/src/frame.c:9675:8: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
int system; /* Offset of System string */
data/starlink-ast-9.2.3+dfsg/src/frame.c:9848:69: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
( 0 == astSscanf( setting, "alignsystem= %n%*s %n", &system, &nc ) )
data/starlink-ast-9.2.3+dfsg/src/frame.c:9866:64: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
( 0 == astSscanf( setting, "system= %n%*s %n", &system, &nc ) )
data/starlink-ast-9.2.3+dfsg/src/frame.c:10032:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void) strcpy( axis_setting + axis_nc, setting + axis_value );
data/starlink-ast-9.2.3+dfsg/src/frame.c:10150:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( axis_setting + ( equals - setting ) + 3, equals );
data/starlink-ast-9.2.3+dfsg/src/frame.c:10731:62: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
static AstSystemType SystemCode( AstFrame *this, const char *system, int *status ) {
data/starlink-ast-9.2.3+dfsg/src/frame.c:10786:35: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if ( astChrMatch( "Cartesian", system ) ) {
data/starlink-ast-9.2.3+dfsg/src/frame.c:10794:64: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
static const char *SystemString( AstFrame *this, AstSystemType system, int *status ) {
data/starlink-ast-9.2.3+dfsg/src/frame.c:10850:13: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
switch ( system ) {
data/starlink-ast-9.2.3+dfsg/src/frame.c:11208:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( pfrm_attrib, "%s(%d)", axis_attrib, paxis + 1 );
data/starlink-ast-9.2.3+dfsg/src/frame.c:11742:58: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
static int ValidateSystem( AstFrame *this, AstSystemType system, const char *method, int *status ) {
data/starlink-ast-9.2.3+dfsg/src/frame.c:11798:9: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if ( system < FIRST_SYSTEM || system > LAST_SYSTEM ) {
data/starlink-ast-9.2.3+dfsg/src/frame.c:11798:34: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if ( system < FIRST_SYSTEM || system > LAST_SYSTEM ) {
data/starlink-ast-9.2.3+dfsg/src/frame.c:11801:47: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
astGetClass( this ), (int) system, astGetClass( this ) );
data/starlink-ast-9.2.3+dfsg/src/frame.c:11805:16: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
result = system;
data/starlink-ast-9.2.3+dfsg/src/frame.c:13375:28: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
astMAKE_CLEAR(Frame,System,system,AST__BADSYSTEM)
data/starlink-ast-9.2.3+dfsg/src/frame.c:13379:68: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
( this->system == AST__BADSYSTEM ) ? AST__CART : this->system ) )
data/starlink-ast-9.2.3+dfsg/src/frame.c:13383:40: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
astMAKE_SET(Frame,System,AstSystemType,system,(
data/starlink-ast-9.2.3+dfsg/src/frame.c:13385:27: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
value : this->system ))
data/starlink-ast-9.2.3+dfsg/src/frame.c:13388:35: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
astMAKE_TEST(Frame,System,( this->system != AST__BADSYSTEM ))
data/starlink-ast-9.2.3+dfsg/src/frame.c:13794:18: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
AstSystemType system; /* System code */
data/starlink-ast-9.2.3+dfsg/src/frame.c:13946:43: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
sval = astSystemString( this, system );
data/starlink-ast-9.2.3+dfsg/src/frame.c:13954:31: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
(int) system );
data/starlink-ast-9.2.3+dfsg/src/frame.c:13976:43: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
sval = astSystemString( this, system );
data/starlink-ast-9.2.3+dfsg/src/frame.c:13984:31: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
(int) system );
data/starlink-ast-9.2.3+dfsg/src/frame.c:14010:20: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf( comment, "Units for axis %d (%s)", axis + 1, lab );
data/starlink-ast-9.2.3+dfsg/src/frame.c:14080:17: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
(void) sprintf( comment,
data/starlink-ast-9.2.3+dfsg/src/frame.c:15202:65: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
AstSystemType astValidateSystem_( AstFrame *this, AstSystemType system, const char *method, int *status ) {
data/starlink-ast-9.2.3+dfsg/src/frame.c:15204:59: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
return (**astMEMBER(this,Frame,ValidateSystem))( this, system, method, status );
data/starlink-ast-9.2.3+dfsg/src/frame.c:15206:59: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
AstSystemType astSystemCode_( AstFrame *this, const char *system, int *status ) {
data/starlink-ast-9.2.3+dfsg/src/frame.c:15208:55: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
return (**astMEMBER(this,Frame,SystemCode))( this, system, status );
data/starlink-ast-9.2.3+dfsg/src/frame.c:15210:61: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
const char *astSystemString_( AstFrame *this, AstSystemType system, int *status ) {
data/starlink-ast-9.2.3+dfsg/src/frame.c:15212:57: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
return (**astMEMBER(this,Frame,SystemString))( this, system, status );
data/starlink-ast-9.2.3+dfsg/src/frame.h:633:18: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
AstSystemType system; /* Code identifying coordinate system */
data/starlink-ast-9.2.3+dfsg/src/frame.h:882:70: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
AstFrame *astFrameId_( int, const char *, ... )__attribute__((format(printf,2,3)));
data/starlink-ast-9.2.3+dfsg/src/frame.h:1348:32: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
#define astValidateSystem(this,system,method) \
data/starlink-ast-9.2.3+dfsg/src/frame.h:1349:52: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
astINVOKE(V,astValidateSystem_(astCheckFrame(this),system,method,STATUS_PTR))
data/starlink-ast-9.2.3+dfsg/src/frame.h:1350:30: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
#define astSystemString(this,system) \
data/starlink-ast-9.2.3+dfsg/src/frame.h:1351:50: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
astINVOKE(V,astSystemString_(astCheckFrame(this),system,STATUS_PTR))
data/starlink-ast-9.2.3+dfsg/src/frame.h:1352:28: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
#define astSystemCode(this,system) \
data/starlink-ast-9.2.3+dfsg/src/frame.h:1353:48: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
astINVOKE(V,astSystemCode_(astCheckFrame(this),system,STATUS_PTR))
data/starlink-ast-9.2.3+dfsg/src/frameset.c:6944:22: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
nc += sprintf( getallvariants_buff + nc, "%s ", dom );
data/starlink-ast-9.2.3+dfsg/src/frameset.c:10515:68: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
static AstSystemType SystemCode( AstFrame *this_frame, const char *system, int *status ) {
data/starlink-ast-9.2.3+dfsg/src/frameset.c:10576:32: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
result = astSystemCode( fr, system );
data/starlink-ast-9.2.3+dfsg/src/frameset.c:10586:70: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
static const char *SystemString( AstFrame *this_frame, AstSystemType system, int *status ) {
data/starlink-ast-9.2.3+dfsg/src/frameset.c:10648:34: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
result = astSystemString( fr, system );
data/starlink-ast-9.2.3+dfsg/src/frameset.c:11639:64: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
static int ValidateSystem( AstFrame *this_frame, AstSystemType system, const char *method, int *status ) {
data/starlink-ast-9.2.3+dfsg/src/frameset.c:11705:38: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
result = astValidateSystem( this, system, method );
data/starlink-ast-9.2.3+dfsg/src/frameset.h:562:79: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
AstFrameSet *astFrameSetId_( void *, const char *, ... )__attribute__((format(printf,2,3)));
data/starlink-ast-9.2.3+dfsg/src/grismmap.h:189:71: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
AstGrismMap *astGrismMapId_( const char *, ... )__attribute__((format(printf,1,2)));
data/starlink-ast-9.2.3+dfsg/src/interval.h:157:124: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
AstInterval *astIntervalId_( void *, const double[], const double[], AstRegion *, const char *, ... )__attribute__((format(printf,5,6)));
data/starlink-ast-9.2.3+dfsg/src/intramap.h:238:95: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
AstIntraMap *astIntraMapId_( const char *, int, int, const char *, ... )__attribute__((format(printf,4,5)));
data/starlink-ast-9.2.3+dfsg/src/keymap.h:284:67: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
AstKeyMap *astKeyMapId_( const char *, ... )__attribute__((format(printf,1,2)));
data/starlink-ast-9.2.3+dfsg/src/lutmap.h:224:105: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
AstLutMap *astLutMapId_( int, const double [], double, double, const char *, ... )__attribute__((format(printf,5,6)));
data/starlink-ast-9.2.3+dfsg/src/mathmap.c:3077:23: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void) strcpy( ( *exprs )[ ifun ], ex );
data/starlink-ast-9.2.3+dfsg/src/mathmap.h:293:69: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
const char *, ... )__attribute__((format(printf,7,8)));
data/starlink-ast-9.2.3+dfsg/src/matrixmap.h:239:104: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
AstMatrixMap *astMatrixMapId_( int, int, int, const double[], const char *, ... )__attribute__((format(printf,5,6)));
data/starlink-ast-9.2.3+dfsg/src/memory.c:631:14: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void) strcpy( result + *nc, str2 );
data/starlink-ast-9.2.3+dfsg/src/memory.c:734:15: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
buf_size = vsnprintf( buf, sizeof( buf ), str2, args ) + 1;
data/starlink-ast-9.2.3+dfsg/src/memory.c:746:11: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
nexp = vsprintf( pbuf, str2, args );
data/starlink-ast-9.2.3+dfsg/src/memory.c:771:14: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void) strcpy( result + *nc, pbuf );
data/starlink-ast-9.2.3+dfsg/src/memory.c:2157:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( template, temp + 1 );
data/starlink-ast-9.2.3+dfsg/src/memory.c:2165:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( template + 1, temp + 2 );
data/starlink-ast-9.2.3+dfsg/src/memory.c:2175:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( template + 3, temp );
data/starlink-ast-9.2.3+dfsg/src/memory.c:4608:19: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
ret = sscanf( str, newfor, ptr[0], ptr[1], ptr[2], ptr[3],
data/starlink-ast-9.2.3+dfsg/src/memory.c:4686:16: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
ret = sscanf( str, fmt, ptr[0], ptr[1], ptr[2], ptr[3],
data/starlink-ast-9.2.3+dfsg/src/memory.c:4792:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( mem, text );
data/starlink-ast-9.2.3+dfsg/src/memory.h:243:82: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
char *astAppendStringf_( char *, int *, const char *, ... )__attribute__((format(printf,3,4)));
data/starlink-ast-9.2.3+dfsg/src/memory.h:317:35: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
#define astSscanf astERROR_INVOKE(sscanf)
data/starlink-ast-9.2.3+dfsg/src/moc.c:4901:18: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
nc = sprintf( token, first?"{\"%d\":[%zu":"],\"%d\":[%zu",
data/starlink-ast-9.2.3+dfsg/src/moc.c:4925:18: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
nc = sprintf( token, first?"%d/%zu":" %d/%zu", order, npix );
data/starlink-ast-9.2.3+dfsg/src/moc.c:4962:15: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
nc = sprintf( token, first?"{\"%d\":[]":",\"%d\":[]", maxorder );
data/starlink-ast-9.2.3+dfsg/src/moc.c:4964:15: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
nc = sprintf( token, first?"%d/":" %d/", maxorder );
data/starlink-ast-9.2.3+dfsg/src/moc.h:211:61: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
AstMoc *astMocId_( const char *, ... )__attribute__((format(printf,1,2)));
data/starlink-ast-9.2.3+dfsg/src/normmap.h:142:77: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
AstNormMap *astNormMapId_( void *, const char *, ... )__attribute__((format(printf,2,3)));
data/starlink-ast-9.2.3+dfsg/src/nullregion.h:147:96: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
AstNullRegion *astNullRegionId_( void *, AstRegion *, const char *, ... )__attribute__((format(printf,3,4)));
data/starlink-ast-9.2.3+dfsg/src/object.c:1865:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( varname, "%s_OPTIONS", class );
data/starlink-ast-9.2.3+dfsg/src/object.c:3850:14: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
(void) strcat( setting, "=" format ); \
data/starlink-ast-9.2.3+dfsg/src/object.c:4427:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( buff, p );
data/starlink-ast-9.2.3+dfsg/src/object.c:4447:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( p, value );
data/starlink-ast-9.2.3+dfsg/src/object.c:4713:7: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf( settings, " %%s %n", &nc );
data/starlink-ast-9.2.3+dfsg/src/object.c:4719:17: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
len = vsnprintf( setting_buf, sizeof(setting_buf), settings, args );
data/starlink-ast-9.2.3+dfsg/src/object.c:4726:23: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
len = vsnprintf( dyn_buf, len + 1, settings, args );
data/starlink-ast-9.2.3+dfsg/src/object.c:4782:21: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
nc = vsprintf( buff2, buff1, args );
data/starlink-ast-9.2.3+dfsg/src/object.c:4784:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( buff2, buff1 );
data/starlink-ast-9.2.3+dfsg/src/object.c:8916:4: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
vsprintf( buff, verb, args );
data/starlink-ast-9.2.3+dfsg/src/object.c:8933:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( buf, "(index:%d v:%d c:%d t:%d i:%d cl:%s) [cur. thread: %d]",
data/starlink-ast-9.2.3+dfsg/src/object.c:8947:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( buf, "(index:%d v:%d c:%d i:%d cl:%s)", ihandle,
data/starlink-ast-9.2.3+dfsg/src/object.h:1708:66: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void astSetId_( void *, const char *, ... )__attribute__((format(printf,2,3)));
data/starlink-ast-9.2.3+dfsg/src/pcdmap.h:253:93: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
AstPcdMap *astPcdMapId_( double, const double [2], const char *, ... )__attribute__((format(printf,3,4)));
data/starlink-ast-9.2.3+dfsg/src/permmap.h:231:86: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
const double [], const char *, ... )__attribute__((format(printf,6,7)));
data/starlink-ast-9.2.3+dfsg/src/plot.c:14661:18: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
AstSystemType system; /* The SkyFrame System attribute */
data/starlink-ast-9.2.3+dfsg/src/plot.c:18133:20: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
if( ret ) strcpy( ret + dlen, text );
data/starlink-ast-9.2.3+dfsg/src/plot.h:699:104: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
AstPlot *astPlotId_( void *, const float [], const double [], const char *, ... )__attribute__((format(printf,4,5)));
data/starlink-ast-9.2.3+dfsg/src/plot3d.c:2380:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( patt, "%s%s", attname, attrib + nc );
data/starlink-ast-9.2.3+dfsg/src/plot3d.c:3278:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( patt, "%s%s", attname, attrib + nc );
data/starlink-ast-9.2.3+dfsg/src/plot3d.c:5660:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( pat, ".*(_%s).*", spec );
data/starlink-ast-9.2.3+dfsg/src/plot3d.c:6573:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( patt, "%s%s", attname, attrib + nc );
data/starlink-ast-9.2.3+dfsg/src/pointlist.h:154:125: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
AstPointList *astPointListId_( void *, int, int, int, const double *, AstRegion *, const char *, ... )__attribute__((format(printf,7,8)));
data/starlink-ast-9.2.3+dfsg/src/pointset.c:1229:17: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
(void) sprintf( getattrib_buff, "%" AST__DIMFMT , npoint );
data/starlink-ast-9.2.3+dfsg/src/pointset.h:574:84: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
AstPointSet *astPointSetId_( AstDim, int, const char *, ... )__attribute__((format(printf,3,4)));
data/starlink-ast-9.2.3+dfsg/src/polygon.h:177:116: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
AstPolygon *astPolygonId_( void *, int, int, const double *, AstRegion *, const char *, ... )__attribute__((format(printf,6,7)));
data/starlink-ast-9.2.3+dfsg/src/polymap.h:251:121: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
AstPolyMap *astPolyMapId_( int, int, int, const double[], int, const double[], const char *, ... )__attribute__((format(printf,7,8)));
data/starlink-ast-9.2.3+dfsg/src/prism.c:2940:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( buf2, "%s(%d)", buf1, axis + 1 );
data/starlink-ast-9.2.3+dfsg/src/prism.c:3073:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( buf2, "%s(%d)=%s", buf1, axis + 1, bset + value );
data/starlink-ast-9.2.3+dfsg/src/prism.h:160:81: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
AstPrism *astPrismId_( void *, void *, const char *, ... )__attribute__((format(printf,3,4)));
data/starlink-ast-9.2.3+dfsg/src/ratemap.h:204:87: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
AstRateMap *astRateMapId_( void *, int, int, const char *, ... )__attribute__((format(printf,4,5)));
data/starlink-ast-9.2.3+dfsg/src/region.c:392:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( buf, "%s(%d)", #attribute, axis + 1 ); \
data/starlink-ast-9.2.3+dfsg/src/region.c:693:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( buf, "%s(%d)", #attribute, axis + 1 ); \
data/starlink-ast-9.2.3+dfsg/src/region.c:8483:27: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
if( battrib ) sprintf( battrib, "%s(%d)", buf1, baxis + 1 );
data/starlink-ast-9.2.3+dfsg/src/region.c:9920:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( bsetting, "%s(%d)=%s", buf1, baxis + 1, setting + value );
data/starlink-ast-9.2.3+dfsg/src/region.c:11329:68: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
static AstSystemType SystemCode( AstFrame *this_frame, const char *system, int *status ) {
data/starlink-ast-9.2.3+dfsg/src/region.c:11390:32: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
result = astSystemCode( fr, system );
data/starlink-ast-9.2.3+dfsg/src/region.c:11400:70: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
static const char *SystemString( AstFrame *this_frame, AstSystemType system, int *status ) {
data/starlink-ast-9.2.3+dfsg/src/region.c:11462:34: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
result = astSystemString( fr, system );
data/starlink-ast-9.2.3+dfsg/src/region.c:12211:64: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
static int ValidateSystem( AstFrame *this_frame, AstSystemType system, const char *method, int *status ) {
data/starlink-ast-9.2.3+dfsg/src/region.c:12277:38: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
result = astValidateSystem( this, system, method );
data/starlink-ast-9.2.3+dfsg/src/selectormap.h:205:99: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
AstSelectorMap *astSelectorMapId_( int, void **, double, const char *, ... )__attribute__((format(printf,4,5)));
data/starlink-ast-9.2.3+dfsg/src/shiftmap.h:213:93: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
AstShiftMap *astShiftMapId_( int, const double [], const char *, ... )__attribute__((format(printf,3,4)));
data/starlink-ast-9.2.3+dfsg/src/skyaxis.c:1893:26: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
pos += sprintf( dhmsformat_buff + pos, "%s", term );
data/starlink-ast-9.2.3+dfsg/src/skyaxis.c:1917:26: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
pos += sprintf( dhmsformat_buff + pos, "%s", term );
data/starlink-ast-9.2.3+dfsg/src/skyaxis.c:1951:20: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
pos += sprintf( dhmsformat_buff + pos, "%s", term );
data/starlink-ast-9.2.3+dfsg/src/skyaxis.c:2397:20: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
pos += sprintf( dhmsunit_buff, "%s", as_time ? "hh" : "ddd" );
data/starlink-ast-9.2.3+dfsg/src/skyaxis.h:307:69: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
AstSkyAxis *astSkyAxisId_( const char *, ... )__attribute__((format(printf,1,2)));
data/starlink-ast-9.2.3+dfsg/src/skyframe.c:392:15: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
#define EQREF(system) \
data/starlink-ast-9.2.3+dfsg/src/skyframe.c:2742:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
nc = sprintf( getattrib_buff, "%s, ", cval );
data/starlink-ast-9.2.3+dfsg/src/skyframe.c:2745:20: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf( getattrib_buff + nc, "%s", cval );
data/starlink-ast-9.2.3+dfsg/src/skyframe.c:2766:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
nc = sprintf( getattrib_buff, "%s, ", cval );
data/starlink-ast-9.2.3+dfsg/src/skyframe.c:2769:20: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf( getattrib_buff + nc, "%s", cval );
data/starlink-ast-9.2.3+dfsg/src/skyframe.c:3186:18: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
AstSystemType system; /* System attribute */
data/starlink-ast-9.2.3+dfsg/src/skyframe.c:3597:18: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
AstSystemType system; /* Code identifying type of sky coordinates */
data/starlink-ast-9.2.3+dfsg/src/skyframe.c:3626:29: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if ( IsEquatorial( system, status ) ) {
data/starlink-ast-9.2.3+dfsg/src/skyframe.c:3665:15: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
(int) system );
data/starlink-ast-9.2.3+dfsg/src/skyframe.c:3671:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( getlabel_buff, "%s offset", result );
data/starlink-ast-9.2.3+dfsg/src/skyframe.c:4193:18: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
AstSystemType system; /* Code identifying type of sky coordinates */
data/starlink-ast-9.2.3+dfsg/src/skyframe.c:4222:29: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if ( IsEquatorial( system, status ) ) {
data/starlink-ast-9.2.3+dfsg/src/skyframe.c:4254:15: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
(int) system );
data/starlink-ast-9.2.3+dfsg/src/skyframe.c:4261:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( getsymbol_buff, "D%s", result );
data/starlink-ast-9.2.3+dfsg/src/skyframe.c:4436:18: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
AstSystemType system; /* Code identifying type of sky coordinates */
data/starlink-ast-9.2.3+dfsg/src/skyframe.c:4488:19: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
switch ( system ) {
data/starlink-ast-9.2.3+dfsg/src/skyframe.c:4494:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
pos = sprintf( gettitle_buff, "FK4 equatorial %s", word );
data/starlink-ast-9.2.3+dfsg/src/skyframe.c:4496:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
pos += sprintf( gettitle_buff + pos, "; mean equinox B%s",
data/starlink-ast-9.2.3+dfsg/src/skyframe.c:4500:23: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
pos += sprintf( gettitle_buff + pos,
data/starlink-ast-9.2.3+dfsg/src/skyframe.c:4509:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
pos = sprintf( gettitle_buff, "FK4 equatorial %s; no E-terms", word );
data/starlink-ast-9.2.3+dfsg/src/skyframe.c:4511:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
pos += sprintf( gettitle_buff + pos, "; mean equinox B%s",
data/starlink-ast-9.2.3+dfsg/src/skyframe.c:4515:23: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
pos += sprintf( gettitle_buff + pos,
data/starlink-ast-9.2.3+dfsg/src/skyframe.c:4524:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
pos = sprintf( gettitle_buff, "FK5 equatorial %s", word );
data/starlink-ast-9.2.3+dfsg/src/skyframe.c:4526:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
pos += sprintf( gettitle_buff + pos, "; mean equinox J%s",
data/starlink-ast-9.2.3+dfsg/src/skyframe.c:4536:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
pos = sprintf( gettitle_buff, "J2000 equatorial %s", word );
data/starlink-ast-9.2.3+dfsg/src/skyframe.c:4544:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
pos = sprintf( gettitle_buff, "ICRS %s", word );
data/starlink-ast-9.2.3+dfsg/src/skyframe.c:4550:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
pos = sprintf( gettitle_buff, "Horizon (Azimuth/Elevation) %s", word );
data/starlink-ast-9.2.3+dfsg/src/skyframe.c:4557:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
pos = sprintf( gettitle_buff,
data/starlink-ast-9.2.3+dfsg/src/skyframe.c:4566:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
pos = sprintf( gettitle_buff, "Ecliptic %s", word );
data/starlink-ast-9.2.3+dfsg/src/skyframe.c:4568:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
pos += sprintf( gettitle_buff + pos, "; mean equinox J%s",
data/starlink-ast-9.2.3+dfsg/src/skyframe.c:4577:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
pos = sprintf( gettitle_buff, "Helio-ecliptic %s; mean equinox J2000", word );
data/starlink-ast-9.2.3+dfsg/src/skyframe.c:4579:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
pos += sprintf( gettitle_buff + pos, "; epoch J%s",
data/starlink-ast-9.2.3+dfsg/src/skyframe.c:4588:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
pos = sprintf( gettitle_buff, "IAU (1958) galactic %s", word );
data/starlink-ast-9.2.3+dfsg/src/skyframe.c:4595:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
pos = sprintf( gettitle_buff,
data/starlink-ast-9.2.3+dfsg/src/skyframe.c:4602:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
pos = sprintf( gettitle_buff,
data/starlink-ast-9.2.3+dfsg/src/skyframe.c:4611:14: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
(int) system );
data/starlink-ast-9.2.3+dfsg/src/skyframe.c:4625:25: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
lextra = sprintf( gettitle_buff2, "%s at %s ", word,
data/starlink-ast-9.2.3+dfsg/src/skyframe.c:4627:26: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
lextra += sprintf( gettitle_buff2 + lextra, "%s",
data/starlink-ast-9.2.3+dfsg/src/skyframe.c:5168:40: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
static int IsEquatorial( AstSystemType system, int *status ) {
data/starlink-ast-9.2.3+dfsg/src/skyframe.c:5859:18: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
AstSystemType system; /* Code to identify coordinate system */
data/starlink-ast-9.2.3+dfsg/src/skyframe.c:9281:60: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
static void SetSystem( AstFrame *this_frame, AstSystemType system, int *status ) {
data/starlink-ast-9.2.3+dfsg/src/skyframe.c:9343:37: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
(*parent_setsystem)( this_frame, system, status );
data/starlink-ast-9.2.3+dfsg/src/skyframe.c:9975:62: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
static AstSystemType SystemCode( AstFrame *this, const char *system, int *status ) {
data/starlink-ast-9.2.3+dfsg/src/skyframe.c:10032:29: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if ( astChrMatch( "FK4", system ) ) {
data/starlink-ast-9.2.3+dfsg/src/skyframe.c:10035:41: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
} else if ( astChrMatch( "FK4_NO_E", system ) ||
data/starlink-ast-9.2.3+dfsg/src/skyframe.c:10036:41: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
astChrMatch( "FK4-NO-E", system ) ) {
data/starlink-ast-9.2.3+dfsg/src/skyframe.c:10039:36: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
} else if ( astChrMatch( "FK5", system ) ||
data/starlink-ast-9.2.3+dfsg/src/skyframe.c:10040:43: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
astChrMatch( "Equatorial", system ) ) {
data/starlink-ast-9.2.3+dfsg/src/skyframe.c:10043:38: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
} else if ( astChrMatch( "J2000", system ) ) {
data/starlink-ast-9.2.3+dfsg/src/skyframe.c:10046:37: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
} else if ( astChrMatch( "ICRS", system ) ) {
data/starlink-ast-9.2.3+dfsg/src/skyframe.c:10049:37: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
} else if ( astChrMatch( "AZEL", system ) ) {
data/starlink-ast-9.2.3+dfsg/src/skyframe.c:10052:38: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
} else if ( astChrMatch( "GAPPT", system ) ||
data/starlink-ast-9.2.3+dfsg/src/skyframe.c:10053:43: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
astChrMatch( "GEOCENTRIC", system ) ||
data/starlink-ast-9.2.3+dfsg/src/skyframe.c:10054:41: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
astChrMatch( "APPARENT", system ) ) {
data/starlink-ast-9.2.3+dfsg/src/skyframe.c:10057:41: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
} else if ( astChrMatch( "ECLIPTIC", system ) ) {
data/starlink-ast-9.2.3+dfsg/src/skyframe.c:10060:46: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
} else if ( astChrMatch( "HELIOECLIPTIC", system ) ) {
data/starlink-ast-9.2.3+dfsg/src/skyframe.c:10063:41: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
} else if ( astChrMatch( "GALACTIC", system ) ) {
data/starlink-ast-9.2.3+dfsg/src/skyframe.c:10066:46: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
} else if ( astChrMatch( "SUPERGALACTIC", system ) ) {
data/starlink-ast-9.2.3+dfsg/src/skyframe.c:10069:40: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
} else if ( astChrMatch( "UNKNOWN", system ) ) {
data/starlink-ast-9.2.3+dfsg/src/skyframe.c:10077:64: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
static const char *SystemString( AstFrame *this, AstSystemType system, int *status ) {
data/starlink-ast-9.2.3+dfsg/src/skyframe.c:10133:13: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
switch ( system ) {
data/starlink-ast-9.2.3+dfsg/src/skyframe.c:10652:58: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
static int ValidateSystem( AstFrame *this, AstSystemType system, const char *method, int *status ) {
data/starlink-ast-9.2.3+dfsg/src/skyframe.c:10710:9: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if ( system < FIRST_SYSTEM || system > LAST_SYSTEM ) {
data/starlink-ast-9.2.3+dfsg/src/skyframe.c:10710:34: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if ( system < FIRST_SYSTEM || system > LAST_SYSTEM ) {
data/starlink-ast-9.2.3+dfsg/src/skyframe.c:10713:47: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
astGetClass( this ), (int) system, astGetClass( this ) );
data/starlink-ast-9.2.3+dfsg/src/skyframe.c:10717:16: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
result = system;
data/starlink-ast-9.2.3+dfsg/src/skyframe.c:11686:18: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
AstSystemType system; /* System attribute value */
data/starlink-ast-9.2.3+dfsg/src/skyframe.c:11805:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( buf, "Ref. pos. %s %s", astGetSymbol( this, axis ),
data/starlink-ast-9.2.3+dfsg/src/skyframe.c:11818:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( buf, "Ref. north %s %s", astGetSymbol( this, axis ),
data/starlink-ast-9.2.3+dfsg/src/skyframe.h:307:71: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
AstSkyFrame *astSkyFrameId_( const char *, ... )__attribute__((format(printf,1,2)));
data/starlink-ast-9.2.3+dfsg/src/slamap.h:239:72: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
AstSlaMap *astSlaMapId_( int, const char *, ... )__attribute__((format(printf,2,3)));
data/starlink-ast-9.2.3+dfsg/src/specfluxframe.c:402:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( gettitle_buff, "%s versus %s", astGetLabel( ff, 0 ),
data/starlink-ast-9.2.3+dfsg/src/specfluxframe.h:138:97: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
AstSpecFluxFrame *astSpecFluxFrameId_( void *, void *, const char *, ... )__attribute__((format(printf,3,4)));
data/starlink-ast-9.2.3+dfsg/src/specframe.c:724:8: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
int system; /* The SpecFrame's System value */
data/starlink-ast-9.2.3+dfsg/src/specframe.c:737:8: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if( system < this->nuunits && this->usedunits ) {
data/starlink-ast-9.2.3+dfsg/src/specframe.c:738:24: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
this->usedunits[ system ] = astFree( this->usedunits[ system ] );
data/starlink-ast-9.2.3+dfsg/src/specframe.c:738:61: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
this->usedunits[ system ] = astFree( this->usedunits[ system ] );
data/starlink-ast-9.2.3+dfsg/src/specframe.c:901:43: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
static const char *DefUnit( AstSystemType system, const char *method,
data/starlink-ast-9.2.3+dfsg/src/specframe.c:982:23: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
(int) system );
data/starlink-ast-9.2.3+dfsg/src/specframe.c:1564:18: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
AstSystemType system; /* Code identifying type of spectral coordinates */
data/starlink-ast-9.2.3+dfsg/src/specframe.c:1593:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
result = strcpy( getlabel_buff, SystemLabel( system, status ) );
data/starlink-ast-9.2.3+dfsg/src/specframe.c:1593:55: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
result = strcpy( getlabel_buff, SystemLabel( system, status ) );
data/starlink-ast-9.2.3+dfsg/src/specframe.c:1599:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( getlabel_buff + strlen( getlabel_buff ), " offset from %s",
data/starlink-ast-9.2.3+dfsg/src/specframe.c:1612:43: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
map = astUnitMapper( DefUnit( system, "astGetLabel",
data/starlink-ast-9.2.3+dfsg/src/specframe.c:1617:25: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
result = strcpy( getlabel_buff, new_lab );
data/starlink-ast-9.2.3+dfsg/src/specframe.c:1814:18: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
AstSystemType system; /* Code identifying type of sky coordinates */
data/starlink-ast-9.2.3+dfsg/src/specframe.c:1867:71: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
astGetClass( this ), astGetClass( this ), (int) system );
data/starlink-ast-9.2.3+dfsg/src/specframe.c:1879:43: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
map = astUnitMapper( DefUnit( system, "astGetSymbol",
data/starlink-ast-9.2.3+dfsg/src/specframe.c:1884:25: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
result = strcpy( getsymbol_buff, new_sym );
data/starlink-ast-9.2.3+dfsg/src/specframe.c:2065:18: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
AstSystemType system; /* Code identifying type of coordinates */
data/starlink-ast-9.2.3+dfsg/src/specframe.c:2105:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
pos = sprintf( gettitle_buff, "%s", SystemLabel( system, status ) );
data/starlink-ast-9.2.3+dfsg/src/specframe.c:2105:59: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
pos = sprintf( gettitle_buff, "%s", SystemLabel( system, status ) );
data/starlink-ast-9.2.3+dfsg/src/specframe.c:2110:18: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
nc = sprintf( gettitle_buff+pos, " (%s)", sor_string );
data/starlink-ast-9.2.3+dfsg/src/specframe.c:2115:26: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if( !ABS_SYSTEM(system) && ( astTestRestFreq( this ) ||
data/starlink-ast-9.2.3+dfsg/src/specframe.c:2260:18: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
AstSystemType system; /* The SpecFrame's System value */
data/starlink-ast-9.2.3+dfsg/src/specframe.c:2283:25: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
result = DefUnit( system, "astGetUnit", astGetClass( this ), status );
data/starlink-ast-9.2.3+dfsg/src/specframe.c:3678:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( a, setting + namelen );
data/starlink-ast-9.2.3+dfsg/src/specframe.c:4204:8: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
int system; /* The SpecFrame's System value */
data/starlink-ast-9.2.3+dfsg/src/specframe.c:4219:8: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if( system >= this->nuunits ) {
data/starlink-ast-9.2.3+dfsg/src/specframe.c:4229:37: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if( astOK && ( !this->usedunits[ system ] ||
data/starlink-ast-9.2.3+dfsg/src/specframe.c:4230:44: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
strcmp( this->usedunits[ system ], value ) ) ) {
data/starlink-ast-9.2.3+dfsg/src/specframe.c:4231:24: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
this->usedunits[ system ] = astStore( this->usedunits[ system ],
data/starlink-ast-9.2.3+dfsg/src/specframe.c:4231:62: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
this->usedunits[ system ] = astStore( this->usedunits[ system ],
data/starlink-ast-9.2.3+dfsg/src/specframe.c:4431:47: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
static const char *SpecMapUnit( AstSystemType system, const char *method,
data/starlink-ast-9.2.3+dfsg/src/specframe.c:4516:23: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
(int) system );
data/starlink-ast-9.2.3+dfsg/src/specframe.c:4970:62: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
static AstSystemType SystemCode( AstFrame *this, const char *system, int *status ) {
data/starlink-ast-9.2.3+dfsg/src/specframe.c:5027:30: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if ( astChrMatch( "FREQ", system ) ) {
data/starlink-ast-9.2.3+dfsg/src/specframe.c:5030:37: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
} else if ( astChrMatch( "ENER", system ) || astChrMatch( "ENERGY", system ) ) {
data/starlink-ast-9.2.3+dfsg/src/specframe.c:5030:72: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
} else if ( astChrMatch( "ENER", system ) || astChrMatch( "ENERGY", system ) ) {
data/starlink-ast-9.2.3+dfsg/src/specframe.c:5033:37: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
} else if ( astChrMatch( "WAVN", system ) || astChrMatch( "WAVENUM", system ) ) {
data/starlink-ast-9.2.3+dfsg/src/specframe.c:5033:73: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
} else if ( astChrMatch( "WAVN", system ) || astChrMatch( "WAVENUM", system ) ) {
data/starlink-ast-9.2.3+dfsg/src/specframe.c:5036:37: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
} else if ( astChrMatch( "WAVE", system ) || astChrMatch( "WAVELEN", system ) ) {
data/starlink-ast-9.2.3+dfsg/src/specframe.c:5036:73: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
} else if ( astChrMatch( "WAVE", system ) || astChrMatch( "WAVELEN", system ) ) {
data/starlink-ast-9.2.3+dfsg/src/specframe.c:5039:37: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
} else if ( astChrMatch( "AWAV", system ) || astChrMatch( "AIRWAVE", system ) ) {
data/starlink-ast-9.2.3+dfsg/src/specframe.c:5039:73: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
} else if ( astChrMatch( "AWAV", system ) || astChrMatch( "AIRWAVE", system ) ) {
data/starlink-ast-9.2.3+dfsg/src/specframe.c:5042:37: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
} else if ( astChrMatch( "VRAD", system ) || astChrMatch( "VRADIO", system ) ) {
data/starlink-ast-9.2.3+dfsg/src/specframe.c:5042:72: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
} else if ( astChrMatch( "VRAD", system ) || astChrMatch( "VRADIO", system ) ) {
data/starlink-ast-9.2.3+dfsg/src/specframe.c:5045:37: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
} else if ( astChrMatch( "VOPT", system ) || astChrMatch( "VOPTICAL", system ) ) {
data/starlink-ast-9.2.3+dfsg/src/specframe.c:5045:74: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
} else if ( astChrMatch( "VOPT", system ) || astChrMatch( "VOPTICAL", system ) ) {
data/starlink-ast-9.2.3+dfsg/src/specframe.c:5048:37: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
} else if ( astChrMatch( "ZOPT", system ) || astChrMatch( "REDSHIFT", system ) ) {
data/starlink-ast-9.2.3+dfsg/src/specframe.c:5048:74: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
} else if ( astChrMatch( "ZOPT", system ) || astChrMatch( "REDSHIFT", system ) ) {
data/starlink-ast-9.2.3+dfsg/src/specframe.c:5051:37: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
} else if ( astChrMatch( "BETA", system ) ) {
data/starlink-ast-9.2.3+dfsg/src/specframe.c:5054:37: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
} else if ( astChrMatch( "VELO", system ) || astChrMatch( "VREL", system ) ) {
data/starlink-ast-9.2.3+dfsg/src/specframe.c:5054:70: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
} else if ( astChrMatch( "VELO", system ) || astChrMatch( "VREL", system ) ) {
data/starlink-ast-9.2.3+dfsg/src/specframe.c:5063:47: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
static const char *SystemLabel( AstSystemType system, int *status ) {
data/starlink-ast-9.2.3+dfsg/src/specframe.c:5114:13: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
switch ( system ) {
data/starlink-ast-9.2.3+dfsg/src/specframe.c:5161:64: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
static const char *SystemString( AstFrame *this, AstSystemType system, int *status ) {
data/starlink-ast-9.2.3+dfsg/src/specframe.c:5217:13: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
switch ( system ) {
data/starlink-ast-9.2.3+dfsg/src/specframe.c:5535:58: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
static int ValidateSystem( AstFrame *this, AstSystemType system, const char *method, int *status ) {
data/starlink-ast-9.2.3+dfsg/src/specframe.c:5593:9: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if ( system < FIRST_SYSTEM || system > LAST_SYSTEM ) {
data/starlink-ast-9.2.3+dfsg/src/specframe.c:5593:34: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if ( system < FIRST_SYSTEM || system > LAST_SYSTEM ) {
data/starlink-ast-9.2.3+dfsg/src/specframe.c:5596:47: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
astGetClass( this ), (int) system, astGetClass( this ) );
data/starlink-ast-9.2.3+dfsg/src/specframe.c:5600:16: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
result = system;
data/starlink-ast-9.2.3+dfsg/src/specframe.c:6686:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( buff, "U%s", astSystemString( this, (AstSystemType) i ));
data/starlink-ast-9.2.3+dfsg/src/specframe.c:6688:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( comm, "Preferred units for %s", SystemLabel( (AstSystemType) i, status ) );
data/starlink-ast-9.2.3+dfsg/src/specframe.c:7191:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
nc = sprintf( buff, "u%s", astSystemString( new, (AstSystemType) sys ));
data/starlink-ast-9.2.3+dfsg/src/specframe.h:231:73: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
AstSpecFrame *astSpecFrameId_( const char *, ... )__attribute__((format(printf,1,2)));
data/starlink-ast-9.2.3+dfsg/src/specmap.h:208:79: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
AstSpecMap *astSpecMapId_( int, int, const char *, ... )__attribute__((format(printf,3,4)));
data/starlink-ast-9.2.3+dfsg/src/sphmap.h:273:66: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
AstSphMap *astSphMapId_( const char *, ...)__attribute__((format(printf,1,2)));
data/starlink-ast-9.2.3+dfsg/src/stccatalogentrylocation.h:150:128: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
AstStcCatalogEntryLocation *astStcCatalogEntryLocationId_( void *, int, AstKeyMap **, const char *, ... )__attribute__((format(printf,4,5)));
data/starlink-ast-9.2.3+dfsg/src/stcobsdatalocation.h:156:118: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
AstStcObsDataLocation *astStcObsDataLocationId_( void *, int, AstKeyMap **, const char *, ... )__attribute__((format(printf,4,5)));
data/starlink-ast-9.2.3+dfsg/src/stcresourceprofile.h:150:118: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
AstStcResourceProfile *astStcResourceProfileId_( void *, int, AstKeyMap **, const char *, ... )__attribute__((format(printf,4,5)));
data/starlink-ast-9.2.3+dfsg/src/stcschan.c:1464:20: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
(void) sprintf( buf, fmt, scale*centre[ i ] );
data/starlink-ast-9.2.3+dfsg/src/stcschan.c:1484:17: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
(void) sprintf( buf, fmt, scale*a );
data/starlink-ast-9.2.3+dfsg/src/stcschan.c:1513:20: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
(void) sprintf( buf, fmt, scale*lbnd[ i ] );
data/starlink-ast-9.2.3+dfsg/src/stcschan.c:1534:20: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
(void) sprintf( buf, fmt, scale*ubnd[ i ] );
data/starlink-ast-9.2.3+dfsg/src/stcschan.c:1559:20: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
(void) sprintf( buf, fmt, scale*centre[ i ] );
data/starlink-ast-9.2.3+dfsg/src/stcschan.c:1579:17: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
(void) sprintf( buf, fmt, scale*a );
data/starlink-ast-9.2.3+dfsg/src/stcschan.c:1583:17: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
(void) sprintf( buf, fmt, scale*b );
data/starlink-ast-9.2.3+dfsg/src/stcschan.c:1594:17: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
(void) sprintf( buf, fmt, angle );
data/starlink-ast-9.2.3+dfsg/src/stcschan.c:1623:23: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
(void) sprintf( buf, fmt, scale*(*p) );
data/starlink-ast-9.2.3+dfsg/src/stcschan.c:1667:23: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
(void) sprintf( buf, fmt, scale*centre[ i ] );
data/starlink-ast-9.2.3+dfsg/src/stcschan.c:7109:29: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
(void) sprintf( buf, fmt, scale*error );
data/starlink-ast-9.2.3+dfsg/src/stcsearchlocation.h:150:117: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
AstStcSearchLocation *astStcSearchLocationId_( void *, int, AstKeyMap **, const char *, ... )__attribute__((format(printf,4,5)));
data/starlink-ast-9.2.3+dfsg/src/switchmap.h:207:103: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
AstSwitchMap *astSwitchMapId_( void *, void *, int, void **, const char *, ... )__attribute__((format(printf,5,6)));
data/starlink-ast-9.2.3+dfsg/src/table.c:3762:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( oldkey, "%s(%d)", col, iold + 1 );
data/starlink-ast-9.2.3+dfsg/src/table.c:3763:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( newkey, "%s(%d)", col, inew );
data/starlink-ast-9.2.3+dfsg/src/table.c:3997:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( key, "%s(%d)", col, index );
data/starlink-ast-9.2.3+dfsg/src/table.h:175:65: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
AstTable *astTableId_( const char *, ... )__attribute__((format(printf,1,2)));
data/starlink-ast-9.2.3+dfsg/src/timeframe.c:1227:43: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
static const char *DefUnit( AstSystemType system, const char *method,
data/starlink-ast-9.2.3+dfsg/src/timeframe.c:1296:23: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
(int) system );
data/starlink-ast-9.2.3+dfsg/src/timeframe.c:1729:21: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
d += sprintf( d, "%s", tbuf );
data/starlink-ast-9.2.3+dfsg/src/timeframe.c:2620:18: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
AstSystemType system; /* Code identifying type of time coordinates */
data/starlink-ast-9.2.3+dfsg/src/timeframe.c:2662:22: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
result = strcpy( getlabel_buff, SystemLabel( system, status ) );
data/starlink-ast-9.2.3+dfsg/src/timeframe.c:2662:58: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
result = strcpy( getlabel_buff, SystemLabel( system, status ) );
data/starlink-ast-9.2.3+dfsg/src/timeframe.c:2679:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( getlabel_buff + strlen( getlabel_buff ), " offset from %s",
data/starlink-ast-9.2.3+dfsg/src/timeframe.c:2707:46: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
map = astUnitMapper( DefUnit( system, "astGetLabel",
data/starlink-ast-9.2.3+dfsg/src/timeframe.c:2712:28: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
result = strcpy( getlabel_buff, new_lab );
data/starlink-ast-9.2.3+dfsg/src/timeframe.c:2726:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( getlabel_buff, "%s (UTC+%g)", result, ltoff );
data/starlink-ast-9.2.3+dfsg/src/timeframe.c:2728:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( getlabel_buff, "%s (UTC-%g)", result, -ltoff );
data/starlink-ast-9.2.3+dfsg/src/timeframe.c:2782:18: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
AstSystemType system; /* Code identifying type of sky coordinates */
data/starlink-ast-9.2.3+dfsg/src/timeframe.c:2823:71: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
astGetClass( this ), astGetClass( this ), (int) system );
data/starlink-ast-9.2.3+dfsg/src/timeframe.c:2835:43: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
map = astUnitMapper( DefUnit( system, "astGetSymbol",
data/starlink-ast-9.2.3+dfsg/src/timeframe.c:2840:25: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
result = strcpy( getsymbol_buff, new_sym );
data/starlink-ast-9.2.3+dfsg/src/timeframe.c:3145:18: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
AstSystemType system; /* Code identifying type of coordinates */
data/starlink-ast-9.2.3+dfsg/src/timeframe.c:3184:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
pos = sprintf( gettitle_buff, "%s", SystemLabel( system, status ) );
data/starlink-ast-9.2.3+dfsg/src/timeframe.c:3184:59: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
pos = sprintf( gettitle_buff, "%s", SystemLabel( system, status ) );
data/starlink-ast-9.2.3+dfsg/src/timeframe.c:3190:14: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if( system != AST__BEPOCH && astTestTimeScale( this ) ) {
data/starlink-ast-9.2.3+dfsg/src/timeframe.c:3191:18: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
nc = sprintf( gettitle_buff + pos, " [%s", TimeScaleString( ts, status ) );
data/starlink-ast-9.2.3+dfsg/src/timeframe.c:3225:18: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
nc = sprintf( gettitle_buff+pos, " offset from %s",
data/starlink-ast-9.2.3+dfsg/src/timeframe.c:3290:18: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
AstSystemType system; /* The TimeFrame's System value */
data/starlink-ast-9.2.3+dfsg/src/timeframe.c:3313:25: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
result = DefUnit( system, "astGetUnit", astGetClass( this ), status );
data/starlink-ast-9.2.3+dfsg/src/timeframe.c:4684:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( a, setting + namelen );
data/starlink-ast-9.2.3+dfsg/src/timeframe.c:4715:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( new_setting + 3, setting + 5 );
data/starlink-ast-9.2.3+dfsg/src/timeframe.c:4728:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( new_setting + 3, setting + 5 );
data/starlink-ast-9.2.3+dfsg/src/timeframe.c:5451:62: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
static AstSystemType SystemCode( AstFrame *this, const char *system, int *status ) {
data/starlink-ast-9.2.3+dfsg/src/timeframe.c:5508:29: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if ( astChrMatch( "MJD", system ) || astChrMatch( "Modified Julian Date", system ) ) {
data/starlink-ast-9.2.3+dfsg/src/timeframe.c:5508:78: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if ( astChrMatch( "MJD", system ) || astChrMatch( "Modified Julian Date", system ) ) {
data/starlink-ast-9.2.3+dfsg/src/timeframe.c:5511:35: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
} else if ( astChrMatch( "JD", system ) || astChrMatch( "Julian Date", system ) ) {
data/starlink-ast-9.2.3+dfsg/src/timeframe.c:5511:75: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
} else if ( astChrMatch( "JD", system ) || astChrMatch( "Julian Date", system ) ) {
data/starlink-ast-9.2.3+dfsg/src/timeframe.c:5514:39: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
} else if ( astChrMatch( "BEPOCH", system ) || astChrMatch( "Besselian Epoch", system ) ) {
data/starlink-ast-9.2.3+dfsg/src/timeframe.c:5514:83: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
} else if ( astChrMatch( "BEPOCH", system ) || astChrMatch( "Besselian Epoch", system ) ) {
data/starlink-ast-9.2.3+dfsg/src/timeframe.c:5517:39: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
} else if ( astChrMatch( "JEPOCH", system ) || astChrMatch( "Julian Epoch", system ) ) {
data/starlink-ast-9.2.3+dfsg/src/timeframe.c:5517:80: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
} else if ( astChrMatch( "JEPOCH", system ) || astChrMatch( "Julian Epoch", system ) ) {
data/starlink-ast-9.2.3+dfsg/src/timeframe.c:5526:47: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
static const char *SystemLabel( AstSystemType system, int *status ) {
data/starlink-ast-9.2.3+dfsg/src/timeframe.c:5577:13: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
switch ( system ) {
data/starlink-ast-9.2.3+dfsg/src/timeframe.c:5601:64: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
static const char *SystemString( AstFrame *this, AstSystemType system, int *status ) {
data/starlink-ast-9.2.3+dfsg/src/timeframe.c:5657:13: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
switch ( system ) {
data/starlink-ast-9.2.3+dfsg/src/timeframe.c:6256:58: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
static int ValidateSystem( AstFrame *this, AstSystemType system, const char *method, int *status ) {
data/starlink-ast-9.2.3+dfsg/src/timeframe.c:6314:9: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if ( system < FIRST_SYSTEM || system > LAST_SYSTEM ) {
data/starlink-ast-9.2.3+dfsg/src/timeframe.c:6314:34: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if ( system < FIRST_SYSTEM || system > LAST_SYSTEM ) {
data/starlink-ast-9.2.3+dfsg/src/timeframe.c:6317:47: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
astGetClass( this ), (int) system, astGetClass( this ) );
data/starlink-ast-9.2.3+dfsg/src/timeframe.c:6321:16: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
result = system;
data/starlink-ast-9.2.3+dfsg/src/timeframe.h:192:73: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
AstTimeFrame *astTimeFrameId_( const char *, ... )__attribute__((format(printf,1,2)));
data/starlink-ast-9.2.3+dfsg/src/timemap.h:204:74: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
AstTimeMap *astTimeMapId_( int, const char *, ... )__attribute__((format(printf,2,3)));
data/starlink-ast-9.2.3+dfsg/src/tranmap.h:204:85: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
AstTranMap *astTranMapId_( void *, void *, const char *, ... )__attribute__((format(printf,3,4)));
data/starlink-ast-9.2.3+dfsg/src/unit.c:408:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( tok[ i ], t );
data/starlink-ast-9.2.3+dfsg/src/unit.c:412:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( tok[ i ] + l, t + l - 1 );
data/starlink-ast-9.2.3+dfsg/src/unit.c:415:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( tok[ i ] + l - 1, t + l - 2 );
data/starlink-ast-9.2.3+dfsg/src/unit.c:3347:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( fwdfun + 13, fwdexp );
data/starlink-ast-9.2.3+dfsg/src/unit.c:3348:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( invfun + 12, invexp );
data/starlink-ast-9.2.3+dfsg/src/unitmap.h:216:74: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
AstUnitMap *astUnitMapId_( int, const char *, ... )__attribute__((format(printf,2,3)));
data/starlink-ast-9.2.3+dfsg/src/unitnormmap.h:227:99: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
AstUnitNormMap *astUnitNormMapId_( int, const double [], const char *, ... )__attribute__((format(printf,3,4)));
data/starlink-ast-9.2.3+dfsg/src/wcsmap.c:5320:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf( comment_buff, "%s projection", prjdata->desc );
data/starlink-ast-9.2.3+dfsg/src/wcsmap.h:441:87: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
AstWcsMap *astWcsMapId_( int, int, int, int, const char *, ... )__attribute__((format(printf,5,6)));
data/starlink-ast-9.2.3+dfsg/src/winmap.h:219:140: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
AstWinMap *astWinMapId_( int, const double [], const double [], const double [], const double [], const char *, ... )__attribute__((format(printf,6,7)));
data/starlink-ast-9.2.3+dfsg/src/xml.c:3898:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( name_buffer, colon + 1 );
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:940:31: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
if( raset ) sprintf( raset, "refra=%s", text );
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:945:32: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
if( decset ) sprintf( decset, "refdec=%s", text );
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:1053:27: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
if( text ) sprintf( buff, "restfreq= %.*g %s", AST__DBL_DIG,
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:1440:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( buff, "contains a <%s> which is not being used.",
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:2008:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( buff, "contains unsupported ISO time format \"%s\"",
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:2039:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( buff, "contains inconsistent timescale (%s)",
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:2067:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( buff, "contains inconsistent timescale (%s)",
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:2284:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( buff, "contains a bad <%s> value: \"%s\"", name, value );
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:2361:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( buff, "contains a bad <%s> value: \"%s\"", name, value );
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:2464:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( buff, "contains a bad <%s> value: \"%s\"", name, value );
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:3612:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( buff, "contains the following which is being ignored: \"%s\"",
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:4197:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( buff, "contains more than one %s element. The "
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:5572:22: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( unit2, words[ 0 ] );
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:5574:22: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( unit2 + l1 + 1, words[ 1 ] );
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:6444:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( buff, "contains unusable angle units \"%s\"", paunit );
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:6458:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( buff, "contains unusable reference attribute \"%s\" "
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:7812:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( orgset, "TimeOrigin(%d)=%s", i + 1,
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:7821:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( sysset, "System(%d)=%s", i + 1,
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:8609:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( *unit, punit );
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:8611:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( *unit + pl + 1, tunit );
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:9058:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( buff, "contains the following which is being ignored: \"%s\"",
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:9073:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( buff, "contains %d <%s> %s but at least %d %s needed",
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:9080:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( buff, "contains %d <%s> %s but no more than %d %s "
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:9601:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( buff, "contains unsupported spectral units \"%s\"", unit );
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:10314:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( buff, "has inconsistent units attributes \"%s\" and "
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:10492:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( buff, "contains two or more %s elements with the "
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:10518:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( buff, "contains the following which is being ignored: \"%s\"",
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:10568:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( buff, "refers to an AstroCoordSystem with "
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:11528:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( buff, "contains unsupported timescale %s", tstxt );
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:12209:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( buff, BAD_STRING );
data/starlink-ast-9.2.3+dfsg/src/xmlchan.h:173:70: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
const char *, ... )__attribute__((format(printf,3,4)));
data/starlink-ast-9.2.3+dfsg/src/yamlchan.c:883:25: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
static void GetUCD( int system, const char **lon_ucd, const char **lat_ucd ){
data/starlink-ast-9.2.3+dfsg/src/yamlchan.c:4122:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( vbuf, "B%s", value );
data/starlink-ast-9.2.3+dfsg/src/yamlchan.c:4126:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( vbuf, "J%s", value );
data/starlink-ast-9.2.3+dfsg/src/yamlchan.c:4130:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( vbuf, "JD %s", value );
data/starlink-ast-9.2.3+dfsg/src/yamlchan.c:4134:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( vbuf, "MJD %s", value );
data/starlink-ast-9.2.3+dfsg/src/yamlchan.c:5989:8: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
int system;
data/starlink-ast-9.2.3+dfsg/src/yamlchan.c:6086:18: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
GetUCD( system, &lon_ucd, &lat_ucd );
data/starlink-ast-9.2.3+dfsg/src/yamlchan.c:6090:56: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
status, astSystemString( result, system ) );
data/starlink-ast-9.2.3+dfsg/src/yamlchan.c:6105:54: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
astSystemString( result, system ), axis_physical_types[ 0 ],
data/starlink-ast-9.2.3+dfsg/src/yamlchan.c:9973:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( key, "%s_%d", id, nval++ );
data/starlink-ast-9.2.3+dfsg/src/yamlchan.c:10050:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( key, "%s_%d", id, ival );
data/starlink-ast-9.2.3+dfsg/src/yamlchan.c:10060:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( key, "%s_%d", id, ival );
data/starlink-ast-9.2.3+dfsg/src/yamlchan.c:10076:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( key, "%s_%d", id, ival );
data/starlink-ast-9.2.3+dfsg/src/yamlchan.c:10089:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( key, "%s_%d", id, ival );
data/starlink-ast-9.2.3+dfsg/src/yamlchan.c:11814:8: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
int system;
data/starlink-ast-9.2.3+dfsg/src/zoommap.h:232:82: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
AstZoomMap *astZoomMapId_( int, double, const char *, ... )__attribute__((format(printf,3,4)));
data/starlink-ast-9.2.3+dfsg/src/mapping.c:1954:11: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
double random; /* Pseudo-random number */
data/starlink-ast-9.2.3+dfsg/src/mapping.c:2096:66: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
sample_hi[ coord ] * ( 1.0 - random );\
data/starlink-ast-9.2.3+dfsg/src/object.c:1869:18: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
attrs = getenv( varname );
data/starlink-ast-9.2.3+dfsg/src/pointset.c:1621:16: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
envvar = getenv( "AST_REPLACE_NAN" );
data/starlink-ast-9.2.3+dfsg/src/astbad.c:133:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[ BUFF_LEN + 1 ]; /* Buffer for formatted string */
data/starlink-ast-9.2.3+dfsg/src/astbad.c:144:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "%.*G", digits, val );
data/starlink-ast-9.2.3+dfsg/src/astbad.c:160:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[ BUFF_LEN + 1 ]; /* Buffer for formatted string */
data/starlink-ast-9.2.3+dfsg/src/astbad.c:169:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "%.*G", digits, val );
data/starlink-ast-9.2.3+dfsg/src/axis.c:176:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char getdefaultformat_buff[ AST__AXIS_GETDEFAULTFORMAT_BUFF_LEN + 1 ];
data/starlink-ast-9.2.3+dfsg/src/axis.c:177:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char axisformat_buff[ AST__AXIS_GETDEFAULTFORMAT_BUFF_LEN + 1 ];
data/starlink-ast-9.2.3+dfsg/src/axis.c:178:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char getaxisnormunit_buff[ AST__AXIS_GETAXISNORMUNIT_BUFF_LEN + 1 ];
data/starlink-ast-9.2.3+dfsg/src/axis.c:179:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char getattrib_buff[ AST__AXIS_GETATTRIB_BUFF_LEN + 1 ];
data/starlink-ast-9.2.3+dfsg/src/axis.c:476:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char log_esc[ 50 ]; /* Buffer for graphical delimiter string */
data/starlink-ast-9.2.3+dfsg/src/axis.c:678:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errbuf[ ERRBUF_LEN ]; /* Buffer for system error message */
data/starlink-ast-9.2.3+dfsg/src/axis.c:679:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char log_esc[ 50 ]; /* Buffer for graphical delimiter string */
data/starlink-ast-9.2.3+dfsg/src/axis.c:792:26: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
if( log ) nc += sprintf( axisformat_buff + nc, "%%+" );
data/starlink-ast-9.2.3+dfsg/src/axis.c:1747:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", digits );
data/starlink-ast-9.2.3+dfsg/src/axis.c:1756:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", direction );
data/starlink-ast-9.2.3+dfsg/src/axis.c:1765:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%.*g", AST__DBL_DIG, dval );
data/starlink-ast-9.2.3+dfsg/src/axis.c:1774:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%.*g", AST__DBL_DIG, dval );
data/starlink-ast-9.2.3+dfsg/src/axis.c:1868:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getdefaultformat_buff, "%%1.%dG", astGetAxisDigits( this ) );
data/starlink-ast-9.2.3+dfsg/src/axis.c:2217:23: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if( new ) memcpy( new, result, rlen + 1 );
data/starlink-ast-9.2.3+dfsg/src/axis.c:2221:18: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
b += sprintf( b, ".%d", digs );
data/starlink-ast-9.2.3+dfsg/src/axis.c:2876:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char comment[ 80 ]; /* Buffer for comment string */
data/starlink-ast-9.2.3+dfsg/src/axis.c:2930:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( comment, "Axis units" );
data/starlink-ast-9.2.3+dfsg/src/axis.h:372:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char GetDefaultFormat_Buff[ AST__AXIS_GETDEFAULTFORMAT_BUFF_LEN + 1 ];
data/starlink-ast-9.2.3+dfsg/src/axis.h:373:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char AxisFormat_Buff[ AST__AXIS_AXISFORMAT_BUFF_LEN + 1 ];
data/starlink-ast-9.2.3+dfsg/src/axis.h:374:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char GetAxisNormUnit_Buff[ AST__AXIS_GETAXISNORMUNIT_BUFF_LEN + 1 ];
data/starlink-ast-9.2.3+dfsg/src/axis.h:375:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char GetAttrib_Buff[ AST__AXIS_GETATTRIB_BUFF_LEN + 1 ];
data/starlink-ast-9.2.3+dfsg/src/box.c:937:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( p2, p1, sizeof( double )*nc );
data/starlink-ast-9.2.3+dfsg/src/box.c:1044:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( p1, centre, sizeof( double )*nc );
data/starlink-ast-9.2.3+dfsg/src/box.c:1045:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( p2, centre, sizeof( double )*nc );
data/starlink-ast-9.2.3+dfsg/src/channel.c:250:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char getattrib_buff[ GETATTRIB_BUFF_LEN + 1 ];
data/starlink-ast-9.2.3+dfsg/src/channel.c:966:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", comment );
data/starlink-ast-9.2.3+dfsg/src/channel.c:975:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", full );
data/starlink-ast-9.2.3+dfsg/src/channel.c:984:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", indent );
data/starlink-ast-9.2.3+dfsg/src/channel.c:993:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", report_level );
data/starlink-ast-9.2.3+dfsg/src/channel.c:1002:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", skip );
data/starlink-ast-9.2.3+dfsg/src/channel.c:1021:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", strict );
data/starlink-ast-9.2.3+dfsg/src/channel.c:1284:25: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
if( len > 50 ) strcpy( line + 50, "..." );
data/starlink-ast-9.2.3+dfsg/src/channel.c:1420:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errbuf[ ERRBUF_LEN ]; /* Buffer for system error message */
data/starlink-ast-9.2.3+dfsg/src/channel.c:1451:24: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
this->fd_in = fopen( source_file, "r" );
data/starlink-ast-9.2.3+dfsg/src/channel.c:1683:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[ 20 ];
data/starlink-ast-9.2.3+dfsg/src/channel.c:1698:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( key, "Warning_%d", i + 1 );
data/starlink-ast-9.2.3+dfsg/src/channel.c:2401:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errbuf[ ERRBUF_LEN ]; /* Buffer for system error message */
data/starlink-ast-9.2.3+dfsg/src/channel.c:2425:25: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
this->fd_out = fopen( sink_file, "w" );
data/starlink-ast-9.2.3+dfsg/src/channel.c:4293:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[ BUFF_LEN + 1 ]; /* Local formatting buffer */
data/starlink-ast-9.2.3+dfsg/src/channel.c:4323:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "%.*g", AST__DBL_DIG, value );
data/starlink-ast-9.2.3+dfsg/src/channel.c:4511:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[ BUFF_LEN + 1 ]; /* Local formatting buffer */
data/starlink-ast-9.2.3+dfsg/src/channel.c:4539:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "%d", value );
data/starlink-ast-9.2.3+dfsg/src/channel.c:6506:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[ 201 ];
data/starlink-ast-9.2.3+dfsg/src/channel.h:379:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char GetAttrib_Buff[ AST__CHANNEL_GETATTRIB_BUFF_LEN + 1 ];
data/starlink-ast-9.2.3+dfsg/src/chebymap.c:1557:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[ KEY_LEN + 1 ]; /* Buffer for keyword string */
data/starlink-ast-9.2.3+dfsg/src/chebymap.c:1558:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char comm[ 100 ]; /* Buffer for comment string */
data/starlink-ast-9.2.3+dfsg/src/chebymap.c:1579:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "FSCL%d", i + 1 );
data/starlink-ast-9.2.3+dfsg/src/chebymap.c:1580:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( comm, "Scale factor on input %d", i + 1 );
data/starlink-ast-9.2.3+dfsg/src/chebymap.c:1588:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "FOFF%d", i + 1 );
data/starlink-ast-9.2.3+dfsg/src/chebymap.c:1589:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( comm, "Offset on input %d", i + 1 );
data/starlink-ast-9.2.3+dfsg/src/chebymap.c:1597:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "ISCL%d", i + 1 );
data/starlink-ast-9.2.3+dfsg/src/chebymap.c:1598:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( comm, "Scale factor on output %d", i + 1 );
data/starlink-ast-9.2.3+dfsg/src/chebymap.c:1606:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "IOFF%d", i + 1 );
data/starlink-ast-9.2.3+dfsg/src/chebymap.c:1607:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( comm, "Offset on output %d", i + 1 );
data/starlink-ast-9.2.3+dfsg/src/chebymap.c:2244:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[ KEY_LEN + 1 ]; /* Buffer for keyword string */
data/starlink-ast-9.2.3+dfsg/src/chebymap.c:2311:23: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "fscl%d", i + 1 );
data/starlink-ast-9.2.3+dfsg/src/chebymap.c:2318:23: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "foff%d", i + 1 );
data/starlink-ast-9.2.3+dfsg/src/chebymap.c:2350:23: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "iscl%d", i + 1 );
data/starlink-ast-9.2.3+dfsg/src/chebymap.c:2357:23: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "ioff%d", i + 1 );
data/starlink-ast-9.2.3+dfsg/src/circle.c:1033:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( p1, this->centre, sizeof( double )*(size_t) naxes );
data/starlink-ast-9.2.3+dfsg/src/cmpframe.c:663:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char label_buff[ 101 ];
data/starlink-ast-9.2.3+dfsg/src/cmpframe.c:666:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char symbol_buff[ 51 ];
data/starlink-ast-9.2.3+dfsg/src/cmpframe.c:669:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char getdomain_buff[ 101 ];
data/starlink-ast-9.2.3+dfsg/src/cmpframe.c:672:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char gettitle_buff[ 101 ];
data/starlink-ast-9.2.3+dfsg/src/cmpframe.c:1540:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[80]; /* For for un-indexed attribute name */
data/starlink-ast-9.2.3+dfsg/src/cmpframe.c:1541:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[80]; /* For for indexed attribute name */
data/starlink-ast-9.2.3+dfsg/src/cmpframe.c:2916:16: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( ptr[ iax2 + nax1 ], ptr2[ iax2 ], npoint2*sizeof( double ) );
data/starlink-ast-9.2.3+dfsg/src/cmpframe.c:3229:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[80]; /* For for un-indexed attribute name */
data/starlink-ast-9.2.3+dfsg/src/cmpframe.c:3230:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[80]; /* For for indexed attribute name */
data/starlink-ast-9.2.3+dfsg/src/cmpframe.c:4483:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( gettitle_buff, "%d-d compound coordinate system",
data/starlink-ast-9.2.3+dfsg/src/cmpframe.c:8236:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUF_LEN]; /* For for un-indexed attribute name */
data/starlink-ast-9.2.3+dfsg/src/cmpframe.c:8237:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUF_LEN]; /* For for indexed attribute name */
data/starlink-ast-9.2.3+dfsg/src/cmpframe.c:9539:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[80]; /* For for un-indexed attribute name */
data/starlink-ast-9.2.3+dfsg/src/cmpframe.c:9540:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[80]; /* For for indexed attribute name */
data/starlink-ast-9.2.3+dfsg/src/cmpframe.c:10052:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
( (void) sprintf( label_buff, "Axis %d", axis + 1 ), label_buff ))
data/starlink-ast-9.2.3+dfsg/src/cmpframe.c:10067:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
( (void) sprintf( symbol_buff, "x%d", axis + 1 ), symbol_buff ))
data/starlink-ast-9.2.3+dfsg/src/cmpframe.c:10209:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char comment[ COMMENT_LEN + 1 ]; /* Buffer for comment strings */
data/starlink-ast-9.2.3+dfsg/src/cmpframe.c:10210:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[ KEY_LEN + 1 ]; /* Buffer for keywords */
data/starlink-ast-9.2.3+dfsg/src/cmpframe.c:10252:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( key, "Axp%d", axis + 1 );
data/starlink-ast-9.2.3+dfsg/src/cmpframe.c:10254:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( comment,
data/starlink-ast-9.2.3+dfsg/src/cmpframe.c:10258:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( comment, "Axis %d not permuted", axis + 1 );
data/starlink-ast-9.2.3+dfsg/src/cmpframe.c:10738:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[ KEY_LEN + 1 ]; /* Buffer for keywords */
data/starlink-ast-9.2.3+dfsg/src/cmpframe.c:10812:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( key, "axp%d", axis + 1 );
data/starlink-ast-9.2.3+dfsg/src/cmpframe.h:331:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Label_Buff[ 101 ];
data/starlink-ast-9.2.3+dfsg/src/cmpframe.h:332:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Symbol_Buff[ 51 ];
data/starlink-ast-9.2.3+dfsg/src/cmpframe.h:333:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char GetDomain_Buff[ 101 ];
data/starlink-ast-9.2.3+dfsg/src/cmpframe.h:334:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char GetTitle_Buff[ 101 ];
data/starlink-ast-9.2.3+dfsg/src/dsbspecframe.c:236:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char getattrib_buff[ 101 ];
data/starlink-ast-9.2.3+dfsg/src/dsbspecframe.c:239:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char getlabel_buff[ 101 ];
data/starlink-ast-9.2.3+dfsg/src/dsbspecframe.c:479:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%.*g", AST__DBL_DIG, dtemp );
data/starlink-ast-9.2.3+dfsg/src/dsbspecframe.c:490:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%.*g", AST__DBL_DIG, dval*1.0E-9 );
data/starlink-ast-9.2.3+dfsg/src/dsbspecframe.c:499:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%.*g", AST__DBL_DIG, dval*1.0E-9 );
data/starlink-ast-9.2.3+dfsg/src/dsbspecframe.c:516:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/dsbspecframe.h:137:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char GetAttrib_Buff[ 101 ];
data/starlink-ast-9.2.3+dfsg/src/dsbspecframe.h:138:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char GetLabel_Buff[ 101 ];
data/starlink-ast-9.2.3+dfsg/src/dssmap.c:430:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name_buff[ 10 ]; /* Buffer for keyword name */
data/starlink-ast-9.2.3+dfsg/src/dssmap.c:561:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( name_buff, "PPO%d", i + 1 );
data/starlink-ast-9.2.3+dfsg/src/dssmap.c:578:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( name_buff, "AMDX%d", i + 1 );
data/starlink-ast-9.2.3+dfsg/src/dssmap.c:590:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( name_buff, "AMDY%d", i + 1 );
data/starlink-ast-9.2.3+dfsg/src/dssmap.c:655:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name_buff[ 10 ]; /* Buffer for keyword name */
data/starlink-ast-9.2.3+dfsg/src/dssmap.c:721:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( name_buff, "PPO%d", i + 1 );
data/starlink-ast-9.2.3+dfsg/src/dssmap.c:729:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( name_buff, "AMDX%d", i + 1 );
data/starlink-ast-9.2.3+dfsg/src/dssmap.c:736:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( name_buff, "AMDY%d", i + 1 );
data/starlink-ast-9.2.3+dfsg/src/dssmap.c:1444:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name_buff[ 11 ]; /* Buffer for keyword string */
data/starlink-ast-9.2.3+dfsg/src/dssmap.c:1469:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( name_buff, "PPO%d", i + 1 );
data/starlink-ast-9.2.3+dfsg/src/dssmap.c:1475:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( name_buff, "AMDX%d", i + 1 );
data/starlink-ast-9.2.3+dfsg/src/dssmap.c:1481:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( name_buff, "AMDY%d", i + 1 );
data/starlink-ast-9.2.3+dfsg/src/dssmap.c:1801:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name_buff[ 11 ]; /* Buffer for item name */
data/starlink-ast-9.2.3+dfsg/src/dssmap.c:1900:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( name_buff, "ppo%d", i + 1 );
data/starlink-ast-9.2.3+dfsg/src/dssmap.c:1914:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( name_buff, "amdx%d", i + 1 );
data/starlink-ast-9.2.3+dfsg/src/dssmap.c:1928:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( name_buff, "amdy%d", i + 1 );
data/starlink-ast-9.2.3+dfsg/src/dssmap.h:199:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c1type[8]; /* 1st coordinate type code:
data/starlink-ast-9.2.3+dfsg/src/dssmap.h:201:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c2type[8]; /* 2nd coordinate type code:
data/starlink-ast-9.2.3+dfsg/src/dssmap.h:203:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ptype[8]; /* projection type code:
data/starlink-ast-9.2.3+dfsg/src/dssmap.h:205:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char radecsys[16]; /* Reference frame: FK4, FK4-NO-E, FK5, GAPPT*/
data/starlink-ast-9.2.3+dfsg/src/dssmap.h:206:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sysout[16]; /* Reference frame for output: FK4, FK5 */
data/starlink-ast-9.2.3+dfsg/src/dssmap.h:207:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char center[32]; /* Center coordinates (with frame) */
data/starlink-ast-9.2.3+dfsg/src/dssmap.h:208:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char search_format[120]; /* search command format */
data/starlink-ast-9.2.3+dfsg/src/ellipse.c:2652:36: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *name, AstFrame *frame, int form,
data/starlink-ast-9.2.3+dfsg/src/ellipse.h:169:34: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *, AstFrame *, int, const double[2],
data/starlink-ast-9.2.3+dfsg/src/error.c:252:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *message_stack[ AST__ERROR_MSTACK_SIZE ];
data/starlink-ast-9.2.3+dfsg/src/error.c:377:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[ 120 ]; /* Output line buffer */
data/starlink-ast-9.2.3+dfsg/src/error.c:561:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[ BUFF_LEN + 1 ]; /* Message buffer */
data/starlink-ast-9.2.3+dfsg/src/error.c:581:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
nc = sprintf( buff, "AST: Error" );
data/starlink-ast-9.2.3+dfsg/src/error.c:586:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
nc += sprintf( buff + nc, " at line %d", current_line );
data/starlink-ast-9.2.3+dfsg/src/error.c:692:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[ BUFF_LEN + 1 ]; /* Message buffer */
data/starlink-ast-9.2.3+dfsg/src/error.c:708:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
nc = sprintf( buff, "AST: Error" );
data/starlink-ast-9.2.3+dfsg/src/error.c:713:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
nc += sprintf( buff + nc, " at line %d", current_line );
data/starlink-ast-9.2.3+dfsg/src/error.h:174:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *Message_Stack[ AST__ERROR_MSTACK_SIZE ];
data/starlink-ast-9.2.3+dfsg/src/ffitschan.c:505:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char card[ 81 ];
data/starlink-ast-9.2.3+dfsg/src/fintramap.c:196:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy( IN + i, ptr_in[ coord ],
data/starlink-ast-9.2.3+dfsg/src/fintramap.c:226:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy( ptr_out[ coord ], OUT + i,
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:1463:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[ FITSNAMLEN + 1 ];/* Keyword name (plus terminating null). */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:1546:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *type_names[9] = {"comment", "integer", "floating point",
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:1553:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *xencod[8] = { NATIVE_STRING, FITSPC_STRING,
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:1637:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char getattrib_buff[ AST__FITSCHAN_GETATTRIB_BUFF_LEN + 1 ];
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:1640:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char cnvtype_text[ 2*AST__FITSCHAN_FITSCARDLEN + 3 ];
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:1643:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char cnvtype_text0[ AST__FITSCHAN_FITSCARDLEN + 1 ];
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:1646:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char cnvtype_text1[ AST__FITSCHAN_FITSCARDLEN + 1 ];
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:1675:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char formatkey_buff[ 10 ];
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:1678:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char fitsgetcom_sval[ AST__FITSCHAN_FITSCARDLEN + 1 ];
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:1684:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char match_fmt[ 10 ];
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:1705:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char wcscelestial_type[ 4 ];
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:1854:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *IsSpectral( const char *, char[5], char[5], int * );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:1854:38: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *IsSpectral( const char *, char[5], char[5], int * );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:1882:43: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static int FindFits( AstFitsChan *, const char *, char[ AST__FITSCHAN_FITSCARDLEN + 1 ], int, int * );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:1956:49: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static void CreateKeyword( AstFitsChan *, const char *, char [ FITSNAMLEN + 1 ], int * );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:1975:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static void MakeBanner( const char *, const char *, const char *, char [ AST__FITSCHAN_FITSCARDLEN - FITSNAMLEN + 1 ], int * );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:1975:45: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static void MakeBanner( const char *, const char *, const char *, char [ AST__FITSCHAN_FITSCARDLEN - FITSNAMLEN + 1 ], int * );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:1975:59: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static void MakeBanner( const char *, const char *, const char *, char [ AST__FITSCHAN_FITSCARDLEN - FITSNAMLEN + 1 ], int * );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:1976:51: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static void MakeIndentedComment( int, char, const char *, const char *, char [ AST__FITSCHAN_FITSCARDLEN - FITSNAMLEN + 1], int * );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:1976:65: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static void MakeIndentedComment( int, char, const char *, const char *, char [ AST__FITSCHAN_FITSCARDLEN - FITSNAMLEN + 1], int * );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:1981:29: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static void PreQuote( const char *, char [ AST__FITSCHAN_FITSCARDLEN - FITSNAMLEN - 3 ], int * );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:3001:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char combuf[80]; /* Buffer for FITS card comment */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:3002:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lattype[MXCTYPELEN];/* Latitude axis CTYPE */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:3003:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lontype[MXCTYPELEN];/* Longitude axis CTYPE */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:3005:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sign[2]; /* Fraction's sign character */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:3006:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char spectype[MXCTYPELEN];/* Spectral axis CTYPE */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:3104:23: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
(void) strcpy( lontype + 4, "-GLS" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:3105:23: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
(void) strcpy( lattype + 4, "-GLS" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:3124:23: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
(void) strcpy( lontype + 4, "-NCP" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:3125:23: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
(void) strcpy( lattype + 4, "-NCP" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:3129:23: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
(void) strcpy( lontype + 4, "-NCP" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:3130:23: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
(void) strcpy( lattype + 4, "-NCP" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:3160:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( spectype, "FREQ" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:3162:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( spectype, "VELO" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:3164:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( spectype, "FELO" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:3177:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( spectype+4, "-LSR" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:3179:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( spectype+4, "-LSD" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:3181:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( spectype+4, "-HEL" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:3183:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( spectype+4, "-GEO" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:3352:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( combuf, "Reference pixel on axis %d", j + 1 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:3366:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( combuf, "Value at ref. pixel on axis %d", i + 1 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:3388:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( combuf, "Type of co-ordinate on axis %d", i + 1 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:3410:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( combuf, "Units for axis %d", i + 1 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:3439:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( combuf, "%2.2d/%2.2d/%2.2d", iymdf[ 2 ], iymdf[ 1 ],
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:3444:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( combuf, "%4.4d-%2.2d-%2.2dT%2.2d:%2.2d:%2.2d.%3.3d",
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:3548:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char combuf[80]; /* Buffer for FITS card comment */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:3549:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lattype[MXCTYPELEN];/* Latitude axis CTYPE */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:3550:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lontype[MXCTYPELEN];/* Longitude axis CTYPE */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:3552:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sign[2]; /* Fraction's sign character */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:3553:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char spectype[MXCTYPELEN];/* Spectral axis CTYPE */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:3664:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( spectype, "FREQ" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:3666:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( spectype, "VELO" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:3668:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( spectype, "FELO" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:3681:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( spectype+4, "-LSR" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:3683:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( spectype+4, "-LSD" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:3685:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( spectype+4, "-HEL" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:3687:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( spectype+4, "-GEO" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:3856:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( combuf, "Reference pixel on axis %d", j + 1 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:3870:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( combuf, "Value at ref. pixel on axis %d", i + 1 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:3892:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( combuf, "Type of co-ordinate on axis %d", i + 1 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:3914:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( combuf, "Units for axis %d", i + 1 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:3971:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( combuf, "%2.2d/%2.2d/%2.2d", iymdf[ 2 ], iymdf[ 1 ],
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:3976:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( combuf, "%4.4d-%2.2d-%2.2dT%2.2d:%2.2d:%2.2d.%3.3d",
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:5321:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100]; /* Buffer for warning text */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:5804:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char attbuf[20]; /* Buffer for AST attribute name */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:5805:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char combuf[80]; /* Buffer for FITS card comment */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:5806:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lattype[MXCTYPELEN];/* Latitude axis CTYPE */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:5807:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lontype[MXCTYPELEN];/* Longitude axis CTYPE */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:5809:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sign[2]; /* Fraction's sign character */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:5810:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char spectype[MXCTYPELEN];/* Spectral axis CTYPE */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:5888:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( attbuf, "IsLonAxis(%d)", i + 1 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:5952:26: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
(void) strcpy( lontype + 4, "-GLS" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:5953:26: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
(void) strcpy( lattype + 4, "-GLS" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:5957:26: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
(void) strcpy( lontype + 4, "-ATF" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:5958:26: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
(void) strcpy( lattype + 4, "-ATF" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:5986:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( spectype, "FREQ" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:6143:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( combuf, "Reference pixel on axis %d", j + 1 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:6162:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( combuf, "Value at ref. pixel on axis %d", i + 1 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:6184:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( combuf, "Type of co-ordinate on axis %d", i + 1 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:6215:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( combuf, "%2.2d/%2.2d/%2.2d", iymdf[ 2 ], iymdf[ 1 ],
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:6220:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( combuf, "%4.4d-%2.2d-%2.2dT%2.2d:%2.2d:%2.2d.%3.3d",
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:6407:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char newtype[ 10 ]; /* New CTYPE value */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:6476:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( newtype + 4, "-GLS" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:6486:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( newtype + 4, "-GLS" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:6969:20: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy( buff, odata, osize );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:6972:23: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( cnvtype_text, "%.*g", AST__DBL_DIG, odouble );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:7074:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( cnvtype_text, "%d", oint );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:7077:20: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy( buff, odata, osize );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:7107:20: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy( buff, odata, osize );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:7126:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( cnvtype_text0, "%.*g", AST__DBL_DIG, ( (double *) odata )[ 0 ] );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:7128:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( cnvtype_text1, "%.*g", AST__DBL_DIG, ( (double *) odata )[ 1 ] );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:7137:20: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy( buff, odata, osize );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:7153:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( cnvtype_text, "%d %d", ( (int *) odata )[ 0 ],
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:7164:20: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy( buff, odata, osize );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:7389:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyname[ FITSNAMLEN + 5 ];/* Keyword name */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:7411:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( keyname, "WAT%d_%.3d", iaxis + 1, j );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:7431:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( keyname, "WAT%d_%.3d", iaxis + 1, j );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:7545:53: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static void CreateKeyword( AstFitsChan *this, const char *name,
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:7546:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyword[ FITSNAMLEN + 1 ], int *status ){
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:8082:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char code[ 4 ]; /* Projection code extracted from CTYPE */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:8083:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dist[ 4 ]; /* Distortion code extracted from CTYPE */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:8084:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msgbuf[ 250 ]; /* Buffer for warning message */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:8085:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type[ 5 ]; /* Axis type extracted from CTYPE */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:8760:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pltdecsn[11]; /* First 10 non-blank characters from PLTDECSN keyword */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:8761:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyname[10]; /* Buffer for keyword name */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:8821:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( keyname, "AMDX%d", i + 1 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:8824:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( keyname, "AMDY%d", i + 1 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:9141:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buf, "%*.*E", width, ldigits - 1, value );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:9143:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buf, "%*.*G", width, ldigits, value );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:9394:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
len = sprintf( buf, "%*d", FITSRLCOL - col + 1,
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:9442:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
rlen = sprintf( buf, "%*d", FITSRLCOL - col + 1,
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:9451:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
ilen = sprintf( buf + rlen, "%*d", FITSIMCOL - FITSRLCOL + 1,
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:9958:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char algcode[5];
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:9959:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stype[5];
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:10432:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char attr_name[15];/* Attribute name */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:10459:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( attr_name, "Symbol(%d)", i + 1 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:10496:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( attr_name, "Symbol(%d)", i + 1 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:10951:44: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(*item)[si][i][jm] = (char *) astFree( (void *) (*item)[si][i][jm] );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:10955:37: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(*item)[si][i] = (char **) astFree( (void *) (*item)[si][i] );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:10960:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(*item)[si] = (char ***) astFree( (void *) (*item)[si] );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:11123:30: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
if( len >= 0 && ( nc = sprintf( formatkey_buff + len, "%d", c1 ) ) >= 0 ){
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:11132:33: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
if( len >= 0 && ( nc = sprintf( formatkey_buff + len, "_%d", c2 ) ) >= 0 ){
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:11143:30: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
if( len >= 0 && ( nc = sprintf( formatkey_buff + len, "%c", s ) ) >= 0 ){
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:11231:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[ 20 ]; /* Buffer for axis label */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:11254:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buff, "Pixel axis %d", i + 1 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:13219:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char template[ 20 ];
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:13244:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( template, "PV%d_%%d%c", latax, s );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:13246:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( template, "PV%d_%%d", latax );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:13252:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( template, "PV%d_%%d%c", lonax, s );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:13254:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( template, "PV%d_%%d", lonax );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:13275:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( template, "PV%d_%d%c", latax, m, s );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:13277:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( template, "PV%d_%d", latax, m );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:13305:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( template, "PV%d_%d%c", latax, m, s );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:13307:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( template, "PV%d_%d", latax, m );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:13321:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( template, "PV%d_%d%c", lonax, m, s );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:13323:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( template, "PV%d_%d", lonax, m );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:13344:22: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( template, "PV%d_%d%c", lonax, m, s );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:13346:22: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( template, "PV%d_%d", lonax, m );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:13400:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100]; /* Buffer for condition name */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:13836:47: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static int FindFits( AstFitsChan *this, const char *name,
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:13837:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char card[ AST__FITSCHAN_FITSCARDLEN + 1 ], int inc, int *status ){
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:16187:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:16206:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:16241:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:16250:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:16259:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:16268:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:16277:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:16286:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:16295:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%.*g", AST__DBL_DIG, dval );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:16304:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:16313:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:16322:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:16331:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:16345:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:16354:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:16363:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:17020:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[ BUFF_LEN + 1 ]; /* Buffer for formatting values */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:17207:30: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
cont = ( ((char *) data)[ ChrLen( data, status ) - 1 ] == '&' );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:17231:40: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
cont = ( ( (char *) data)[ ChrLen( data, status ) - 1 ] == '&' );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:17271:23: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "%d", *( (int *) data ) );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:17278:23: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "%.*g", AST__DBL_DIG, *( (double *) data ) );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:17756:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[ 100 ]; /* Buffer large enough to store formatted INT_MAX */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:17932:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf, "%d", INT_MAX );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:18112:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char combuf[80]; /* Buffer for FITS card comment */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:18113:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lattype[MXCTYPELEN];/* Latitude axis CTYPE */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:18114:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lontype[MXCTYPELEN];/* Longitude axis CTYPE */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:18116:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sign[2]; /* Fraction's sign character */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:18182:20: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
(void) strcpy( lontype + 4, "-GLS" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:18183:20: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
(void) strcpy( lattype + 4, "-GLS" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:18202:26: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
(void) strcpy( lontype + 4, "-NCP" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:18203:26: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
(void) strcpy( lattype + 4, "-NCP" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:18207:26: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
(void) strcpy( lontype + 4, "-NCP" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:18208:26: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
(void) strcpy( lattype + 4, "-NCP" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:18249:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( combuf, "Reference pixel on axis %d", i + 1 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:18259:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( combuf, "Value at ref. pixel on axis %d", j + 1 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:18279:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( combuf, "Type of co-ordinate on axis %d", i + 1 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:18306:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( combuf, "Units for axis %d", i + 1 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:18333:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( combuf, "%2.2d/%2.2d/%2.2d", iymdf[ 2 ], iymdf[ 1 ],
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:18338:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( combuf, "%4.4d-%2.2d-%2.2dT%2.2d:%2.2d:%2.2d.%3.3d",
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:18761:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cellname[ 20 ]; /* Buffer for cell name */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:18762:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char colname[ 20 ]; /* Buffer for column name */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:18953:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( colname, "COORDS%d", iwcs + 1 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:18972:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( cellname, "COORDS%d(1)", iwcs + 1 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:18996:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( colname, "INDEX%d", iwcs + 1 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:19003:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( cellname, "INDEX%d(1)", iwcs + 1 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:19051:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( colname, "COORDS%d", iwcs + 1 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:19062:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( cellname, "COORDS%d(1)", iwcs + 1 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:19076:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( colname, "INDEX%d", iwcs + 1 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:19079:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( cellname, "INDEX%d(1)", iwcs + 1 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:19508:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *IsSpectral( const char *ctype, char stype[5], char algcode[5], int *status ) {
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:19508:38: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *IsSpectral( const char *ctype, char stype[5], char algcode[5], int *status ) {
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:19508:51: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *IsSpectral( const char *ctype, char stype[5], char algcode[5], int *status ) {
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:19508:66: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *IsSpectral( const char *ctype, char stype[5], char algcode[5], int *status ) {
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:19790:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *fexps[ 1 ]; /* Forward MathMap expressions */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:19791:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *iexps[ 1 ]; /* Inverse MathMap expressions */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:19892:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char forexp[ 12 + AST__DBL_WIDTH*2 ];
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:19893:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char invexp[ 12 + AST__DBL_WIDTH*2 ];
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:19894:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *fexps[ 1 ];
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:19895:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *iexps[ 1 ];
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:19908:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( forexp, "s=%.*g*exp(w/%.*g)", AST__DBL_DIG, crv, AST__DBL_DIG, crv );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:19909:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( invexp, "w=%.*g*log(s/%.*g)", AST__DBL_DIG, crv, AST__DBL_DIG, crv );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:19985:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static void MakeBanner( const char *prefix, const char *middle,
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:19985:51: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static void MakeBanner( const char *prefix, const char *middle,
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:19986:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *suffix,
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:19987:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char banner[ AST__FITSCHAN_FITSCARDLEN -
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:20192:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( key, "%.*s(1)", (int) astChrLen( col ), col );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:20252:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( key, "%.*s(1)", (int) astChrLen( col ), col );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:20394:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char card[ AST__FITSCHAN_FITSCARDLEN + 1 ]; /* A FITS header card */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:20395:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char equinox_attr[ 13 ];/* Name of Equinox attribute for sky axes */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:20396:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char system_attr[ 12 ]; /* Name of System attribute for sky axes */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:20583:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( card, "CRVAL1 = %.*g", AST__DBL_DIG,
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:20586:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( card, "CRVAL2 = %.*g", AST__DBL_DIG,
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:20589:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( card, "MJD-OBS = %.*g", AST__DBL_DIG,
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:20655:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( system_attr, "System(%d)", ilon + 1 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:20662:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( equinox_attr, "Equinox(%d)", ilon + 1 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:20745:46: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static void MakeIndentedComment( int indent, char token,
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:20746:40: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *comment, const char *data,
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:20746:61: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *comment, const char *data,
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:20747:34: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[ AST__FITSCHAN_FITSCARDLEN -
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:20881:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char card[ AST__FITSCHAN_FITSCARDLEN + 1 ]; /* Character buffer for FITS card data */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:21854:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( match_fmt, "%%%dd", (int) ( a - test ) );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:22760:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[ 100 ];
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:23328:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[80]; /* Text buffer */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:23563:23: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buf, "AXIS%d", iax + 1 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:23579:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf, "Type of co-ordinate on axis %d", iax + 1 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:23678:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char combuf[80]; /* Buffer for FITS card comment */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:23679:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyname[10]; /* Buffer for keyword name string */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:23680:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char primsys[20]; /* Buffer for primnary RADECSYS value */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:23681:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type[MXCTYPELEN];/* Buffer for CTYPE value */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:23683:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sign[2]; /* Fraction's sign character */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:23790:22: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( keyname, "PC%.3d%.3d", i + 1, j + 1 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:23831:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( combuf, "Pixel scale on axis %d", i + 1 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:23833:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( keyname, "CDELT%d", i + 1 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:23835:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( keyname, "C%dELT%d", is, i + 1 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:23848:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( combuf, "Reference pixel on axis %d", j + 1 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:23850:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( keyname, "CRPIX%d", j + 1 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:23852:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( keyname, "C%dPIX%d", is, j + 1 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:23865:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( combuf, "Value at ref. pixel on axis %d", i + 1 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:23867:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( keyname, "CRVAL%d", i + 1 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:23869:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( keyname, "C%dVAL%d", is, i + 1 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:23885:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( combuf, "Type of co-ordinate on axis %d", i + 1 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:23889:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( keyname, "CTYPE%d", i + 1 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:23891:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( keyname, "C%dYPE%d", is, i + 1 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:23911:20: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
(void) strcpy( type + 4, "-GLS" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:23930:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( combuf, "Units for axis %d", i + 1 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:23932:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( keyname, "CUNIT%d", i + 1 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:23934:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( keyname, "C%dNIT%d", is, i + 1 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:24015:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( combuf, "%2.2d/%2.2d/%2.2d", iymdf[ 2 ], iymdf[ 1 ],
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:24020:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( combuf, "%4.4d-%2.2d-%2.2dT%2.2d:%2.2d:%2.2d.%3.3d",
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:24117:29: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static void PreQuote( const char *value,
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:24118:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[ AST__FITSCHAN_FITSCARDLEN - FITSNAMLEN - 3 ], int *status ) {
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:24430:47: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static void PutFits( AstFitsChan *this, const char card[ AST__FITSCHAN_FITSCARDLEN + 1 ],
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:25005:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[ 11 ]; /* FITS keyword template buffer */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:25035:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( buf, "CRVAL%d" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:25037:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf, "CRVAL%%d%c", s );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:25570:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( text, "0.0" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:25827:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyname[10];
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:25858:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( keyname, "CO%d_%d", i + 1, m + 1 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:26742:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(*item)[si] = (char ***) astGrow( (void *) (*item)[si], i + 1,
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:26764:34: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(*item)[si][i] = (char **) astGrow( (void *) (*item)[si][i],
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:26781:38: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(*item)[si][i][jm] = (char *) astStore( (void *) (*item)[si][i][jm],
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:26835:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char card[ AST__FITSCHAN_FITSCARDLEN + 2 ]; /* Buffer for source line */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:26836:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errbuf[ ERRBUF_LEN ]; /* Buffer for system error message */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:26851:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen( source_file, "r" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:27244:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char card[ AST__FITSCHAN_FITSCARDLEN + 1]; /* Buffer for header card */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:27433:44: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int latax, char s, FitsStore *store, double *dim,
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:27553:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[30];
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:27868:22: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( buf + 8, "-SIP" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:27876:22: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( buf + 8, "-SIP" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:28544:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char attr[20]; /* Buffer for AST attribute name */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:28545:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char com[80]; /* Buffer for keyword comment */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:28546:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lattype[MXCTYPELEN];/* Latitude axis CTYPE value */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:28547:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lontype[MXCTYPELEN];/* Longitude axis CTYPE value */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:28689:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( lontype, "OFLN" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:28690:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( lattype, "OFLT" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:28692:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( lontype, "RA--" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:28693:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( lattype, "DEC-" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:28695:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( lontype, "ELON" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:28696:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( lattype, "ELAT" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:28698:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( lontype, "HLON" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:28699:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( lattype, "HLAT" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:28701:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( lontype, "GLON" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:28702:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( lattype, "GLAT" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:28704:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( lontype, "SLON" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:28705:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( lattype, "SLAT" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:28707:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( lontype, "AZ--" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:28708:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( lattype, "EL--" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:28766:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( attr, "Symbol(%d)", axlon + 1 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:28770:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( attr, "Symbol(%d)", axlat + 1 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:28777:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( attr, "SkyRef(%d)", axlon + 1 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:28779:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( attr, "SkyRef(%d)", axlat + 1 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:28782:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( attr, "SkyRefP(%d)", axlon + 1 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:28784:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( attr, "SkyRefP(%d)", axlat + 1 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:29035:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctype[ MXCTYPELEN ]; /* The value for the FITS CTYPE keyword */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:29036:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lin_unit[ 20 ]; /* Linear spectral Units being used */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:29037:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char orig_system[ 40 ]; /* Value of System attribute for current WCS axis */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:29038:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char system_attr[ 10 ]; /* Name of System attribute for current WCS axis */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:29039:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char unit_attr[ 10 ]; /* Name of Unit attribute for current WCS axis */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:29041:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *x_sys[ 4 ]; /* Basic spectral systems */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:29123:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( system_attr, "System(%d)", iax + 1 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:29129:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( unit_attr, "Unit(%d)", iax + 1 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:29250:28: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( ctype + 4, "-F2" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:29252:28: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( ctype + 4, "-W2" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:29254:28: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( ctype + 4, "-A2" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:29256:28: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( ctype + 4, "-V2" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:29338:22: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( ctype + 4, "-LOG" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:29491:19: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( ctype + 4, "-TAB" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:29843:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char format[ 50 ]; /* scanf format string */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:29844:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyname[ FITSNAMLEN + 5 ];/* General keyword name + formats */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:29845:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lattype[MXCTYPELEN]; /* CTYPE value for latitude axis */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:29846:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lontype[MXCTYPELEN]; /* CTYPE value for longitude axis */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:29847:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prj[6]; /* Spatial projection string */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:29849:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char spectype[MXCTYPELEN]; /* CTYPE value for spectral axis */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:29850:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sprj[6]; /* Spectral projection string */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:29852:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char template[ FITSNAMLEN + 1 ];/* General keyword name template */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:29905:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( template, "CTYPE%%d%c", s );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:29907:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( template, "CTYPE%d" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:30022:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( template, "CDELT%%d%c", s );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:30024:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( template, "CDELT%d" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:30057:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( template, "PC%%d_%%d%c", s );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:30059:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( template, "PC%d_%d" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:30075:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( keyname, "CD%.3d%.3d", j + 1, i + 1 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:30097:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( template, "CD%%d_%%d%c", s );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:30099:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( template, "CD%d_%d" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:30150:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( template, "CDELT%%d%c", s );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:30152:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( template, "CDELT%d" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:30177:22: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( keyname, "PC%.3d%.3d", j + 1, i + 1 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:30301:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( keyname, "C%dVAL%d", m, i );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:30306:22: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( keyname, "CRVAL%d%c", i, ss );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:30321:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( keyname, "C%dPIX%d", m, i );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:30326:22: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( keyname, "CRPIX%d%c", i, ss );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:30341:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( keyname, "C%dYPE%d", m, i );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:30346:22: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( keyname, "CTYPE%d%c", i, ss );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:30361:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( keyname, "C%dNIT%d", m, i );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:30366:22: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( keyname, "CUNIT%d%c", i, ss );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:30389:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( keyname, "C%dELT%d", m, j + 1 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:30409:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( keyname, "CDELT%d%c", j + 1, ss );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:30417:22: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( keyname, "PC%.3d%.3d", j + 1, i + 1 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:30496:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( keyname, "DATE-OBS" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:30501:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( keyname, "MJD-OBS" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:30528:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( prj, "-TPN" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:30529:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( lontype + 4, "-TPN" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:30533:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( lattype + 4, "-TPN" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:30554:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( lontype + 4, "-SIN" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:30558:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( lattype + 4, "-SIN" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:30578:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( lontype + 4, "-AIT" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:30582:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( lattype + 4, "-AIT" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:30595:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( lontype + 4, "-SFL" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:30599:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( lattype + 4, "-SFL" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:30611:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( keyname, "CRVAL%d", axlon + 1 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:30616:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( keyname, "CRVAL%d", axlat + 1 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:30644:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( template, "QV%%d_%%d%c", s );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:30646:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( template, "QV%d_%d" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:30652:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( prj, "-TPN" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:30653:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( lontype + 4, "-TPN" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:30657:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( lattype + 4, "-TPN" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:30691:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( prj, "-TPN" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:30692:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( lontype + 4, "-TPN" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:30696:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( lattype + 4, "-TPN" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:30710:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( lontype + 4, "-ZPN-ZPX" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:30714:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( lattype + 4, "-ZPN-ZPX" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:30731:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( format, "projp%d=", iproj );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:30734:22: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( format, "projp%d=%%lf", iproj );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:30753:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( lontype + 4, "-TPN" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:30757:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( lattype + 4, "-TPN" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:30836:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( keyname, "RESTFREQ%c", s );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:30838:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( keyname, "RESTFREQ" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:30859:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( keyname, "RESTFRQ%c", s );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:30861:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( keyname, "RESTFRQ" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:30875:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( template, "CTYPE%%d%c", s );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:30877:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( template, "CTYPE%d" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:30901:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( template, "CUNIT%%d%c", s );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:30903:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( template, "CUNIT%d" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:31040:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[255]; /* Buffer for warning text */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:31504:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char card[ AST__FITSCHAN_FITSCARDLEN + 1 ]; /* Buffer for header card */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:31625:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( card, "CRPIX%d = 0", i + 1 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:31627:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( card, "CDELT%d = 0.0003", i + 1 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:31630:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( card, "CTYPE%d = 'RA---TAN'", i + 1 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:31632:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( card, "CTYPE%d = 'DEC--TAN'", i + 1 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:31634:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( card, "CTYPE%d = 'DUMMY'", i + 1 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:31638:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( card, "CRVAL%d = %.*g", i + 1, AST__DBL_DIG, AST__DR2D*ptr2[ ilon ][ 0 ] );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:31640:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( card, "CRVAL%d = %.*g", i + 1, AST__DBL_DIG, AST__DR2D*ptr2[ ilat ][ 0 ] );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:31642:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( card, "CRVAL%d = 0.0", i + 1 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:32286:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[21];
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:32371:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( name, "PS%d_0%c", iaxis + 1, s );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:32395:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( name, "PS%d_1%c", iaxis + 1, s );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:33396:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[ 200 ]; /* Buffer for warning message */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:33797:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[ AST__FITSCHAN_FITSCARDLEN + 1 ]; /* Buffer for new card text */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:34379:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[300]; /* Text buffer */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:34380:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char latctype[MXCTYPELEN];/* Latitude CTYPE keyword value */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:34381:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char latkey[10]; /* Latitude CTYPE keyword name */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:34382:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lattype[4]; /* Buffer for celestial system */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:34383:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lonctype[MXCTYPELEN];/* Longitude CTYPE keyword value */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:34384:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lonkey[10]; /* Longitude CTYPE keyword name */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:34385:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lontype[4]; /* Buffer for celestial system */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:34459:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf, "Axis type keywords (CTYPE, etc) were not found "
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:34472:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( wcscelestial_type, "EQU" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:34475:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( wcscelestial_type, "AZL" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:34539:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( wcscelestial_type, "EQU" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:34542:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( wcscelestial_type, "AZL" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:35041:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[200]; /* Buffer for warning message */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:35740:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char combuf[80]; /* Buffer for FITS card comment */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:35741:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char parprefix[4]; /* Prefix for projection parameter keywords */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:35743:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sign[2]; /* Fraction's sign character */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:35745:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type[MXCTYPELEN];/* Buffer for CTYPE value */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:35834:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( parprefix, "PV" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:35846:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( combuf, "Reference pixel on axis %d", i + 1 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:35859:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( combuf, "Value at ref. pixel on axis %d", i + 1 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:35878:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( combuf, "Type of co-ordinate on axis %d", i + 1 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:35894:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( parprefix, "QV" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:35896:20: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
(void) strcpy( type + nc - 4, "-TAN" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:35920:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( combuf, "Description of axis %d", i + 1 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:35956:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( combuf, "Pixel size on axis %d", i + 1 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:35985:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( combuf, "Units for axis %d", i + 1 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:35999:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( combuf, "Reference WCS value on axis %d", i + 1 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:36019:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( combuf, "Sky reference position on axis %d", i + 1 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:36032:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( combuf, "Sky primary meridian position on axis %d", i + 1 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:36051:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( combuf, "%2.2d/%2.2d/%2.2d", iymdf[ 2 ], iymdf[ 1 ],
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:36056:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( combuf, "%4.4d-%2.2d-%2.2dT%2.2d:%2.2d:%2.2d.%3.3d",
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:36204:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( parprefix, "A_" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:36208:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( parprefix, "B_" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:36242:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( parprefix, "AP_" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:36246:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( parprefix, "BP_" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:36528:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[2]; /* ID string for returned Frame */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:36529:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char iwc[5]; /* Domain name for IWC Frame */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:36565:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( iwc, "IWC" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:36905:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[150]; /* Message buffer */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:37008:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf, "The original FITS header specified a fiducial "
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:37269:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[150]; /* Buffer for warning message */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:37301:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf, "The original FITS header did not specify the "
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:37391:22: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf, "The original FITS header did not specify "
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:37510:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[ 101 ]; /* Buffer for textual attribute value */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:37511:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[ 100 ]; /* Buffer for textual attribute value */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:37512:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf3[ 20 ]; /* Buffer for default CTYPE value */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:37623:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf3, "AXIS%d", i + 1 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:37633:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf2, "%.*s", len - 4, ckeyval );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:37638:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf2, "%.*s", len, ckeyval );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:37895:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[300]; /* Text buffer */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:37896:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sym[10]; /* Axis symbol */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:38011:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf, "The original FITS header did not specify the "
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:38035:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf, "The original FITS header did not specify the "
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:38081:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( sym + 1, "LON" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:38083:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( sym + 1, "LAT" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:38086:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( sym + 2, "LN" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:38088:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( sym + 2, "LT" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:38259:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char algcode[ 5 ]; /* Displayed spectral type string */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:38260:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stype[ 5 ]; /* Displayed spectral type string */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:39071:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char banner[ AST__FITSCHAN_FITSCARDLEN - FITSNAMLEN + 1 ]; /* Buffer for begin/end banner */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:39290:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[ AST__FITSCHAN_FITSCARDLEN - FITSNAMLEN + 1 ];
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:39292:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyword[ FITSNAMLEN + 1 ]; /* Buffer for FITS keyword */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:39421:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyword[ FITSNAMLEN + 1 ]; /* Buffer for FITS keyword */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:39489:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[ AST__FITSCHAN_FITSCARDLEN - FITSNAMLEN + 1 ];
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:39491:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyword[ FITSNAMLEN + 1 ]; /* Buffer for FITS keyword */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:39679:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyword[ FITSNAMLEN + 1 ]; /* Buffer for FITS keyword */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:39759:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[ AST__FITSCHAN_FITSCARDLEN - FITSNAMLEN + 1 ];
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:39761:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyword[ FITSNAMLEN + 1 ]; /* Buffer for FITS keyword */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:39894:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyword[ FITSNAMLEN + 1 ]; /* Buffer for FITS keyword */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:39978:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char card[ AST__FITSCHAN_FITSCARDLEN + 1]; /* Buffer for header card */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:39979:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errbuf[ ERRBUF_LEN ]; /* Buffer for system error message */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:39994:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen( sink_file, "w" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:40158:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff1[ AST__FITSCHAN_FITSCARDLEN - FITSNAMLEN - 3 ]; /* Buffer for a single substring */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:40159:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff2[ AST__FITSCHAN_FITSCARDLEN - FITSNAMLEN - 3 ]; /* Buffer for pre-quoted string */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:40161:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyword[ FITSNAMLEN + 1 ]; /* Buffer for FITS keyword */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:40274:69: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static AstMapping *ZPXMapping( AstFitsChan *this, FitsStore *store, char s,
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:42251:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[ KEY_LEN + 1 ]; /* Buffer for keyword string */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:42399:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "Nm%d", ncard );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:42406:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "Ty%d", ncard );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:42413:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "Fl%d", ncard );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:42421:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "Dt%d", ncard );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:42425:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "Dt%d", ncard );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:42429:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "Dt%d", ncard );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:42433:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "Dt%d", ncard );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:42437:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "Dr%d", ncard );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:42440:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "Di%d", ncard );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:42444:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "Dr%d", ncard );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:42447:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "Di%d", ncard );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:42455:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "Cm%d", ncard );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:43319:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[ KEY_LEN + 1 ]; /* Buffer for keyword string */
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:43481:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "ty%d", ncard );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:43496:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "nm%d", ncard );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:43503:23: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "dt%d", ncard );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:43507:23: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "dt%d", ncard );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:43511:23: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "dt%d", ncard );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:43515:23: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "dt%d", ncard );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:43519:23: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "dr%d", ncard );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:43521:23: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "di%d", ncard );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:43525:23: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "dr%d", ncard );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:43527:23: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "di%d", ncard );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:43536:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "fl%d", ncard );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:43542:23: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "dl%d", ncard );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:43547:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "cm%d", ncard );
data/starlink-ast-9.2.3+dfsg/src/fitschan.h:233:43: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int (* FindFits)( AstFitsChan *, const char *, char [81], int, int * );
data/starlink-ast-9.2.3+dfsg/src/fitschan.h:380:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char GetAttrib_Buff[ AST__FITSCHAN_GETATTRIB_BUFF_LEN + 1 ];
data/starlink-ast-9.2.3+dfsg/src/fitschan.h:381:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char CnvType_Text[ AST__FITSCHAN_FITSCARDLEN + 1 ];
data/starlink-ast-9.2.3+dfsg/src/fitschan.h:382:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char CnvType_Text0[ AST__FITSCHAN_FITSCARDLEN + 1 ];
data/starlink-ast-9.2.3+dfsg/src/fitschan.h:383:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char CnvType_Text1[ AST__FITSCHAN_FITSCARDLEN + 1 ];
data/starlink-ast-9.2.3+dfsg/src/fitschan.h:390:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char FormatKey_Buff[ 10 ];
data/starlink-ast-9.2.3+dfsg/src/fitschan.h:391:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char FitsGetCom_Sval[ AST__FITSCHAN_FITSCARDLEN + 1 ];
data/starlink-ast-9.2.3+dfsg/src/fitschan.h:393:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Match_Fmt[ 10 ];
data/starlink-ast-9.2.3+dfsg/src/fitschan.h:400:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char WcsCelestial_Type[ 4 ];
data/starlink-ast-9.2.3+dfsg/src/fitschan.h:458:44: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int astFindFits_( AstFitsChan *, const char *, char [81], int, int * );
data/starlink-ast-9.2.3+dfsg/src/fitstable.c:431:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[ AST__MXCOLKEYLEN + 1 ]; /* Current cell key string */
data/starlink-ast-9.2.3+dfsg/src/fitstable.c:805:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( pout, cbuf, nb );
data/starlink-ast-9.2.3+dfsg/src/fitstable.c:930:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[ 50 ];
data/starlink-ast-9.2.3+dfsg/src/fitstable.c:932:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyword[ 20 ];
data/starlink-ast-9.2.3+dfsg/src/fitstable.c:960:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( keyword, "TFORM%d", icol + 1 );
data/starlink-ast-9.2.3+dfsg/src/fitstable.c:1006:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( keyword, "TTYPE%d", icol + 1 );
data/starlink-ast-9.2.3+dfsg/src/fitstable.c:1008:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buff, "FCOLUMN%d", icol + 1 );
data/starlink-ast-9.2.3+dfsg/src/fitstable.c:1014:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( keyword, "TUNIT%d", icol + 1 );
data/starlink-ast-9.2.3+dfsg/src/fitstable.c:1026:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( keyword, "TDIM%d", icol + 1 );
data/starlink-ast-9.2.3+dfsg/src/fitstable.c:1076:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( keyword, "TFORM%d", icol + 1 );
data/starlink-ast-9.2.3+dfsg/src/fitstable.c:1080:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( keyword, "TDIM%d", icol + 1 );
data/starlink-ast-9.2.3+dfsg/src/fitstable.c:1089:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( keyword, "TSCAL%d", icol + 1 );
data/starlink-ast-9.2.3+dfsg/src/fitstable.c:1097:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( keyword, "TSCAL%d", icol + 1 );
data/starlink-ast-9.2.3+dfsg/src/fitstable.c:1108:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( keyword, "TNULL%d", icol + 1 );
data/starlink-ast-9.2.3+dfsg/src/fitstable.c:1230:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[ AST__MXCOLKEYLEN + 1 ]; /* Current cell key string */
data/starlink-ast-9.2.3+dfsg/src/fitstable.c:1401:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( pout, pnull, nb );
data/starlink-ast-9.2.3+dfsg/src/fitstable.c:1694:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rbuf[ 40 ];
data/starlink-ast-9.2.3+dfsg/src/fitstable.c:1705:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
nc = sprintf( rbuf, "%d", irow );
data/starlink-ast-9.2.3+dfsg/src/fitstable.c:1946:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[ AST__MXCOLKEYLEN + 1 ]; /* Current cell key string */
data/starlink-ast-9.2.3+dfsg/src/fitstable.c:2170:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[ 20 ];
data/starlink-ast-9.2.3+dfsg/src/fitstable.c:2172:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyword[ 14 ];
data/starlink-ast-9.2.3+dfsg/src/fitstable.c:2268:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
nc = sprintf( buf, "%d", nel );
data/starlink-ast-9.2.3+dfsg/src/fitstable.c:2272:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf + nc, "%c", code );
data/starlink-ast-9.2.3+dfsg/src/fitstable.c:2273:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( keyword, "TFORM%d", icol );
data/starlink-ast-9.2.3+dfsg/src/fitstable.c:2277:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( keyword, "TTYPE%d", icol );
data/starlink-ast-9.2.3+dfsg/src/fitstable.c:2282:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( keyword, "TUNIT%d", icol );
data/starlink-ast-9.2.3+dfsg/src/fitstable.c:2293:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( keyword, "TNULL%d", icol );
data/starlink-ast-9.2.3+dfsg/src/fitstable.c:2306:24: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
nc = sprintf( dimbuf, "(%d", dims[ 0 ] );
data/starlink-ast-9.2.3+dfsg/src/fitstable.c:2308:24: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
nc = sprintf( dimbuf, "(%d,%d", slen, dims[ 0 ] );
data/starlink-ast-9.2.3+dfsg/src/fitstable.c:2313:25: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
nc += sprintf( dimbuf + nc, ",%d", dims[ idim ] );
data/starlink-ast-9.2.3+dfsg/src/fitstable.c:2319:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( keyword, "TDIM%d", icol );
data/starlink-ast-9.2.3+dfsg/src/fluxframe.c:199:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char getattrib_buff[ AST__FLUXFRAME_GETATTRIB_BUFF_LEN + 1 ];
data/starlink-ast-9.2.3+dfsg/src/fluxframe.c:200:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char getlabel_buff[ AST__FLUXFRAME_GETLABEL_BUFF_LEN + 1 ];
data/starlink-ast-9.2.3+dfsg/src/fluxframe.c:201:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char getsymbol_buff[ AST__FLUXFRAME_GETSYMBOL_BUFF_LEN + 1 ];
data/starlink-ast-9.2.3+dfsg/src/fluxframe.c:202:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char gettitle_buff[ AST__FLUXFRAME_GETTITLE_BUFF_LEN + 1 ];
data/starlink-ast-9.2.3+dfsg/src/fluxframe.c:934:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%.*g", AST__DBL_DIG, dval );
data/starlink-ast-9.2.3+dfsg/src/fluxframe.c:3789:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[ 20 ]; /* Buffer for item name */
data/starlink-ast-9.2.3+dfsg/src/fluxframe.c:3790:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char comm[ 50 ]; /* Buffer for comment */
data/starlink-ast-9.2.3+dfsg/src/fluxframe.c:4163:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[ 20 ]; /* Buffer for item name */
data/starlink-ast-9.2.3+dfsg/src/fluxframe.h:138:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char GetAttrib_Buff[ AST__FLUXFRAME_GETATTRIB_BUFF_LEN + 1 ];
data/starlink-ast-9.2.3+dfsg/src/fluxframe.h:139:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char GetLabel_Buff[ AST__FLUXFRAME_GETLABEL_BUFF_LEN + 1 ];
data/starlink-ast-9.2.3+dfsg/src/fluxframe.h:140:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char GetSymbol_Buff[ AST__FLUXFRAME_GETSYMBOL_BUFF_LEN + 1 ];
data/starlink-ast-9.2.3+dfsg/src/fluxframe.h:141:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char GetTitle_Buff[ AST__FLUXFRAME_GETTITLE_BUFF_LEN + 1 ];
data/starlink-ast-9.2.3+dfsg/src/frame.c:782:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char getattrib_buff[ GETATTRIB_BUFF_LEN + 1 ];
data/starlink-ast-9.2.3+dfsg/src/frame.c:785:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *astformatid_strings[ ASTFORMATID_MAX_STRINGS ];
data/starlink-ast-9.2.3+dfsg/src/frame.c:794:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char label_buff[ LABEL_BUFF_LEN + 1 ];
data/starlink-ast-9.2.3+dfsg/src/frame.c:797:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char symbol_buff[ SYMBOL_BUFF_LEN + 1 ];
data/starlink-ast-9.2.3+dfsg/src/frame.c:800:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char title_buff[ TITLE_BUFF_LEN + 1 ];
data/starlink-ast-9.2.3+dfsg/src/frame.c:803:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char astfmtdecimalyr_buff[ ASTFMTDECIMALYR_BUFF_LEN + 1 ];
data/starlink-ast-9.2.3+dfsg/src/frame.c:2166:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pfrm_attrib[ 100 ]; /* Primary Frame attribute */
data/starlink-ast-9.2.3+dfsg/src/frame.c:2468:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if( axis_attrib ) memcpy( axis_attrib, attrib, len );
data/starlink-ast-9.2.3+dfsg/src/frame.c:2474:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( axis_attrib + len, "(1)" );
data/starlink-ast-9.2.3+dfsg/src/frame.c:4236:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
nc = sprintf( astfmtdecimalyr_buff, "%#.*g", digits, year );
data/starlink-ast-9.2.3+dfsg/src/frame.c:4784:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pfrm_attrib[ 100 ]; /* Primary Frame attribute */
data/starlink-ast-9.2.3+dfsg/src/frame.c:4851:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", digits );
data/starlink-ast-9.2.3+dfsg/src/frame.c:4874:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", digits );
data/starlink-ast-9.2.3+dfsg/src/frame.c:4886:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", direction );
data/starlink-ast-9.2.3+dfsg/src/frame.c:4909:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%.*g", AST__DBL_DIG, dval );
data/starlink-ast-9.2.3+dfsg/src/frame.c:4920:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%.*g", AST__DBL_DIG, dval );
data/starlink-ast-9.2.3+dfsg/src/frame.c:4948:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", match_end );
data/starlink-ast-9.2.3+dfsg/src/frame.c:4957:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", max_axes );
data/starlink-ast-9.2.3+dfsg/src/frame.c:4966:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", min_axes );
data/starlink-ast-9.2.3+dfsg/src/frame.c:4973:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", naxes );
data/starlink-ast-9.2.3+dfsg/src/frame.c:4981:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", permute );
data/starlink-ast-9.2.3+dfsg/src/frame.c:4990:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", preserve_axes );
data/starlink-ast-9.2.3+dfsg/src/frame.c:5116:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%.*g", AST__DBL_DIG, dval );
data/starlink-ast-9.2.3+dfsg/src/frame.c:5125:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%.*g", AST__DBL_DIG, dval );
data/starlink-ast-9.2.3+dfsg/src/frame.c:5134:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%.*g", AST__DBL_DIG, dval );
data/starlink-ast-9.2.3+dfsg/src/frame.c:5247:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if( axis_attrib ) memcpy( axis_attrib, attrib, len );
data/starlink-ast-9.2.3+dfsg/src/frame.c:5253:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( axis_attrib + len, "(1)" );
data/starlink-ast-9.2.3+dfsg/src/frame.c:5386:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( label_buff, "Axis %d", axis + 1 );
data/starlink-ast-9.2.3+dfsg/src/frame.c:5439:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( symbol_buff, "%.*s%d",
data/starlink-ast-9.2.3+dfsg/src/frame.c:5440:38: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
SYMBOL_BUFF_LEN - sprintf( symbol_buff, "%d", axis + 1 ),
data/starlink-ast-9.2.3+dfsg/src/frame.c:5492:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( title_buff, "%d-d coordinate system", astGetNaxes( this ) );
data/starlink-ast-9.2.3+dfsg/src/frame.c:8534:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmonth[ 4 ]; /* Buffer for name of month */
data/starlink-ast-9.2.3+dfsg/src/frame.c:8535:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sep1[ 2 ]; /* Year/month separator string */
data/starlink-ast-9.2.3+dfsg/src/frame.c:8536:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sep2[ 2 ]; /* Month/day separator string */
data/starlink-ast-9.2.3+dfsg/src/frame.c:8537:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sep3[ 2 ]; /* Hour/minute separator string */
data/starlink-ast-9.2.3+dfsg/src/frame.c:8538:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sep4[ 2 ]; /* Minute/second separator string */
data/starlink-ast-9.2.3+dfsg/src/frame.c:8802:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lcmonth[ 4 ]; /* Lower case copy of month string */
data/starlink-ast-9.2.3+dfsg/src/frame.c:9642:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pfrm_attrib[ 100 ]; /* Primary Frame attribute */
data/starlink-ast-9.2.3+dfsg/src/frame.c:10075:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( pfrm_attrib, "%.*s(%d)", axis_nc, setting, paxis + 1 );
data/starlink-ast-9.2.3+dfsg/src/frame.c:10141:26: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if( axis_setting ) memcpy( axis_setting, setting, len );
data/starlink-ast-9.2.3+dfsg/src/frame.c:10147:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( axis_setting + ( equals - setting ), "(1)" );
data/starlink-ast-9.2.3+dfsg/src/frame.c:10959:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pfrm_attrib[ 100 ]; /* Primary Frame attribute */
data/starlink-ast-9.2.3+dfsg/src/frame.c:11263:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if( axis_attrib ) memcpy( axis_attrib, attrib, len );
data/starlink-ast-9.2.3+dfsg/src/frame.c:11269:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( axis_attrib + len, "(1)" );
data/starlink-ast-9.2.3+dfsg/src/frame.c:13795:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char comment[ COMMENT_LEN + 1 ]; /* Buffer for comment strings */
data/starlink-ast-9.2.3+dfsg/src/frame.c:13796:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[ KEY_LEN + 1 ]; /* Buffer for keywords */
data/starlink-ast-9.2.3+dfsg/src/frame.c:13922:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( key, "Lbl%d", axis + 1 );
data/starlink-ast-9.2.3+dfsg/src/frame.c:13923:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( comment, "Label for axis %d", axis + 1 );
data/starlink-ast-9.2.3+dfsg/src/frame.c:13933:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( key, "Sym%d", axis + 1 );
data/starlink-ast-9.2.3+dfsg/src/frame.c:13934:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( comment, "Symbol for axis %d", axis + 1 );
data/starlink-ast-9.2.3+dfsg/src/frame.c:14012:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( comment, "Units for axis %d", axis + 1 );
data/starlink-ast-9.2.3+dfsg/src/frame.c:14017:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( key, "Uni%d", axis + 1 );
data/starlink-ast-9.2.3+dfsg/src/frame.c:14039:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( key, "Dig%d", axis + 1 );
data/starlink-ast-9.2.3+dfsg/src/frame.c:14040:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( comment, "Individual precision for axis %d",
data/starlink-ast-9.2.3+dfsg/src/frame.c:14066:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( key, "Fmt%d", axis + 1 );
data/starlink-ast-9.2.3+dfsg/src/frame.c:14067:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( comment, "Format specifier for axis %d", axis + 1 );
data/starlink-ast-9.2.3+dfsg/src/frame.c:14079:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( key, "Dir%d", axis + 1 );
data/starlink-ast-9.2.3+dfsg/src/frame.c:14095:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( key, "Bot%d", axis + 1 );
data/starlink-ast-9.2.3+dfsg/src/frame.c:14107:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( key, "Top%d", axis + 1 );
data/starlink-ast-9.2.3+dfsg/src/frame.c:14198:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( key, "Prm%d", axis + 1 );
data/starlink-ast-9.2.3+dfsg/src/frame.c:14200:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( comment,
data/starlink-ast-9.2.3+dfsg/src/frame.c:14204:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( comment, "Axis %d not permuted", axis + 1 );
data/starlink-ast-9.2.3+dfsg/src/frame.c:14226:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( key, "Ax%d", axis + 1 );
data/starlink-ast-9.2.3+dfsg/src/frame.c:14227:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( comment, "Axis number %d", axis + 1 );
data/starlink-ast-9.2.3+dfsg/src/frame.c:14592:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[ KEY_LEN + 1 ]; /* Buffer for keywords */
data/starlink-ast-9.2.3+dfsg/src/frame.c:14675:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( key, "ax%d", axis + 1 );
data/starlink-ast-9.2.3+dfsg/src/frame.c:14687:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( key, "lbl%d", axis + 1 );
data/starlink-ast-9.2.3+dfsg/src/frame.c:14696:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( key, "sym%d", axis + 1 );
data/starlink-ast-9.2.3+dfsg/src/frame.c:14705:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( key, "fmt%d", axis + 1 );
data/starlink-ast-9.2.3+dfsg/src/frame.c:14714:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( key, "uni%d", axis + 1 );
data/starlink-ast-9.2.3+dfsg/src/frame.c:14723:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( key, "dir%d", axis + 1 );
data/starlink-ast-9.2.3+dfsg/src/frame.c:14731:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( key, "top%d", axis + 1 );
data/starlink-ast-9.2.3+dfsg/src/frame.c:14739:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( key, "bot%d", axis + 1 );
data/starlink-ast-9.2.3+dfsg/src/frame.c:14747:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( key, "dig%d", axis + 1 );
data/starlink-ast-9.2.3+dfsg/src/frame.c:14757:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( key, "prm%d", axis + 1 );
data/starlink-ast-9.2.3+dfsg/src/frame.h:846:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char GetAttrib_Buff[ AST__FRAME_GETATTRIB_BUFF_LEN + 1 ];
data/starlink-ast-9.2.3+dfsg/src/frame.h:847:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *AstFormatID_Strings[ AST__FRAME_ASTFORMATID_MAX_STRINGS ];
data/starlink-ast-9.2.3+dfsg/src/frame.h:850:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Label_Buff[ AST__FRAME_LABEL_BUFF_LEN + 1 ];
data/starlink-ast-9.2.3+dfsg/src/frame.h:851:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Symbol_Buff[ AST__FRAME_SYMBOL_BUFF_LEN + 1 ];
data/starlink-ast-9.2.3+dfsg/src/frame.h:852:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Title_Buff[ AST__FRAME_TITLE_BUFF_LEN + 1 ];
data/starlink-ast-9.2.3+dfsg/src/frame.h:853:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char AstFmtDecimalYr_Buff[ AST__FRAME_ASTFMTDECIMALYR_BUFF_LEN + 1 ];
data/starlink-ast-9.2.3+dfsg/src/frameset.c:845:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char getattrib_buff[ AST__FRAMESET_GETATTRIB_BUFF_LEN + 1 ];
data/starlink-ast-9.2.3+dfsg/src/frameset.c:859:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char getallvariants_buff[ AST__FRAMESET_GETALLVARIANTS_BUFF_LEN + 1 ];
data/starlink-ast-9.2.3+dfsg/src/frameset.c:4815:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", base );
data/starlink-ast-9.2.3+dfsg/src/frameset.c:4829:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", current );
data/starlink-ast-9.2.3+dfsg/src/frameset.c:4848:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", invert );
data/starlink-ast-9.2.3+dfsg/src/frameset.c:4857:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", nframe );
data/starlink-ast-9.2.3+dfsg/src/frameset.c:4866:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", nin );
data/starlink-ast-9.2.3+dfsg/src/frameset.c:4875:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", nobject );
data/starlink-ast-9.2.3+dfsg/src/frameset.c:4884:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", nout );
data/starlink-ast-9.2.3+dfsg/src/frameset.c:4893:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ref_count );
data/starlink-ast-9.2.3+dfsg/src/frameset.c:4902:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", report );
data/starlink-ast-9.2.3+dfsg/src/frameset.c:4911:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", tranforward );
data/starlink-ast-9.2.3+dfsg/src/frameset.c:4920:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", traninverse );
data/starlink-ast-9.2.3+dfsg/src/frameset.c:12415:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char comment[ COMMENT_LEN + 1 ]; /* Buffer for comment string */
data/starlink-ast-9.2.3+dfsg/src/frameset.c:12416:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[ KEY_LEN + 1 ]; /* Buffer for keyword string */
data/starlink-ast-9.2.3+dfsg/src/frameset.c:12491:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( key, "Nod%d", ifr );
data/starlink-ast-9.2.3+dfsg/src/frameset.c:12492:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( comment,
data/starlink-ast-9.2.3+dfsg/src/frameset.c:12509:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( key, "VFr%d", ifr );
data/starlink-ast-9.2.3+dfsg/src/frameset.c:12510:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( comment,
data/starlink-ast-9.2.3+dfsg/src/frameset.c:12525:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( key, "Lnk%d", inode + 1 );
data/starlink-ast-9.2.3+dfsg/src/frameset.c:12526:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( comment,
data/starlink-ast-9.2.3+dfsg/src/frameset.c:12540:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( key, "Inv%d", inode + 1 );
data/starlink-ast-9.2.3+dfsg/src/frameset.c:12550:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( key, "Frm%d", ifr );
data/starlink-ast-9.2.3+dfsg/src/frameset.c:12551:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( comment, "Frame number %d", ifr );
data/starlink-ast-9.2.3+dfsg/src/frameset.c:12560:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( key, "Map%d", inode + 1 );
data/starlink-ast-9.2.3+dfsg/src/frameset.c:12561:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( comment, "Mapping between nodes %d and %d",
data/starlink-ast-9.2.3+dfsg/src/frameset.c:12983:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[ KEY_LEN + 1 ]; /* Buffer for keyword string */
data/starlink-ast-9.2.3+dfsg/src/frameset.c:13078:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( key, "frm%d", ifr );
data/starlink-ast-9.2.3+dfsg/src/frameset.c:13083:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( key, "nod%d", ifr );
data/starlink-ast-9.2.3+dfsg/src/frameset.c:13088:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( key, "vfr%d", ifr );
data/starlink-ast-9.2.3+dfsg/src/frameset.c:13097:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( key, "lnk%d", inode + 1 );
data/starlink-ast-9.2.3+dfsg/src/frameset.c:13102:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( key, "inv%d", inode + 1 );
data/starlink-ast-9.2.3+dfsg/src/frameset.c:13107:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( key, "map%d", inode + 1 );
data/starlink-ast-9.2.3+dfsg/src/frameset.h:540:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char GetAttrib_Buff[ AST__FRAMESET_GETATTRIB_BUFF_LEN + 1 ];
data/starlink-ast-9.2.3+dfsg/src/frameset.h:541:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char GetAllVariants_Buff[ AST__FRAMESET_GETALLVARIANTS_BUFF_LEN + 1 ];
data/starlink-ast-9.2.3+dfsg/src/grf3d.c:80:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int astG3DText( const char *text, float ref[3], const char *just,
data/starlink-ast-9.2.3+dfsg/src/grf3d.c:80:55: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int astG3DText( const char *text, float ref[3], const char *just,
data/starlink-ast-9.2.3+dfsg/src/grf3d.c:86:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int astG3DTxExt( const char *text, float ref[3], const char *just,
data/starlink-ast-9.2.3+dfsg/src/grf3d.c:86:56: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int astG3DTxExt( const char *text, float ref[3], const char *just,
data/starlink-ast-9.2.3+dfsg/src/grf3d.h:65:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int astG3DText( const char *, float[3], const char *, float[3], float[3] );
data/starlink-ast-9.2.3+dfsg/src/grf3d.h:65:47: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int astG3DText( const char *, float[3], const char *, float[3], float[3] );
data/starlink-ast-9.2.3+dfsg/src/grf3d.h:66:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int astG3DTxExt( const char *, float[3], const char *, float[3], float[3], float *, float *, float *, float[3] );
data/starlink-ast-9.2.3+dfsg/src/grf3d.h:66:48: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int astG3DTxExt( const char *, float[3], const char *, float[3], float[3], float *, float *, float *, float[3] );
data/starlink-ast-9.2.3+dfsg/src/grf3d_pgplot.c:109:46: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static int Text( int *, int, float[3], const char *, float[3], float[3], float[3] );
data/starlink-ast-9.2.3+dfsg/src/grf3d_pgplot.c:111:47: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static int TxExt( int *, int, float[3], const char *, float[3], float[3], float[3], float *, float *, float *, float[3] );
data/starlink-ast-9.2.3+dfsg/src/grf3d_pgplot.c:112:61: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static int getTextAxes( float[3], float[3], float[3], const char *, float[3], float[3], float[3], char[3] );
data/starlink-ast-9.2.3+dfsg/src/grf3d_pgplot.c:639:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char just[3];
data/starlink-ast-9.2.3+dfsg/src/grf3d_pgplot.c:783:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int astG3DText( const char *text, float ref[3], const char *just, float up[3],
data/starlink-ast-9.2.3+dfsg/src/grf3d_pgplot.c:783:55: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int astG3DText( const char *text, float ref[3], const char *just, float up[3],
data/starlink-ast-9.2.3+dfsg/src/grf3d_pgplot.c:844:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char newjust[3];
data/starlink-ast-9.2.3+dfsg/src/grf3d_pgplot.c:863:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int astG3DTxExt( const char *text, float ref[3], const char *just,
data/starlink-ast-9.2.3+dfsg/src/grf3d_pgplot.c:863:56: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int astG3DTxExt( const char *text, float ref[3], const char *just,
data/starlink-ast-9.2.3+dfsg/src/grf3d_pgplot.c:942:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char newjust[3];
data/starlink-ast-9.2.3+dfsg/src/grf3d_pgplot.c:1070:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( cam->target_vector, target, 3*sizeof( float ) );
data/starlink-ast-9.2.3+dfsg/src/grf3d_pgplot.c:1071:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( cam->eye_vector, eye, 3*sizeof( float ) );
data/starlink-ast-9.2.3+dfsg/src/grf3d_pgplot.c:1103:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( cam->up_vector, v, 3*sizeof( float ) );
data/starlink-ast-9.2.3+dfsg/src/grf3d_pgplot.c:1169:20: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if( target ) memcpy( target, cam->target_vector, 3*sizeof( float ) );
data/starlink-ast-9.2.3+dfsg/src/grf3d_pgplot.c:1170:16: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if( eye) memcpy( eye, cam->eye_vector, 3*sizeof( float ) );
data/starlink-ast-9.2.3+dfsg/src/grf3d_pgplot.c:1171:16: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if( up ) memcpy( up, cam->up_vector, 3*sizeof( float ) );
data/starlink-ast-9.2.3+dfsg/src/grf3d_pgplot.c:1461:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( cam->w2c_matrix, newmat, sizeof(float)*9 );
data/starlink-ast-9.2.3+dfsg/src/grf3d_pgplot.c:1468:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( cam->up_vector, newmat + 3, 3*sizeof( float ) );
data/starlink-ast-9.2.3+dfsg/src/grf3d_pgplot.c:2109:60: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static int Text( int *list, int nlist, float ref[3], const char *just,
data/starlink-ast-9.2.3+dfsg/src/grf3d_pgplot.c:2301:61: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static int TxExt( int *list, int nlist, float ref[3], const char *just,
data/starlink-ast-9.2.3+dfsg/src/grf3d_pgplot.c:2570:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *just, float tx[3], float ty[3],
data/starlink-ast-9.2.3+dfsg/src/grf3d_pgplot.c:2571:38: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
float tz[3], char newjust[3] ){
data/starlink-ast-9.2.3+dfsg/src/grf3d_pgplot.c:2640:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( newjust, "CC" );
data/starlink-ast-9.2.3+dfsg/src/grf_pgplot.c:570:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lj[ 2 ];
data/starlink-ast-9.2.3+dfsg/src/grf_pgplot.c:808:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lj[ 2 ];
data/starlink-ast-9.2.3+dfsg/src/grismmap.c:342:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char getattrib_buff[ 101 ];
data/starlink-ast-9.2.3+dfsg/src/grismmap.c:851:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%.*g", AST__DBL_DIG, dval );
data/starlink-ast-9.2.3+dfsg/src/grismmap.c:858:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%.*g", AST__DBL_DIG, dval );
data/starlink-ast-9.2.3+dfsg/src/grismmap.c:865:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%.*g", AST__DBL_DIG, dval );
data/starlink-ast-9.2.3+dfsg/src/grismmap.c:872:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%.*g", AST__DBL_DIG, dval );
data/starlink-ast-9.2.3+dfsg/src/grismmap.c:879:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%.*g", AST__DBL_DIG, dval );
data/starlink-ast-9.2.3+dfsg/src/grismmap.c:886:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%.*g", AST__DBL_DIG, dval );
data/starlink-ast-9.2.3+dfsg/src/grismmap.c:893:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%.*g", AST__DBL_DIG, dval );
data/starlink-ast-9.2.3+dfsg/src/grismmap.c:900:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%.*g", AST__DBL_DIG, dval );
data/starlink-ast-9.2.3+dfsg/src/grismmap.h:172:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char GetAttrib_Buff[ 101 ];
data/starlink-ast-9.2.3+dfsg/src/keymap.c:416:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char getattrib_buff[ AST__KEYMAP_GETATTRIB_BUFF_LEN + 1 ];
data/starlink-ast-9.2.3+dfsg/src/keymap.c:419:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *convertvalue_strings[ AST__KEYMAP_CONVERTVALUE_MAX_STRINGS ];
data/starlink-ast-9.2.3+dfsg/src/keymap.c:428:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char convertvalue_buff[ AST__KEYMAP_CONVERTVALUE_BUFF_LEN + 1 ];
data/starlink-ast-9.2.3+dfsg/src/keymap.c:431:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *mapkey_strings[ AST__KEYMAP_MAPKEY_MAX_STRINGS ];
data/starlink-ast-9.2.3+dfsg/src/keymap.c:1739:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( convertvalue_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/keymap.c:1784:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( convertvalue_buff, "%d", (int) sval );
data/starlink-ast-9.2.3+dfsg/src/keymap.c:1829:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( convertvalue_buff, "%d", (int) bval );
data/starlink-ast-9.2.3+dfsg/src/keymap.c:1877:18: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
n1 = sprintf( convertvalue_buff, "%.*g", DBL_DIG - 2, dval );
data/starlink-ast-9.2.3+dfsg/src/keymap.c:1878:18: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
n2 = sprintf( convertvalue_buff, "%.*g", DBL_DIG, dval );
data/starlink-ast-9.2.3+dfsg/src/keymap.c:1880:23: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( convertvalue_buff, "%.*g", DBL_DIG - 2, dval );
data/starlink-ast-9.2.3+dfsg/src/keymap.c:1929:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( convertvalue_buff, "%.*g", FLT_DIG, fval );
data/starlink-ast-9.2.3+dfsg/src/keymap.c:2581:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[20]; /* Buffer for item names */
data/starlink-ast-9.2.3+dfsg/src/keymap.c:2591:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "Key%d", nentry );
data/starlink-ast-9.2.3+dfsg/src/keymap.c:2596:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "Com%d", nentry );
data/starlink-ast-9.2.3+dfsg/src/keymap.c:2638:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "Typ%d", nentry );
data/starlink-ast-9.2.3+dfsg/src/keymap.c:2643:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "Nel%d", nentry );
data/starlink-ast-9.2.3+dfsg/src/keymap.c:2650:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "Val%d", nentry );
data/starlink-ast-9.2.3+dfsg/src/keymap.c:2655:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "V%d_%d", nentry, index + 1 );
data/starlink-ast-9.2.3+dfsg/src/keymap.c:2664:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "Val%d", nentry );
data/starlink-ast-9.2.3+dfsg/src/keymap.c:2669:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "V%d_%d", nentry, index + 1 );
data/starlink-ast-9.2.3+dfsg/src/keymap.c:2678:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "Val%d", nentry );
data/starlink-ast-9.2.3+dfsg/src/keymap.c:2683:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "V%d_%d", nentry, index + 1 );
data/starlink-ast-9.2.3+dfsg/src/keymap.c:2693:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "Val%d", nentry );
data/starlink-ast-9.2.3+dfsg/src/keymap.c:2700:23: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "V%d_%d", nentry, index + 1 );
data/starlink-ast-9.2.3+dfsg/src/keymap.c:2710:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "Val%d", nentry );
data/starlink-ast-9.2.3+dfsg/src/keymap.c:2715:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "V%d_%d", nentry, index + 1 );
data/starlink-ast-9.2.3+dfsg/src/keymap.c:2724:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "Val%d", nentry );
data/starlink-ast-9.2.3+dfsg/src/keymap.c:2729:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "V%d_%d", nentry, index + 1 );
data/starlink-ast-9.2.3+dfsg/src/keymap.c:2739:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "Val%d", nentry );
data/starlink-ast-9.2.3+dfsg/src/keymap.c:2746:23: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "V%d_%d", nentry, index + 1 );
data/starlink-ast-9.2.3+dfsg/src/keymap.c:3058:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/keymap.c:3067:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/keymap.c:3076:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/keymap.c:3085:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/keymap.c:4142:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keybuf[ AST__MXKEYLEN + 1 ]; /* Buffer for upper cas key */
data/starlink-ast-9.2.3+dfsg/src/keymap.c:4476:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keybuf[ AST__MXKEYLEN + 1 ]; /* Buffer for upper cas key */ \
data/starlink-ast-9.2.3+dfsg/src/keymap.c:4699:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keybuf[ AST__MXKEYLEN + 1 ]; /* Buffer for upper cas key */ \
data/starlink-ast-9.2.3+dfsg/src/keymap.c:4805:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
MAKE_MAPPUT1(C,const char *const,AST__STRINGTYPE,astStore(NULL,value[i],strlen(value[i])+1))
data/starlink-ast-9.2.3+dfsg/src/keymap.c:4859:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keybuf[ AST__MXKEYLEN + 1 ]; /* Buffer for upper cas key */ \
data/starlink-ast-9.2.3+dfsg/src/keymap.c:5003:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keybuf[ AST__MXKEYLEN + 1 ]; /* Buffer for upper cas key */
data/starlink-ast-9.2.3+dfsg/src/keymap.c:5212:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keybuf[ AST__MXKEYLEN + 1 ]; /* Buffer for upper cas key */ \
data/starlink-ast-9.2.3+dfsg/src/keymap.c:5382:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keybuf[ AST__MXKEYLEN + 1 ]; /* Buffer for upper cas key */ \
data/starlink-ast-9.2.3+dfsg/src/keymap.c:5653:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keybuf[ AST__MXKEYLEN + 1 ]; /* Buffer for upper cas key */ \
data/starlink-ast-9.2.3+dfsg/src/keymap.c:5854:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keybuf[ AST__MXKEYLEN + 1 ]; /* Buffer for upper cas key */ \
data/starlink-ast-9.2.3+dfsg/src/keymap.c:6054:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keybuf[ AST__MXKEYLEN + 1 ]; /* Buffer for upper cas key */ \
data/starlink-ast-9.2.3+dfsg/src/keymap.c:6526:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keybuf[ AST__MXKEYLEN + 1 ]; /* Buffer for upper cas key */ \
data/starlink-ast-9.2.3+dfsg/src/keymap.c:6723:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keybuf[ AST__MXKEYLEN + 1 ]; /* Buffer for upper cas key */
data/starlink-ast-9.2.3+dfsg/src/keymap.c:6915:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keybuf[ AST__MXKEYLEN + 1 ]; /* Buffer for upper cas key */
data/starlink-ast-9.2.3+dfsg/src/keymap.c:7122:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keybuf[ AST__MXKEYLEN + 1 ]; /* Buffer for upper cas key */
data/starlink-ast-9.2.3+dfsg/src/keymap.c:7233:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keybuf[ AST__MXKEYLEN + 1 ]; /* Buffer for upper cas key */
data/starlink-ast-9.2.3+dfsg/src/keymap.c:7310:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keybuf[ AST__MXKEYLEN + 1 ]; /* Buffer for upper cas key */
data/starlink-ast-9.2.3+dfsg/src/keymap.c:7382:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char oldkeybuf[ AST__MXKEYLEN + 1 ]; /* Buffer for upper cas key */
data/starlink-ast-9.2.3+dfsg/src/keymap.c:7384:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char newkeybuf[ AST__MXKEYLEN + 1 ]; /* Buffer for upper cas key */
data/starlink-ast-9.2.3+dfsg/src/keymap.c:7589:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keybuf[ AST__MXKEYLEN + 1 ]; /* Buffer for upper cas key */
data/starlink-ast-9.2.3+dfsg/src/keymap.c:7789:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keybuf[ AST__MXKEYLEN + 1 ]; /* Buffer for upper cas key */
data/starlink-ast-9.2.3+dfsg/src/keymap.c:7955:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keybuf[ AST__MXKEYLEN + 1 ]; /* Buffer for upper cas key */ \
data/starlink-ast-9.2.3+dfsg/src/keymap.c:8259:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keybuf[ AST__MXKEYLEN + 1 ]; /* Buffer for upper cas key */
data/starlink-ast-9.2.3+dfsg/src/keymap.c:10616:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[ 30 ]; /* Buffer for key names */
data/starlink-ast-9.2.3+dfsg/src/keymap.c:10728:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "key%d", nentry );
data/starlink-ast-9.2.3+dfsg/src/keymap.c:10735:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "com%d", nentry );
data/starlink-ast-9.2.3+dfsg/src/keymap.c:10739:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "typ%d", nentry );
data/starlink-ast-9.2.3+dfsg/src/keymap.c:10749:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "nel%d", nentry );
data/starlink-ast-9.2.3+dfsg/src/keymap.c:10755:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "mem%d", nentry );
data/starlink-ast-9.2.3+dfsg/src/keymap.c:10764:23: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "val%d", nentry );
data/starlink-ast-9.2.3+dfsg/src/keymap.c:10776:26: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "v%d_%d", nentry, index + 1 );
data/starlink-ast-9.2.3+dfsg/src/keymap.c:10790:23: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "val%d", nentry );
data/starlink-ast-9.2.3+dfsg/src/keymap.c:10796:26: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "v%d_%d", nentry, index + 1 );
data/starlink-ast-9.2.3+dfsg/src/keymap.c:10806:23: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "val%d", nentry );
data/starlink-ast-9.2.3+dfsg/src/keymap.c:10812:26: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "v%d_%d", nentry, index + 1 );
data/starlink-ast-9.2.3+dfsg/src/keymap.c:10822:23: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "val%d", nentry );
data/starlink-ast-9.2.3+dfsg/src/keymap.c:10828:26: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "v%d_%d", nentry, index + 1 );
data/starlink-ast-9.2.3+dfsg/src/keymap.c:10838:23: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "val%d", nentry );
data/starlink-ast-9.2.3+dfsg/src/keymap.c:10844:26: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "v%d_%d", nentry, index + 1 );
data/starlink-ast-9.2.3+dfsg/src/keymap.c:10854:23: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "val%d", nentry );
data/starlink-ast-9.2.3+dfsg/src/keymap.c:10861:26: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "v%d_%d", nentry, index + 1 );
data/starlink-ast-9.2.3+dfsg/src/keymap.c:10874:23: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "val%d", nentry );
data/starlink-ast-9.2.3+dfsg/src/keymap.c:10881:26: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "v%d_%d", nentry, index + 1 );
data/starlink-ast-9.2.3+dfsg/src/keymap.h:259:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char GetAttrib_Buff[ AST__KEYMAP_GETATTRIB_BUFF_LEN + 1 ];
data/starlink-ast-9.2.3+dfsg/src/keymap.h:260:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *ConvertValue_Strings[ AST__KEYMAP_CONVERTVALUE_MAX_STRINGS ];
data/starlink-ast-9.2.3+dfsg/src/keymap.h:263:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ConvertValue_Buff[ AST__KEYMAP_CONVERTVALUE_BUFF_LEN + 1 ];
data/starlink-ast-9.2.3+dfsg/src/keymap.h:264:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *MapKey_Strings[ AST__KEYMAP_MAPKEY_MAX_STRINGS ];
data/starlink-ast-9.2.3+dfsg/src/lutmap.c:198:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char getattrib_buff[ 101 ];
data/starlink-ast-9.2.3+dfsg/src/lutmap.c:488:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", lutinterp );
data/starlink-ast-9.2.3+dfsg/src/lutmap.c:497:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%.*g", AST__DBL_DIG, luteps );
data/starlink-ast-9.2.3+dfsg/src/lutmap.c:1972:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[ KEY_LEN + 1 ]; /* Buffer for keyword string */
data/starlink-ast-9.2.3+dfsg/src/lutmap.c:2014:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "L%d", ilut + 1 );
data/starlink-ast-9.2.3+dfsg/src/lutmap.c:2513:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[ KEY_LEN + 1 ]; /* Buffer for keyword string */
data/starlink-ast-9.2.3+dfsg/src/lutmap.c:2581:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "l%d", ilut + 1 );
data/starlink-ast-9.2.3+dfsg/src/lutmap.h:206:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char GetAttrib_Buff[ 101 ];
data/starlink-ast-9.2.3+dfsg/src/mapping.c:565:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char getattrib_buff[ GETATTRIB_BUFF_LEN + 1 ];
data/starlink-ast-9.2.3+dfsg/src/mapping.c:1501:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", invert );
data/starlink-ast-9.2.3+dfsg/src/mapping.c:1510:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", islinear );
data/starlink-ast-9.2.3+dfsg/src/mapping.c:1519:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", issimple );
data/starlink-ast-9.2.3+dfsg/src/mapping.c:1528:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", nin );
data/starlink-ast-9.2.3+dfsg/src/mapping.c:1537:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", nout );
data/starlink-ast-9.2.3+dfsg/src/mapping.c:1546:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", report );
data/starlink-ast-9.2.3+dfsg/src/mapping.c:1555:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", tran_forward );
data/starlink-ast-9.2.3+dfsg/src/mapping.c:1564:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", tran_inverse );
data/starlink-ast-9.2.3+dfsg/src/mapping.h:576:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char GetAttrib_Buff[ AST__MAPPING_GETATTRIB_BUFF_LEN + 1 ];
data/starlink-ast-9.2.3+dfsg/src/mathmap.c:555:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char getattrib_buff[ 51 ];
data/starlink-ast-9.2.3+dfsg/src/mathmap.c:3615:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/mathmap.c:3624:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/mathmap.c:3633:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/mathmap.c:5974:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char comment[ COMMENT_LEN + 1 ]; /* Buffer for comment strings */
data/starlink-ast-9.2.3+dfsg/src/mathmap.c:5975:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[ KEY_LEN + 1 ]; /* Buffer for keyword strings */
data/starlink-ast-9.2.3+dfsg/src/mathmap.c:6025:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( key, "Fwd%d", ifun + 1 );
data/starlink-ast-9.2.3+dfsg/src/mathmap.c:6026:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( comment, "Forward function %d", ifun + 1 );
data/starlink-ast-9.2.3+dfsg/src/mathmap.c:6043:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( key, "Inv%d", ifun + 1 );
data/starlink-ast-9.2.3+dfsg/src/mathmap.c:6044:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( comment, "Inverse function %d", ifun + 1 );
data/starlink-ast-9.2.3+dfsg/src/mathmap.c:7279:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[ KEY_LEN + 1 ]; /* Buffer for keyword strings */
data/starlink-ast-9.2.3+dfsg/src/mathmap.c:7357:23: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( key, "fwd%d", ifun + 1 );
data/starlink-ast-9.2.3+dfsg/src/mathmap.c:7365:23: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( key, "inv%d", ifun + 1 );
data/starlink-ast-9.2.3+dfsg/src/mathmap.h:273:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char GetAttrib_Buff[ 51 ];
data/starlink-ast-9.2.3+dfsg/src/matrixmap.c:251:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *Form[3] = { "Full", "Diagonal", "Unit" }; /* Text values
data/starlink-ast-9.2.3+dfsg/src/matrixmap.c:3342:22: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if( astOK ) memcpy( scales2, scales,
data/starlink-ast-9.2.3+dfsg/src/matrixmap.c:3659:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy( (void *) new_matrix, (const void *) this_matrix,
data/starlink-ast-9.2.3+dfsg/src/matrixmap.c:5225:23: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy( ptr_out[ out_coord ],
data/starlink-ast-9.2.3+dfsg/src/matrixmap.c:5264:23: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy( ptr_out[ out_coord ], (const void *) outdata,
data/starlink-ast-9.2.3+dfsg/src/matrixmap.c:5564:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[ KEY_LEN + 1 ]; /* Buffer for keyword string */
data/starlink-ast-9.2.3+dfsg/src/matrixmap.c:5600:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "M%d", el );
data/starlink-ast-9.2.3+dfsg/src/matrixmap.c:5611:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "IM%d", el );
data/starlink-ast-9.2.3+dfsg/src/matrixmap.c:6149:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[ KEY_LEN + 1 ]; /* Buffer for keyword string */
data/starlink-ast-9.2.3+dfsg/src/matrixmap.c:6231:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "m%d", el );
data/starlink-ast-9.2.3+dfsg/src/matrixmap.c:6247:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "im%d", el );
data/starlink-ast-9.2.3+dfsg/src/memory.c:708:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1000]; /* A large buffer for the expanded "str2" */
data/starlink-ast-9.2.3+dfsg/src/memory.c:2879:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errbuf[ ERRBUF_LEN ]; /* Buffer for system error message */
data/starlink-ast-9.2.3+dfsg/src/memory.c:3048:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stemp[10];
data/starlink-ast-9.2.3+dfsg/src/memory.c:3383:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( stemp, ".*($%d).*", dollar );
data/starlink-ast-9.2.3+dfsg/src/memory.c:3666:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errbuf[ ERRBUF_LEN ]; /* Buffer for system error message */
data/starlink-ast-9.2.3+dfsg/src/memory.c:3714:22: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( result, ptr, mem->size );
data/starlink-ast-9.2.3+dfsg/src/memory.c:3716:22: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( result, ptr, size );
data/starlink-ast-9.2.3+dfsg/src/memory.c:4096:20: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy( new, data, size );
data/starlink-ast-9.2.3+dfsg/src/memory.c:4179:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy( result, chars, (size_t) nchars );
data/starlink-ast-9.2.3+dfsg/src/memory.c:4293:20: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy( out_str, in_str, (size_t) len );
data/starlink-ast-9.2.3+dfsg/src/memory.c:5575:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fd = fopen( "memory.dump", "w" );
data/starlink-ast-9.2.3+dfsg/src/memory.h:168:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file[50];/* The source file that made the top-level call to AST */
data/starlink-ast-9.2.3+dfsg/src/moc.c:371:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char getattrib_buff[ 51 ];
data/starlink-ast-9.2.3+dfsg/src/moc.c:3902:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/moc.c:3916:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%.*g", AST__DBL_DIG, dval );
data/starlink-ast-9.2.3+dfsg/src/moc.c:3925:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/moc.c:3935:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%.*g", AST__DBL_DIG, dval );
data/starlink-ast-9.2.3+dfsg/src/moc.c:3944:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%.*g", AST__DBL_DIG, dval );
data/starlink-ast-9.2.3+dfsg/src/moc.c:3953:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/moc.c:3962:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/moc.c:4423:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( data, this->inorm, nbyte );
data/starlink-ast-9.2.3+dfsg/src/moc.c:4425:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( data, this->knorm, nbyte );
data/starlink-ast-9.2.3+dfsg/src/moc.c:4817:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( buf, pc + 1, pwrite - buf ); \
data/starlink-ast-9.2.3+dfsg/src/moc.c:4847:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char token[ 30 ];
data/starlink-ast-9.2.3+dfsg/src/moc.c:4909:18: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
nc = sprintf( token, ",%zu", npix );
data/starlink-ast-9.2.3+dfsg/src/moc.c:4920:21: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
nc = sprintf( token, "-%zu", npix_prev );
data/starlink-ast-9.2.3+dfsg/src/moc.c:4933:21: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
nc = sprintf( token, "-%zu", npix_prev );
data/starlink-ast-9.2.3+dfsg/src/moc.c:4938:18: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
nc = sprintf( token, ",%zu", npix );
data/starlink-ast-9.2.3+dfsg/src/moc.c:4952:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
nc = sprintf( token, "-%zu", npix );
data/starlink-ast-9.2.3+dfsg/src/moc.c:7550:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fd = fopen( "path.asc", "w" );
data/starlink-ast-9.2.3+dfsg/src/moc.c:8724:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( data2->string, buf, nc );
data/starlink-ast-9.2.3+dfsg/src/moc.c:9943:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[50]; /* Name for output item */
data/starlink-ast-9.2.3+dfsg/src/moc.c:10006:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( name, "I%d", irange );
data/starlink-ast-9.2.3+dfsg/src/moc.c:10010:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( name, "J%d", irange );
data/starlink-ast-9.2.3+dfsg/src/moc.c:10017:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( name, "K%d", irange );
data/starlink-ast-9.2.3+dfsg/src/moc.c:10021:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( name, "L%d", irange );
data/starlink-ast-9.2.3+dfsg/src/moc.c:10461:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[50]; /* Buffer for item name */
data/starlink-ast-9.2.3+dfsg/src/moc.c:10539:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "i%d", irange );
data/starlink-ast-9.2.3+dfsg/src/moc.c:10541:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "j%d", irange );
data/starlink-ast-9.2.3+dfsg/src/moc.c:10545:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "k%d", irange );
data/starlink-ast-9.2.3+dfsg/src/moc.c:10547:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "l%d", irange );
data/starlink-ast-9.2.3+dfsg/src/moc.c:10763:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen( "corners.asc", "w" );
data/starlink-ast-9.2.3+dfsg/src/moc.c:10791:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen( "cells.asc", "w" );
data/starlink-ast-9.2.3+dfsg/src/moc.c:10854:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen( fname, "w" );
data/starlink-ast-9.2.3+dfsg/src/moc.h:183:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char GetAttrib_Buff[ 51 ];
data/starlink-ast-9.2.3+dfsg/src/mocchan.c:130:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *xencod[8] = { JSON_STRING, STRING_STRING };
data/starlink-ast-9.2.3+dfsg/src/mocchan.c:169:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char getattrib_buff[ 51 ];
data/starlink-ast-9.2.3+dfsg/src/mocchan.c:450:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/mocchan.h:130:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char GetAttrib_Buff[ AST__MOCCHAN_GETATTRIB_BUFF_LEN + 1 ];
data/starlink-ast-9.2.3+dfsg/src/object.c:315:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char hrdel[ MAXLEN_TUNEC ] = "%-%^50+%s70+h%+";
data/starlink-ast-9.2.3+dfsg/src/object.c:316:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char mndel[ MAXLEN_TUNEC ] = "%-%^50+%s70+m%+";
data/starlink-ast-9.2.3+dfsg/src/object.c:317:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char scdel[ MAXLEN_TUNEC ] = "%-%^50+%s70+s%+";
data/starlink-ast-9.2.3+dfsg/src/object.c:318:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char dgdel[ MAXLEN_TUNEC ] = "%-%^53+%s60+o%+";
data/starlink-ast-9.2.3+dfsg/src/object.c:319:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char amdel[ MAXLEN_TUNEC ] = "%-%^20+%s85+'%+";
data/starlink-ast-9.2.3+dfsg/src/object.c:320:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char asdel[ MAXLEN_TUNEC ] = "%-%^20+%s85+\"%+";
data/starlink-ast-9.2.3+dfsg/src/object.c:321:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char exdel[ MAXLEN_TUNEC ] = "10%-%^50+%s70+";
data/starlink-ast-9.2.3+dfsg/src/object.c:423:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char getattrib_buff[ AST__GETATTRIB_BUFF_LEN + 1 ] = "";
data/starlink-ast-9.2.3+dfsg/src/object.c:426:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *astgetc_strings[ AST__ASTGETC_MAX_STRINGS ];
data/starlink-ast-9.2.3+dfsg/src/object.c:566:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/starlink-ast-9.2.3+dfsg/src/object.c:568:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"annulled (refcnt: %d -> %d)", rc, rc-1 );
data/starlink-ast-9.2.3+dfsg/src/object.c:1300:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/starlink-ast-9.2.3+dfsg/src/object.c:1302:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"cloned (refcnt: %d -> %d)", rc, rc+1 );
data/starlink-ast-9.2.3+dfsg/src/object.c:1403:14: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy( (void *) new, (const void *) this, this->size );
data/starlink-ast-9.2.3+dfsg/src/object.c:1843:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char varname[ 100 ];
data/starlink-ast-9.2.3+dfsg/src/object.c:2149:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", usedefs );
data/starlink-ast-9.2.3+dfsg/src/object.c:2158:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", nobject );
data/starlink-ast-9.2.3+dfsg/src/object.c:2167:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%zu", objsize );
data/starlink-ast-9.2.3+dfsg/src/object.c:2176:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ref_count );
data/starlink-ast-9.2.3+dfsg/src/object.c:3845:14: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy( setting, attrib, (size_t) len ); \
data/starlink-ast-9.2.3+dfsg/src/object.c:3911:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy( setting, attrib, (size_t) len );
data/starlink-ast-9.2.3+dfsg/src/object.c:3916:17: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
(void) strcat( setting, "=%*s" );
data/starlink-ast-9.2.3+dfsg/src/object.c:4675:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errbuf[ ERRBUF_LEN ]; /* Buffer for system error message */
data/starlink-ast-9.2.3+dfsg/src/object.c:4676:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char setting_buf[ MIN_BUFF_LEN ]; /* Expanded "%s" settting string */
data/starlink-ast-9.2.3+dfsg/src/object.c:6748:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[200];
data/starlink-ast-9.2.3+dfsg/src/object.c:7880:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[80];
data/starlink-ast-9.2.3+dfsg/src/object.c:8349:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[80];
data/starlink-ast-9.2.3+dfsg/src/object.c:8757:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[200];
data/starlink-ast-9.2.3+dfsg/src/object.c:8811:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char list[80], buf[200];
data/starlink-ast-9.2.3+dfsg/src/object.c:8849:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[200];
data/starlink-ast-9.2.3+dfsg/src/object.c:8912:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[200], hbuf[200];
data/starlink-ast-9.2.3+dfsg/src/object.c:8941:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf, "(index:%d <invalid>) [cur. thread: %d]", ihandle,
data/starlink-ast-9.2.3+dfsg/src/object.c:8952:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf, "(index:%d <invalid>)", ihandle );
data/starlink-ast-9.2.3+dfsg/src/object.c:8964:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( list, "free_handles" );
data/starlink-ast-9.2.3+dfsg/src/object.c:8968:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( list, "unowned_handles" );
data/starlink-ast-9.2.3+dfsg/src/object.c:8975:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( list, "active_handles[%d]", i );
data/starlink-ast-9.2.3+dfsg/src/object.c:8979:24: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
if( *list == 0 ) sprintf( list, "unknown handles list with head %d",
data/starlink-ast-9.2.3+dfsg/src/object.h:672:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100]; \
data/starlink-ast-9.2.3+dfsg/src/object.h:692:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf, "checked (refcnt: %d)", astGetRefCount_( (AstObject *) this, status ) ); \
data/starlink-ast-9.2.3+dfsg/src/object.h:1629:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char GetAttrib_Buff[ AST__GETATTRIB_BUFF_LEN + 1 ];
data/starlink-ast-9.2.3+dfsg/src/object.h:1630:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *AstGetC_Strings[ AST__ASTGETC_MAX_STRINGS ];
data/starlink-ast-9.2.3+dfsg/src/pcdmap.c:169:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char getattrib_buff[ 101 ];
data/starlink-ast-9.2.3+dfsg/src/pcdmap.c:1099:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%.*g", AST__DBL_DIG, dval );
data/starlink-ast-9.2.3+dfsg/src/pcdmap.c:1110:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%.*g", AST__DBL_DIG, dval );
data/starlink-ast-9.2.3+dfsg/src/pcdmap.c:1119:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%.*g", AST__DBL_DIG, dval );
data/starlink-ast-9.2.3+dfsg/src/pcdmap.c:2947:55: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
AstPcdMapVtab *vtab, const char *name,
data/starlink-ast-9.2.3+dfsg/src/pcdmap.h:233:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char GetAttrib_Buff[ 101 ];
data/starlink-ast-9.2.3+dfsg/src/pcdmap.h:260:34: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *, double, const double [2], int * );
data/starlink-ast-9.2.3+dfsg/src/permmap.c:1973:20: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy( ptr_out[ coord ], ptr_in[ p ],
data/starlink-ast-9.2.3+dfsg/src/permmap.c:2197:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char comment[ COMMENT_LEN + 1 ]; /* Buffer for comment strings */
data/starlink-ast-9.2.3+dfsg/src/permmap.c:2198:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[ KEY_LEN + 1 ]; /* Buffer for keyword strings */
data/starlink-ast-9.2.3+dfsg/src/permmap.c:2263:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( key, "Out%d", coord + 1 );
data/starlink-ast-9.2.3+dfsg/src/permmap.c:2271:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( comment, "Output coordinate %d is \"bad\"",
data/starlink-ast-9.2.3+dfsg/src/permmap.c:2278:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( comment,
data/starlink-ast-9.2.3+dfsg/src/permmap.c:2286:23: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( comment,
data/starlink-ast-9.2.3+dfsg/src/permmap.c:2290:23: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( comment, "Output coordinate %d is \"bad\"",
data/starlink-ast-9.2.3+dfsg/src/permmap.c:2318:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( key, "In%d", coord + 1 );
data/starlink-ast-9.2.3+dfsg/src/permmap.c:2326:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( comment, "Input coordinate %d is \"bad\"",
data/starlink-ast-9.2.3+dfsg/src/permmap.c:2333:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( comment,
data/starlink-ast-9.2.3+dfsg/src/permmap.c:2341:23: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( comment,
data/starlink-ast-9.2.3+dfsg/src/permmap.c:2345:23: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( comment, "Input coordinate %d is \"bad\"",
data/starlink-ast-9.2.3+dfsg/src/permmap.c:2370:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( key, "Con%d", iconst + 1 );
data/starlink-ast-9.2.3+dfsg/src/permmap.c:2371:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( comment, "Constant number %d", iconst + 1 );
data/starlink-ast-9.2.3+dfsg/src/permmap.c:2993:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[ KEY_LEN + 1 ]; /* Buffer for keyword strings */
data/starlink-ast-9.2.3+dfsg/src/permmap.c:3096:23: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( key, "in%d", coord + 1 );
data/starlink-ast-9.2.3+dfsg/src/permmap.c:3121:23: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( key, "out%d", coord + 1 );
data/starlink-ast-9.2.3+dfsg/src/permmap.c:3153:23: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( key, "con%d", iconst + 1 );
data/starlink-ast-9.2.3+dfsg/src/plot.c:1708:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *xedge[4] = { "left", "top", "right", "bottom" };
data/starlink-ast-9.2.3+dfsg/src/plot.c:1711:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *xlbling[2] = { "exterior", "interior" };
data/starlink-ast-9.2.3+dfsg/src/plot.c:1714:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *xtgaptype[2] = { "box", "plot" };
data/starlink-ast-9.2.3+dfsg/src/plot.c:1978:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char splitvalue_buff[ 200 ];
data/starlink-ast-9.2.3+dfsg/src/plot.c:1979:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char stripescapes_buff[ AST__PLOT_STRIPESCAPES_BUFF_LEN + 1 ];
data/starlink-ast-9.2.3+dfsg/src/plot.c:1980:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char getattrib_buff[ 200 ];
data/starlink-ast-9.2.3+dfsg/src/plot.c:6140:39: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
if( list[ i ] ) list[ i ] = (char *) astFree( (void *) list[ i ] );
data/starlink-ast-9.2.3+dfsg/src/plot.c:6273:42: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
if( list[ i ] ) list[ i ] = (char *) astFree( (void *) list[ i ] );
data/starlink-ast-9.2.3+dfsg/src/plot.c:6525:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char label[21]; /* Graphics item label */
data/starlink-ast-9.2.3+dfsg/src/plot.c:10960:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *just[ 2 ]; /* Justification string */
data/starlink-ast-9.2.3+dfsg/src/plot.c:11221:46: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(labellist + naxlab)->just = (char *) astStore( NULL, (void *) just[ axis ], strlen(just[ axis ]) + 1 );
data/starlink-ast-9.2.3+dfsg/src/plot.c:12803:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *fields[ MAXFLD ];
data/starlink-ast-9.2.3+dfsg/src/plot.c:13176:21: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
d += sprintf( d, "%%v170+" );
data/starlink-ast-9.2.3+dfsg/src/plot.c:13232:18: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
d += sprintf( d, "%%v100+" );
data/starlink-ast-9.2.3+dfsg/src/plot.c:13236:18: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
d += sprintf( d, "%%<%d+", (int) ( 60.0*( (float) nlong - rsp )) );
data/starlink-ast-9.2.3+dfsg/src/plot.c:13607:22: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( xp1, xp2, np*sizeof(float) );
data/starlink-ast-9.2.3+dfsg/src/plot.c:13608:22: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( yp1, yp2, np*sizeof(float) );
data/starlink-ast-9.2.3+dfsg/src/plot.c:15554:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char label[21]; /* Graphics item label */
data/starlink-ast-9.2.3+dfsg/src/plot.c:15591:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%.*g", AST__DBL_DIG, dval );
data/starlink-ast-9.2.3+dfsg/src/plot.c:15600:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/plot.c:15609:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/plot.c:15618:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/plot.c:15627:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/plot.c:15636:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/plot.c:15645:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/plot.c:15654:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/plot.c:15663:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/plot.c:15672:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/plot.c:15681:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/plot.c:15692:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%.*g", AST__DBL_DIG, dval );
data/starlink-ast-9.2.3+dfsg/src/plot.c:15703:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%.*g", AST__DBL_DIG, dval );
data/starlink-ast-9.2.3+dfsg/src/plot.c:15712:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%.*g", AST__DBL_DIG, dval );
data/starlink-ast-9.2.3+dfsg/src/plot.c:15723:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%.*g", AST__DBL_DIG, dval );
data/starlink-ast-9.2.3+dfsg/src/plot.c:15732:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%.*g", AST__DBL_DIG, dval );
data/starlink-ast-9.2.3+dfsg/src/plot.c:15743:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%.*g", AST__DBL_DIG, dval );
data/starlink-ast-9.2.3+dfsg/src/plot.c:15752:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%.*g", AST__DBL_DIG, dval );
data/starlink-ast-9.2.3+dfsg/src/plot.c:15763:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%.*g", AST__DBL_DIG, dval );
data/starlink-ast-9.2.3+dfsg/src/plot.c:15772:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%.*g", AST__DBL_DIG, dval );
data/starlink-ast-9.2.3+dfsg/src/plot.c:15783:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%.*g", AST__DBL_DIG, dval );
data/starlink-ast-9.2.3+dfsg/src/plot.c:15792:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/plot.c:15803:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/plot.c:15812:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/plot.c:15823:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/plot.c:15832:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/plot.c:15843:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/plot.c:15852:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/plot.c:15863:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/plot.c:15872:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/plot.c:15883:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/plot.c:15892:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/plot.c:15903:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/plot.c:15912:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/plot.c:15923:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/plot.c:15932:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/plot.c:15943:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/plot.c:15952:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/plot.c:15963:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/plot.c:15972:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/plot.c:15983:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/plot.c:15992:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/plot.c:16003:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/plot.c:16012:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/plot.c:16023:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/plot.c:16032:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/plot.c:16043:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/plot.c:16052:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/plot.c:16063:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/plot.c:16072:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%.*g", AST__DBL_DIG, dval );
data/starlink-ast-9.2.3+dfsg/src/plot.c:16084:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%.*g", AST__DBL_DIG, dval );
data/starlink-ast-9.2.3+dfsg/src/plot.c:16093:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%.*g", AST__DBL_DIG, dval );
data/starlink-ast-9.2.3+dfsg/src/plot.c:16104:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%.*g", AST__DBL_DIG, dval );
data/starlink-ast-9.2.3+dfsg/src/plot.c:16113:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%.*g", AST__DBL_DIG, dval );
data/starlink-ast-9.2.3+dfsg/src/plot.c:16122:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%.*g", AST__DBL_DIG, dval );
data/starlink-ast-9.2.3+dfsg/src/plot.c:16133:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%.*g", AST__DBL_DIG, dval );
data/starlink-ast-9.2.3+dfsg/src/plot.c:16142:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%.*g", AST__DBL_DIG, dval );
data/starlink-ast-9.2.3+dfsg/src/plot.c:16153:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%.*g", AST__DBL_DIG, dval );
data/starlink-ast-9.2.3+dfsg/src/plot.c:20932:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char just_buf[3]; /* Buffer to hold a justification string */
data/starlink-ast-9.2.3+dfsg/src/plot.c:24945:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char label[21]; /* Graphics item label */
data/starlink-ast-9.2.3+dfsg/src/plot.c:25739:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( b, a, sizeof( char )*nc );
data/starlink-ast-9.2.3+dfsg/src/plot.c:25918:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char label[21]; /* Graphics item label */
data/starlink-ast-9.2.3+dfsg/src/plot.c:26394:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ljust[3]; /* Upper case copy of "just" */
data/starlink-ast-9.2.3+dfsg/src/plot.c:26675:31: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if( new_text ) memcpy( new_text, text, tlen );
data/starlink-ast-9.2.3+dfsg/src/plot.c:26679:16: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( (void *) text, " (", 2 );
data/starlink-ast-9.2.3+dfsg/src/plot.c:26682:16: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( (char *) text, units, ulen );
data/starlink-ast-9.2.3+dfsg/src/plot.c:26685:16: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( (char *) text, ")", 1 );
data/starlink-ast-9.2.3+dfsg/src/plot.c:26688:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
( (char *) text )[0] = 0;
data/starlink-ast-9.2.3+dfsg/src/plot.c:27367:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *fields[ MAXFLD ]; /* Pointers to starts of fields in a label */
data/starlink-ast-9.2.3+dfsg/src/plot.c:27539:55: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
if( oldlabels[ i ] ) oldlabels[ i ] = (char *) astFree( (void *) oldlabels[ i ] );
data/starlink-ast-9.2.3+dfsg/src/plot.c:27560:52: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
if( oldlabels[ i ] ) oldlabels[ i ] = (char *) astFree( (void *) oldlabels[ i ] );
data/starlink-ast-9.2.3+dfsg/src/plot.c:27663:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
labels[ i ] = (char *) astFree( (void *) labels[ i ] );
data/starlink-ast-9.2.3+dfsg/src/plot.c:29535:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fwdexp[ 25 + 2*AST__DBL_WIDTH ]; /* Forward log mapping expression */
data/starlink-ast-9.2.3+dfsg/src/plot.c:29536:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char invexp[ 28 + 2*AST__DBL_WIDTH ]; /* Inverse log mapping expression */
data/starlink-ast-9.2.3+dfsg/src/plot.c:29537:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *fwd[1]; /* Pointer to pass to MathMap constructor */
data/starlink-ast-9.2.3+dfsg/src/plot.c:29538:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *inv[1]; /* Pointer to pass to MathMap constructor */
data/starlink-ast-9.2.3+dfsg/src/plot.c:29597:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( invexp, "g=%.*g*log10(b)+%.*g", AST__DBL_DIG, a, AST__DBL_DIG, b );
data/starlink-ast-9.2.3+dfsg/src/plot.c:29598:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( fwdexp, "b=pow(10,(g-%.*g)/%.*g)", AST__DBL_DIG, b, AST__DBL_DIG, a );
data/starlink-ast-9.2.3+dfsg/src/plot.c:29602:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( invexp, "g=%.*g*log10(-b)+%.*g", AST__DBL_DIG, a, AST__DBL_DIG, b );
data/starlink-ast-9.2.3+dfsg/src/plot.c:29603:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( fwdexp, "b=-pow(10,(g-%.*g)/%.*g)", AST__DBL_DIG, b, AST__DBL_DIG, a );
data/starlink-ast-9.2.3+dfsg/src/plot.c:30034:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[ KEY_LEN + 1 ]; /* Buffer for keyword string */
data/starlink-ast-9.2.3+dfsg/src/plot.c:30134:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "DrwAxs%d", axis + 1 );
data/starlink-ast-9.2.3+dfsg/src/plot.c:30143:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "Abbrv%d", axis + 1 );
data/starlink-ast-9.2.3+dfsg/src/plot.c:30159:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "LblAt%d", axis + 1 );
data/starlink-ast-9.2.3+dfsg/src/plot.c:30170:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "Cen%d", axis + 1 );
data/starlink-ast-9.2.3+dfsg/src/plot.c:30183:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "Gap%d", axis + 1 );
data/starlink-ast-9.2.3+dfsg/src/plot.c:30197:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "LgGap%d", axis + 1 );
data/starlink-ast-9.2.3+dfsg/src/plot.c:30209:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "NmGap%d", axis + 1 );
data/starlink-ast-9.2.3+dfsg/src/plot.c:30220:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "TxGap%d", axis + 1 );
data/starlink-ast-9.2.3+dfsg/src/plot.c:30230:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "LblUp%d", axis + 1 );
data/starlink-ast-9.2.3+dfsg/src/plot.c:30239:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "LgPlt%d", axis + 1 );
data/starlink-ast-9.2.3+dfsg/src/plot.c:30248:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "LgTck%d", axis + 1 );
data/starlink-ast-9.2.3+dfsg/src/plot.c:30257:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "LgLbl%d", axis + 1 );
data/starlink-ast-9.2.3+dfsg/src/plot.c:30266:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "NmLbl%d", axis + 1 );
data/starlink-ast-9.2.3+dfsg/src/plot.c:30275:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "MnTks%d", axis + 1 );
data/starlink-ast-9.2.3+dfsg/src/plot.c:30285:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "TxLbl%d", axis + 1 );
data/starlink-ast-9.2.3+dfsg/src/plot.c:30294:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "LbUnt%d", axis + 1 );
data/starlink-ast-9.2.3+dfsg/src/plot.c:30303:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "Style%d", id + 1 );
data/starlink-ast-9.2.3+dfsg/src/plot.c:30314:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "Font%d", id + 1 );
data/starlink-ast-9.2.3+dfsg/src/plot.c:30325:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "Col%d", id + 1 );
data/starlink-ast-9.2.3+dfsg/src/plot.c:30337:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "Width%d", id + 1 );
data/starlink-ast-9.2.3+dfsg/src/plot.c:30350:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "Size%d", id + 1 );
data/starlink-ast-9.2.3+dfsg/src/plot.c:30370:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "MjTkLn%d", axis + 1 );
data/starlink-ast-9.2.3+dfsg/src/plot.c:30381:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "MnTkLn%d", axis + 1 );
data/starlink-ast-9.2.3+dfsg/src/plot.c:30405:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "Edge%d", axis + 1 );
data/starlink-ast-9.2.3+dfsg/src/plot.c:30418:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "ClpLb%d", axis + 1 );
data/starlink-ast-9.2.3+dfsg/src/plot.c:30427:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "ClpUb%d", axis + 1 );
data/starlink-ast-9.2.3+dfsg/src/plot.c:30472:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buff, "NMjTk%d", axis + 1 );
data/starlink-ast-9.2.3+dfsg/src/plot.c:30476:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buff, "MjTk%d_%d", axis + 1, itick + 1 );
data/starlink-ast-9.2.3+dfsg/src/plot.c:30483:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buff, "NMnTk%d", axis + 1 );
data/starlink-ast-9.2.3+dfsg/src/plot.c:30487:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buff, "MnTk%d_%d", axis + 1, itick + 1 );
data/starlink-ast-9.2.3+dfsg/src/plot.c:31273:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[ KEY_LEN + 1 ]; /* Buffer for keyword string */
data/starlink-ast-9.2.3+dfsg/src/plot.c:31381:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "lblup%d", axis + 1 );
data/starlink-ast-9.2.3+dfsg/src/plot.c:31390:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "lgplt%d", axis + 1 );
data/starlink-ast-9.2.3+dfsg/src/plot.c:31399:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "lgtck%d", axis + 1 );
data/starlink-ast-9.2.3+dfsg/src/plot.c:31408:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "lglbl%d", axis + 1 );
data/starlink-ast-9.2.3+dfsg/src/plot.c:31425:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "drwaxs%d", axis + 1 );
data/starlink-ast-9.2.3+dfsg/src/plot.c:31443:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "abbrv%d", axis + 1 );
data/starlink-ast-9.2.3+dfsg/src/plot.c:31459:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "lblat%d", axis + 1 );
data/starlink-ast-9.2.3+dfsg/src/plot.c:31468:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "cen%d", axis + 1 );
data/starlink-ast-9.2.3+dfsg/src/plot.c:31477:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "gap%d", axis + 1 );
data/starlink-ast-9.2.3+dfsg/src/plot.c:31485:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "lggap%d", axis + 1 );
data/starlink-ast-9.2.3+dfsg/src/plot.c:31493:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "nmgap%d", axis + 1 );
data/starlink-ast-9.2.3+dfsg/src/plot.c:31502:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "txgap%d", axis + 1 );
data/starlink-ast-9.2.3+dfsg/src/plot.c:31511:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "nmlbl%d", axis + 1 );
data/starlink-ast-9.2.3+dfsg/src/plot.c:31520:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "mntks%d", axis + 1 );
data/starlink-ast-9.2.3+dfsg/src/plot.c:31529:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "txlbl%d", axis + 1 );
data/starlink-ast-9.2.3+dfsg/src/plot.c:31538:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "lbunt%d", axis + 1 );
data/starlink-ast-9.2.3+dfsg/src/plot.c:31547:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "style%d", id + 1 );
data/starlink-ast-9.2.3+dfsg/src/plot.c:31555:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "font%d", id + 1 );
data/starlink-ast-9.2.3+dfsg/src/plot.c:31563:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "col%d", id + 1 );
data/starlink-ast-9.2.3+dfsg/src/plot.c:31571:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "width%d", id + 1 );
data/starlink-ast-9.2.3+dfsg/src/plot.c:31579:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "size%d", id + 1 );
data/starlink-ast-9.2.3+dfsg/src/plot.c:31602:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "mjtkln%d", axis + 1 );
data/starlink-ast-9.2.3+dfsg/src/plot.c:31622:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "mntkln%d", axis + 1 );
data/starlink-ast-9.2.3+dfsg/src/plot.c:31658:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "edge%d", axis + 1 );
data/starlink-ast-9.2.3+dfsg/src/plot.c:31703:23: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "clplb%d", axis + 1 );
data/starlink-ast-9.2.3+dfsg/src/plot.c:31706:23: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "clpub%d", axis + 1 );
data/starlink-ast-9.2.3+dfsg/src/plot.c:31759:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buff, "nmjtk%d", axis + 1 );
data/starlink-ast-9.2.3+dfsg/src/plot.c:31765:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buff, "mjtk%d_%d", axis + 1, itick + 1 );
data/starlink-ast-9.2.3+dfsg/src/plot.c:31770:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buff, "nmntk%d", axis + 1 );
data/starlink-ast-9.2.3+dfsg/src/plot.c:31776:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buff, "mntk%d_%d", axis + 1, itick + 1 );
data/starlink-ast-9.2.3+dfsg/src/plot.h:676:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char GetAttrib_Buff[ 200 ];
data/starlink-ast-9.2.3+dfsg/src/plot.h:677:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char SplitValue_Buff[ 200 ];
data/starlink-ast-9.2.3+dfsg/src/plot.h:678:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char StripEscapes_Buff[ AST__PLOT_STRIPESCAPES_BUFF_LEN + 1 ];
data/starlink-ast-9.2.3+dfsg/src/plot3d.c:1246:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char getattrib_buff[ 101 ];
data/starlink-ast-9.2.3+dfsg/src/plot3d.c:2326:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char attname[50]; /* Plot attribute base name */
data/starlink-ast-9.2.3+dfsg/src/plot3d.c:2327:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char patt[50]; /* Plot attribute full name */
data/starlink-ast-9.2.3+dfsg/src/plot3d.c:2328:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char spec[10]; /* Plane specification */
data/starlink-ast-9.2.3+dfsg/src/plot3d.c:3209:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char attname[50]; /* Plot attribute base name */
data/starlink-ast-9.2.3+dfsg/src/plot3d.c:3210:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char patt[50]; /* Plot attribute full name */
data/starlink-ast-9.2.3+dfsg/src/plot3d.c:3211:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char spec[10]; /* Plane specification */
data/starlink-ast-9.2.3+dfsg/src/plot3d.c:3246:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%.*g", AST__DBL_DIG, dval );
data/starlink-ast-9.2.3+dfsg/src/plot3d.c:5598:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pat[30]; /* Regular expression pattern */
data/starlink-ast-9.2.3+dfsg/src/plot3d.c:5599:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char spec[10]; /* Plane specification */
data/starlink-ast-9.2.3+dfsg/src/plot3d.c:6514:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char attname[50]; /* Plot attribute base name */
data/starlink-ast-9.2.3+dfsg/src/plot3d.c:6515:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char patt[50]; /* Plot attribute full name */
data/starlink-ast-9.2.3+dfsg/src/plot3d.c:6516:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char spec[10]; /* Plane specification */
data/starlink-ast-9.2.3+dfsg/src/plot3d.c:6659:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ljust[3]; /* Upper case copy of "just" */
data/starlink-ast-9.2.3+dfsg/src/plot3d.c:7416:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[ KEY_LEN + 1 ];
data/starlink-ast-9.2.3+dfsg/src/plot3d.c:7451:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( key, "Norm%d", axis + 1 );
data/starlink-ast-9.2.3+dfsg/src/plot3d.c:8075:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[ KEY_LEN + 1 ];
data/starlink-ast-9.2.3+dfsg/src/plot3d.c:8143:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( key, "norm%d", axis + 1 );
data/starlink-ast-9.2.3+dfsg/src/plot3d.h:130:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char GetAttrib_Buff[ 101 ];
data/starlink-ast-9.2.3+dfsg/src/pointlist.c:164:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char getattrib_buff[ 101 ];
data/starlink-ast-9.2.3+dfsg/src/pointlist.c:359:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/pointlist.c:1658:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( lbnd, this->lbnd, nb );
data/starlink-ast-9.2.3+dfsg/src/pointlist.c:1659:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( ubnd, this->ubnd, nb );
data/starlink-ast-9.2.3+dfsg/src/pointlist.h:131:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char GetAttrib_Buff[ 101 ];
data/starlink-ast-9.2.3+dfsg/src/pointset.c:531:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char getattrib_buff[ 101 ];
data/starlink-ast-9.2.3+dfsg/src/pointset.c:663:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( ptr[ ic ], ptr1[ ic ], nb1 );
data/starlink-ast-9.2.3+dfsg/src/pointset.c:664:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( ptr[ ic ] + n1, ptr2[ ic ], nb2 );
data/starlink-ast-9.2.3+dfsg/src/pointset.c:1220:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ncoord );
data/starlink-ast-9.2.3+dfsg/src/pointset.c:2559:20: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy( (void *) out->ptr[ i ],
data/starlink-ast-9.2.3+dfsg/src/pointset.c:2657:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[ KEY_LEN + 1 ]; /* Buffer for keywords */
data/starlink-ast-9.2.3+dfsg/src/pointset.c:2706:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( key, "Acc%d", coord + 1 );
data/starlink-ast-9.2.3+dfsg/src/pointset.c:2730:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( key, "X%d", i );
data/starlink-ast-9.2.3+dfsg/src/pointset.c:3119:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[ KEY_LEN + 1 ]; /* Buffer for keywords */
data/starlink-ast-9.2.3+dfsg/src/pointset.c:3191:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( key, "acc%d", coord + 1 );
data/starlink-ast-9.2.3+dfsg/src/pointset.c:3226:26: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( key, "x%d", i );
data/starlink-ast-9.2.3+dfsg/src/pointset.h:556:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char GetAttrib_Buff[ 101 ];
data/starlink-ast-9.2.3+dfsg/src/polygon.c:250:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char getattrib_buff[ 51 ];
data/starlink-ast-9.2.3+dfsg/src/polygon.c:1237:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( xvert, xv1, nv1*sizeof( double ) ); \
data/starlink-ast-9.2.3+dfsg/src/polygon.c:1238:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( yvert, yv1, nv1*sizeof( double ) ); \
data/starlink-ast-9.2.3+dfsg/src/polygon.c:1242:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( xvert, xv2, nv2*sizeof( double ) ); \
data/starlink-ast-9.2.3+dfsg/src/polygon.c:1243:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( yvert, yv2, nv2*sizeof( double ) ); \
data/starlink-ast-9.2.3+dfsg/src/polygon.c:1247:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( xvert, xv3, nv3*sizeof( double ) ); \
data/starlink-ast-9.2.3+dfsg/src/polygon.c:1248:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( yvert, yv3, nv3*sizeof( double ) ); \
data/starlink-ast-9.2.3+dfsg/src/polygon.c:1252:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( xvert, xv4, nv4*sizeof( double ) ); \
data/starlink-ast-9.2.3+dfsg/src/polygon.c:1253:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( yvert, yv4, nv4*sizeof( double ) ); \
data/starlink-ast-9.2.3+dfsg/src/polygon.c:2693:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/polygon.h:154:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char GetAttrib_Buff[ 51 ];
data/starlink-ast-9.2.3+dfsg/src/polymap.c:224:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char getattrib_buff[ 101 ];
data/starlink-ast-9.2.3+dfsg/src/polymap.c:1419:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/polymap.c:1428:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/polymap.c:1437:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%.*g", AST__DBL_DIG, dval );
data/starlink-ast-9.2.3+dfsg/src/polymap.c:5421:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[ KEY_LEN + 1 ]; /* Buffer for keyword string */
data/starlink-ast-9.2.3+dfsg/src/polymap.c:5422:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char comm[ 100 ]; /* Buffer for comment string */
data/starlink-ast-9.2.3+dfsg/src/polymap.c:5452:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "MPF%d", i + 1 );
data/starlink-ast-9.2.3+dfsg/src/polymap.c:5453:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( comm, "Max. power of input %d in any forward polynomial", i + 1 );
data/starlink-ast-9.2.3+dfsg/src/polymap.c:5460:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "NCF%d", i + 1 );
data/starlink-ast-9.2.3+dfsg/src/polymap.c:5461:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( comm, "No. of coeff.s for forward polynomial %d", i + 1 );
data/starlink-ast-9.2.3+dfsg/src/polymap.c:5470:23: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "CF%d", iv );
data/starlink-ast-9.2.3+dfsg/src/polymap.c:5471:23: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( comm, "Coeff %d of forward polynomial %d", j + 1, i + 1 );
data/starlink-ast-9.2.3+dfsg/src/polymap.c:5484:26: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "PF%d", iv );
data/starlink-ast-9.2.3+dfsg/src/polymap.c:5485:26: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( comm, "Power of i/p %d for coeff %d of fwd poly %d", k + 1, j + 1, i + 1 );
data/starlink-ast-9.2.3+dfsg/src/polymap.c:5499:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "MPI%d", i + 1 );
data/starlink-ast-9.2.3+dfsg/src/polymap.c:5500:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( comm, "Max. power of output %d in any inverse polynomial", i + 1 );
data/starlink-ast-9.2.3+dfsg/src/polymap.c:5507:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "NCI%d", i + 1 );
data/starlink-ast-9.2.3+dfsg/src/polymap.c:5508:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( comm, "No. of coeff.s for inverse polynomial %d", i + 1 );
data/starlink-ast-9.2.3+dfsg/src/polymap.c:5517:23: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "CI%d", iv );
data/starlink-ast-9.2.3+dfsg/src/polymap.c:5518:23: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( comm, "Coeff %d of inverse polynomial %d", j + 1, i + 1 );
data/starlink-ast-9.2.3+dfsg/src/polymap.c:5531:26: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "PI%d", iv );
data/starlink-ast-9.2.3+dfsg/src/polymap.c:5532:26: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( comm, "Power of o/p %d for coeff %d of inv poly %d", k + 1, j + 1, i + 1 );
data/starlink-ast-9.2.3+dfsg/src/polymap.c:6063:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[ KEY_LEN + 1 ]; /* Buffer for keyword string */
data/starlink-ast-9.2.3+dfsg/src/polymap.c:6130:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "mpf%d", i + 1 );
data/starlink-ast-9.2.3+dfsg/src/polymap.c:6138:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "ncf%d", i + 1 );
data/starlink-ast-9.2.3+dfsg/src/polymap.c:6154:26: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "cf%d", ++iv );
data/starlink-ast-9.2.3+dfsg/src/polymap.c:6157:29: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "cf%d_%d", i + 1, j + 1 );
data/starlink-ast-9.2.3+dfsg/src/polymap.c:6175:32: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "pf%d", ++iv );
data/starlink-ast-9.2.3+dfsg/src/polymap.c:6178:35: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "pf%d_%d_%d", i + 1, j + 1, k + 1 );
data/starlink-ast-9.2.3+dfsg/src/polymap.c:6211:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "mpi%d", i + 1 );
data/starlink-ast-9.2.3+dfsg/src/polymap.c:6219:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "nci%d", i + 1 );
data/starlink-ast-9.2.3+dfsg/src/polymap.c:6232:26: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "ci%d", ++iv );
data/starlink-ast-9.2.3+dfsg/src/polymap.c:6235:29: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "ci%d_%d", i + 1, j + 1 );
data/starlink-ast-9.2.3+dfsg/src/polymap.c:6253:32: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "pi%d", ++iv );
data/starlink-ast-9.2.3+dfsg/src/polymap.c:6256:35: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "pi%d_%d_%d", i + 1, j + 1, k + 1 );
data/starlink-ast-9.2.3+dfsg/src/polymap.h:228:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char GetAttrib_Buff[ AST__GETATTRIB_BUFF_LEN + 1 ];
data/starlink-ast-9.2.3+dfsg/src/prism.c:2894:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[ 100 ];
data/starlink-ast-9.2.3+dfsg/src/prism.c:2895:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[ 255 ];
data/starlink-ast-9.2.3+dfsg/src/prism.c:3026:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[ 100 ];
data/starlink-ast-9.2.3+dfsg/src/prism.c:3027:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[ 255 ];
data/starlink-ast-9.2.3+dfsg/src/region.c:378:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100]; /* Buffer for attribute name */ \
data/starlink-ast-9.2.3+dfsg/src/region.c:679:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100]; /* Buffer for attribute name */ \
data/starlink-ast-9.2.3+dfsg/src/region.c:897:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char getattrib_buff[ 101 ];
data/starlink-ast-9.2.3+dfsg/src/region.c:3190:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/region.c:3199:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/region.c:3208:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/region.c:3217:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%.*g", AST__DBL_DIG, dval );
data/starlink-ast-9.2.3+dfsg/src/region.c:3226:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/region.c:3235:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/region.c:3263:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/region.c:3272:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/region.c:3281:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/region.c:3290:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/region.c:3299:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/region.c:3308:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/region.c:3317:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/region.c:3326:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/region.c:8433:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[ 100 ];
data/starlink-ast-9.2.3+dfsg/src/region.c:9305:26: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy( q, p, sizeof( double )*( *npoint ) );
data/starlink-ast-9.2.3+dfsg/src/region.c:9510:23: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy( q, p, sizeof( double )*( *npoint ) );
data/starlink-ast-9.2.3+dfsg/src/region.c:9868:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[ 100 ];
data/starlink-ast-9.2.3+dfsg/src/region.c:10853:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[ 40 ]; /* Buffer for floating poitn value */
data/starlink-ast-9.2.3+dfsg/src/region.c:10900:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf, "%g", ptr[ i ][ j ] );
data/starlink-ast-9.2.3+dfsg/src/region.h:219:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char GetAttrib_Buff[ 101 ];
data/starlink-ast-9.2.3+dfsg/src/selectormap.c:1123:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[ 20 ];
data/starlink-ast-9.2.3+dfsg/src/selectormap.c:1153:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf, "Reg%d", i + 1 );
data/starlink-ast-9.2.3+dfsg/src/selectormap.c:1726:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[ 20 ];
data/starlink-ast-9.2.3+dfsg/src/selectormap.c:1781:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf, "reg%d", i + 1 );
data/starlink-ast-9.2.3+dfsg/src/shiftmap.c:1212:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[ KEY_LEN + 1 ]; /* Buffer for keyword string */
data/starlink-ast-9.2.3+dfsg/src/shiftmap.c:1213:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char comment[ COMMENT_LEN + 1 ]; /* Buffer for comment string */
data/starlink-ast-9.2.3+dfsg/src/shiftmap.c:1232:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "Sft%d", axis + 1 );
data/starlink-ast-9.2.3+dfsg/src/shiftmap.c:1233:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( comment, "Shift for axis %d", axis + 1 );
data/starlink-ast-9.2.3+dfsg/src/shiftmap.c:1645:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[ KEY_LEN + 1 ]; /* Buffer for keyword string */
data/starlink-ast-9.2.3+dfsg/src/shiftmap.c:1699:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "sft%d", axis + 1 );
data/starlink-ast-9.2.3+dfsg/src/skyaxis.c:219:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char dhmsformat_buff[ AST__SKYAXIS_DHMSFORMAT_BUFF_LEN + 1 ];
data/starlink-ast-9.2.3+dfsg/src/skyaxis.c:220:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char dhmsunit_buff[ AST__SKYAXIS_DHMSUNIT_BUFF_LEN + 1 ];
data/starlink-ast-9.2.3+dfsg/src/skyaxis.c:221:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char getattrib_buff[ AST__SKYAXIS_GETATTRIB_BUFF_LEN + 1 ];
data/starlink-ast-9.2.3+dfsg/src/skyaxis.c:222:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char getaxisformat_buff[ AST__SKYAXIS_GETAXISFORMAT_BUFF_LEN + 1 ];
data/starlink-ast-9.2.3+dfsg/src/skyaxis.c:353:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *fld1[ 3 ]; /* Pointers to start of each field in str1 */
data/starlink-ast-9.2.3+dfsg/src/skyaxis.c:354:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *fld2[ 3 ]; /* Pointers to start of each field in str2 */
data/starlink-ast-9.2.3+dfsg/src/skyaxis.c:541:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tbuf[50]; /* Buffer for terminator string */
data/starlink-ast-9.2.3+dfsg/src/skyaxis.c:1685:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tbuf[50]; /* Buffer for terminator string */
data/starlink-ast-9.2.3+dfsg/src/skyaxis.c:1881:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
pos += sprintf( dhmsformat_buff + pos, "%0*.0f",
data/starlink-ast-9.2.3+dfsg/src/skyaxis.c:1905:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
pos += sprintf( dhmsformat_buff + pos, "%0*.0f", ( dh || lead_zero ) ? 2 : 1,
data/starlink-ast-9.2.3+dfsg/src/skyaxis.c:1929:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
pos += sprintf( dhmsformat_buff + pos, "%0*.0f",
data/starlink-ast-9.2.3+dfsg/src/skyaxis.c:1938:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
pos += sprintf( dhmsformat_buff + pos, "%0*.0f", ndp, ifract );
data/starlink-ast-9.2.3+dfsg/src/skyaxis.c:2024:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[ BUFF_LEN + 1 ]; /* Buffer for formatted scaled "nice" value */
data/starlink-ast-9.2.3+dfsg/src/skyaxis.c:2212:27: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void ) sprintf( buff, "%g", scale *
data/starlink-ast-9.2.3+dfsg/src/skyaxis.c:2590:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", as_time );
data/starlink-ast-9.2.3+dfsg/src/skyaxis.c:2599:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", is_latitude );
data/starlink-ast-9.2.3+dfsg/src/skyaxis.c:2608:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", centrezero );
data/starlink-ast-9.2.3+dfsg/src/skyaxis.c:2959:23: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getaxisformat_buff, "hms.%d", digits - 6 );
data/starlink-ast-9.2.3+dfsg/src/skyaxis.c:2976:23: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getaxisformat_buff, "dms.%d", digits - 7 );
data/starlink-ast-9.2.3+dfsg/src/skyaxis.c:4000:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fmtbuf[ FMT_LEN + 1 ]; /* Buffer for C format specification */
data/starlink-ast-9.2.3+dfsg/src/skyaxis.c:4005:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sign[ 2 ]; /* Sign character as string */
data/starlink-ast-9.2.3+dfsg/src/skyaxis.c:4006:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *field_start[ 3 ]; /* Pointer to start of each field */
data/starlink-ast-9.2.3+dfsg/src/skyaxis.c:4197:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( fmtbuf, "%%%dlf %%n", n );
data/starlink-ast-9.2.3+dfsg/src/skyaxis.c:4418:29: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( fmtbuf, "%%%dlf", n );
data/starlink-ast-9.2.3+dfsg/src/skyaxis.h:279:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char DHmsFormat_Buff[ AST__SKYAXIS_DHMSFORMAT_BUFF_LEN + 1 ];
data/starlink-ast-9.2.3+dfsg/src/skyaxis.h:280:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char DHmsUnit_Buff[ AST__SKYAXIS_DHMSUNIT_BUFF_LEN + 1 ];
data/starlink-ast-9.2.3+dfsg/src/skyaxis.h:281:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char GetAttrib_Buff[ AST__SKYAXIS_GETATTRIB_BUFF_LEN + 1 ];
data/starlink-ast-9.2.3+dfsg/src/skyaxis.h:282:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char GetAxisFormat_Buff[ AST__SKYAXIS_GETAXISFORMAT_BUFF_LEN + 1 ];
data/starlink-ast-9.2.3+dfsg/src/skyframe.c:928:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char getattrib_buff[ GETATTRIB_BUFF_LEN + 1 ];
data/starlink-ast-9.2.3+dfsg/src/skyframe.c:931:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char getformat_buff[ GETFORMAT_BUFF_LEN + 1 ];
data/starlink-ast-9.2.3+dfsg/src/skyframe.c:934:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char getlabel_buff[ GETLABEL_BUFF_LEN + 1 ];
data/starlink-ast-9.2.3+dfsg/src/skyframe.c:937:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char getsymbol_buff[ GETSYMBOL_BUFF_LEN + 1 ];
data/starlink-ast-9.2.3+dfsg/src/skyframe.c:940:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char gettitle_buff[ AST__SKYFRAME_GETTITLE_BUFF_LEN + 1 ];
data/starlink-ast-9.2.3+dfsg/src/skyframe.c:941:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char gettitle_buff2[ AST__SKYFRAME_GETTITLE_BUFF_LEN + 1 ];
data/starlink-ast-9.2.3+dfsg/src/skyframe.c:2657:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", as_time );
data/starlink-ast-9.2.3+dfsg/src/skyframe.c:2681:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/skyframe.c:2692:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/skyframe.c:2701:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", axis + 1 );
data/starlink-ast-9.2.3+dfsg/src/skyframe.c:2710:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", axis + 1 );
data/starlink-ast-9.2.3+dfsg/src/skyframe.c:2719:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", neglon );
data/starlink-ast-9.2.3+dfsg/src/skyframe.c:2728:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%.*g", AST__DBL_DIG, dval );
data/starlink-ast-9.2.3+dfsg/src/skyframe.c:2757:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%.*g", AST__DBL_DIG, dval );
data/starlink-ast-9.2.3+dfsg/src/skyframe.c:2781:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%.*g", AST__DBL_DIG, dval );
data/starlink-ast-9.2.3+dfsg/src/skyframe.c:2804:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/skyframe.c:3527:26: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getformat_buff, "h.%d", digits - 2 );
data/starlink-ast-9.2.3+dfsg/src/skyframe.c:3536:26: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getformat_buff, "d.%d", digits - 3 );
data/starlink-ast-9.2.3+dfsg/src/skyframe.c:11687:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[ 100 ]; /* Comment buffer */
data/starlink-ast-9.2.3+dfsg/src/skyframe.c:11688:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[ 10 ]; /* Buffer for keywords */
data/starlink-ast-9.2.3+dfsg/src/skyframe.c:11807:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( key, "SRef%d", axis_p + 1 );
data/starlink-ast-9.2.3+dfsg/src/skyframe.c:11820:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( key, "SRefP%d", axis_p + 1 );
data/starlink-ast-9.2.3+dfsg/src/skyframe.h:282:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char GetAttrib_Buff[ AST__SKYFRAME_GETATTRIB_BUFF_LEN + 1 ];
data/starlink-ast-9.2.3+dfsg/src/skyframe.h:283:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char GetFormat_Buff[ AST__SKYFRAME_GETFORMAT_BUFF_LEN + 1 ];
data/starlink-ast-9.2.3+dfsg/src/skyframe.h:284:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char GetLabel_Buff[ AST__SKYFRAME_GETLABEL_BUFF_LEN + 1 ];
data/starlink-ast-9.2.3+dfsg/src/skyframe.h:285:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char GetSymbol_Buff[ AST__SKYFRAME_GETSYMBOL_BUFF_LEN + 1 ];
data/starlink-ast-9.2.3+dfsg/src/skyframe.h:286:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char GetTitle_Buff[ AST__SKYFRAME_GETTITLE_BUFF_LEN + 1 ];
data/starlink-ast-9.2.3+dfsg/src/skyframe.h:287:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char GetTitle_Buff2[ AST__SKYFRAME_GETTITLE_BUFF_LEN + 1 ];
data/starlink-ast-9.2.3+dfsg/src/slamap.c:266:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *CvtString( int, const char **, int *, const char *[ MAX_SLA_ARGS ], int * );
data/starlink-ast-9.2.3+dfsg/src/slamap.c:266:42: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *CvtString( int, const char **, int *, const char *[ MAX_SLA_ARGS ], int * );
data/starlink-ast-9.2.3+dfsg/src/slamap.c:266:64: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *CvtString( int, const char **, int *, const char *[ MAX_SLA_ARGS ], int * );
data/starlink-ast-9.2.3+dfsg/src/slamap.c:465:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *argdesc[ MAX_SLA_ARGS ];
data/starlink-ast-9.2.3+dfsg/src/slamap.c:747:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *argdesc[ MAX_SLA_ARGS ]; /* Pointers to argument descriptions */
data/starlink-ast-9.2.3+dfsg/src/slamap.c:946:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *CvtString( int cvt_code, const char **comment,
data/starlink-ast-9.2.3+dfsg/src/slamap.c:946:51: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *CvtString( int cvt_code, const char **comment,
data/starlink-ast-9.2.3+dfsg/src/slamap.c:947:49: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int *nargs, const char *arg[ MAX_SLA_ARGS ], int *status ) {
data/starlink-ast-9.2.3+dfsg/src/slamap.c:2207:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy ( out[ 0 ], in[ 0 ], nbyte );
data/starlink-ast-9.2.3+dfsg/src/slamap.c:2208:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy ( out[ 1 ], in[ 1 ], nbyte );
data/starlink-ast-9.2.3+dfsg/src/slamap.c:2210:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy ( out2, in[ 2 ], nbyte );
data/starlink-ast-9.2.3+dfsg/src/slamap.c:2671:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *argdesc[ MAX_SLA_ARGS ]; /* Argument descriptions (junk) */
data/starlink-ast-9.2.3+dfsg/src/slamap.c:3621:14: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy( alpha, ptr_in[ 0 ], sizeof( double ) * (size_t) npoint );
data/starlink-ast-9.2.3+dfsg/src/slamap.c:3622:14: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy( delta, ptr_in[ 1 ], sizeof( double ) * (size_t) npoint );
data/starlink-ast-9.2.3+dfsg/src/slamap.c:4378:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[ KEY_LEN + 1 ]; /* Buffer for keyword string */
data/starlink-ast-9.2.3+dfsg/src/slamap.c:4379:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *argdesc[ MAX_SLA_ARGS ]; /* Pointers to argument descriptions */
data/starlink-ast-9.2.3+dfsg/src/slamap.c:4438:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( key, "Sla%d", icvt + 1 );
data/starlink-ast-9.2.3+dfsg/src/slamap.c:4448:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( key, "Sla%d%c", icvt + 1, ALPHABET[ iarg ] );
data/starlink-ast-9.2.3+dfsg/src/slamap.c:4858:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[ KEY_LEN + 1 ]; /* Buffer for keyword string */
data/starlink-ast-9.2.3+dfsg/src/slamap.c:4859:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *argdesc[ MAX_SLA_ARGS ]; /* Pointers to argument descriptions */
data/starlink-ast-9.2.3+dfsg/src/slamap.c:4942:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( key, "sla%d", icvt + 1 );
data/starlink-ast-9.2.3+dfsg/src/slamap.c:4985:26: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( key, "sla%d%c", icvt + 1, ALPHABET[ iarg ] );
data/starlink-ast-9.2.3+dfsg/src/specfluxframe.c:152:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char gettitle_buff[ 101 ];
data/starlink-ast-9.2.3+dfsg/src/specfluxframe.c:810:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *fwd[1];
data/starlink-ast-9.2.3+dfsg/src/specfluxframe.c:811:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *inv[2];
data/starlink-ast-9.2.3+dfsg/src/specfluxframe.c:952:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *fwd[1];
data/starlink-ast-9.2.3+dfsg/src/specfluxframe.c:953:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *inv[2];
data/starlink-ast-9.2.3+dfsg/src/specfluxframe.h:121:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char GetTitle_Buff[ 201 ];
data/starlink-ast-9.2.3+dfsg/src/specframe.c:305:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char getattrib_buff[ 51 ];
data/starlink-ast-9.2.3+dfsg/src/specframe.c:308:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char getlabel_buff[ 201 ];
data/starlink-ast-9.2.3+dfsg/src/specframe.c:311:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char getsymbol_buff[ 21 ];
data/starlink-ast-9.2.3+dfsg/src/specframe.c:314:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char gettitle_buff[ 201 ];
data/starlink-ast-9.2.3+dfsg/src/specframe.c:498:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( new_attrib, attrib, len );
data/starlink-ast-9.2.3+dfsg/src/specframe.c:499:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( new_attrib + len, "(1)", 4 );
data/starlink-ast-9.2.3+dfsg/src/specframe.c:1295:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( new_attrib, attrib, len );
data/starlink-ast-9.2.3+dfsg/src/specframe.c:1296:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( new_attrib + len, "(1)", 4 );
data/starlink-ast-9.2.3+dfsg/src/specframe.c:1323:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/specframe.c:1362:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%.*g", AST__DBL_DIG, dval*1.0E-9 );
data/starlink-ast-9.2.3+dfsg/src/specframe.c:1378:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%.*g", AST__DBL_DIG, dval );
data/starlink-ast-9.2.3+dfsg/src/specframe.c:1388:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%.*g", AST__DBL_DIG, dval );
data/starlink-ast-9.2.3+dfsg/src/specframe.c:2117:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
pos += sprintf( gettitle_buff+pos, ", rest frequency = %g GHz", rf*1.0E-9 );
data/starlink-ast-9.2.3+dfsg/src/specframe.c:3673:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( new_setting, setting, len + 1 );
data/starlink-ast-9.2.3+dfsg/src/specframe.c:3676:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( a, "(1)", 4 );
data/starlink-ast-9.2.3+dfsg/src/specframe.c:5378:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( new_attrib, attrib, len );
data/starlink-ast-9.2.3+dfsg/src/specframe.c:5379:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( new_attrib + len, "(1)", 4 );
data/starlink-ast-9.2.3+dfsg/src/specframe.c:6504:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[ 20 ]; /* Buffer for item name */
data/starlink-ast-9.2.3+dfsg/src/specframe.c:6505:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char comm[ 50 ]; /* Buffer for comment */
data/starlink-ast-9.2.3+dfsg/src/specframe.c:6995:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[ 20 ]; /* Buffer for item name */
data/starlink-ast-9.2.3+dfsg/src/specframe.h:210:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char GetAttrib_Buff[ 51 ];
data/starlink-ast-9.2.3+dfsg/src/specframe.h:211:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char GetLabel_Buff[ 201 ];
data/starlink-ast-9.2.3+dfsg/src/specframe.h:212:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char GetSymbol_Buff[ 21 ];
data/starlink-ast-9.2.3+dfsg/src/specframe.h:213:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char GetTitle_Buff[ 201 ];
data/starlink-ast-9.2.3+dfsg/src/specmap.c:263:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *CvtString( int, const char **, int *, int *, int *, int *, const char *[ MAX_ARGS ], int * );
data/starlink-ast-9.2.3+dfsg/src/specmap.c:263:42: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *CvtString( int, const char **, int *, int *, int *, int *, const char *[ MAX_ARGS ], int * );
data/starlink-ast-9.2.3+dfsg/src/specmap.c:263:85: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *CvtString( int, const char **, int *, int *, int *, int *, const char *[ MAX_ARGS ], int * );
data/starlink-ast-9.2.3+dfsg/src/specmap.c:331:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *argdesc[ MAX_ARGS ];
data/starlink-ast-9.2.3+dfsg/src/specmap.c:641:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *argdesc[ MAX_ARGS ]; /* Pointers to argument descriptions */
data/starlink-ast-9.2.3+dfsg/src/specmap.c:943:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *CvtString( int cvt_code, const char **comment,
data/starlink-ast-9.2.3+dfsg/src/specmap.c:943:51: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *CvtString( int cvt_code, const char **comment,
data/starlink-ast-9.2.3+dfsg/src/specmap.c:945:37: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *arg[ MAX_ARGS ], int *status ) {
data/starlink-ast-9.2.3+dfsg/src/specmap.c:2219:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *argdesc[ MAX_ARGS ]; /* Argument descriptions (junk) */
data/starlink-ast-9.2.3+dfsg/src/specmap.c:3710:14: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy( spec, ptr_in[ 0 ], sizeof( double ) * (size_t) npoint );
data/starlink-ast-9.2.3+dfsg/src/specmap.c:3712:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy( alpha, ptr_in[ 1 ], sizeof( double ) * (size_t) npoint );
data/starlink-ast-9.2.3+dfsg/src/specmap.c:3713:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy( beta, ptr_in[ 2 ], sizeof( double ) * (size_t) npoint );
data/starlink-ast-9.2.3+dfsg/src/specmap.c:3999:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[ KEY_LEN + 1 ]; /* Buffer for keyword string */
data/starlink-ast-9.2.3+dfsg/src/specmap.c:4000:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *argdesc[ MAX_ARGS ]; /* Pointers to argument descriptions */
data/starlink-ast-9.2.3+dfsg/src/specmap.c:4063:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( key, "Spec%d", icvt + 1 );
data/starlink-ast-9.2.3+dfsg/src/specmap.c:4074:23: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( key, "Spec%d%c", icvt + 1, ALPHABET[ iarg ] );
data/starlink-ast-9.2.3+dfsg/src/specmap.c:4528:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[ KEY_LEN + 1 ]; /* Buffer for keyword string */
data/starlink-ast-9.2.3+dfsg/src/specmap.c:4529:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *argdesc[ MAX_ARGS ]; /* Pointers to argument descriptions */
data/starlink-ast-9.2.3+dfsg/src/specmap.c:4612:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( key, "spec%d", icvt + 1 );
data/starlink-ast-9.2.3+dfsg/src/specmap.c:4655:26: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( key, "spec%d%c", icvt + 1, ALPHABET[ iarg ] );
data/starlink-ast-9.2.3+dfsg/src/sphmap.c:167:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char getattrib_buff[ 101 ];
data/starlink-ast-9.2.3+dfsg/src/sphmap.c:443:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/sphmap.c:452:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%.*g", AST__DBL_DIG, dval );
data/starlink-ast-9.2.3+dfsg/src/sphmap.h:256:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char GetAttrib_Buff[ 51 ];
data/starlink-ast-9.2.3+dfsg/src/stc.c:160:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *regkey[ NREG ] = { AST__STCERROR,
data/starlink-ast-9.2.3+dfsg/src/stc.c:168:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *regcom[ NREG ] = { "AstroCoords error region",
data/starlink-ast-9.2.3+dfsg/src/stc.c:3236:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char comment[ COMMENT_LEN + 1 ]; /* Buffer for comment string */
data/starlink-ast-9.2.3+dfsg/src/stc.c:3237:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[ KEY_LEN + 1 ]; /* Buffer for keyword string */
data/starlink-ast-9.2.3+dfsg/src/stc.c:3273:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( key, "Coord%d", ico );
data/starlink-ast-9.2.3+dfsg/src/stc.c:3274:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( comment, "AstroCoords number %d", ico );
data/starlink-ast-9.2.3+dfsg/src/stc.c:3546:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[ KEY_LEN + 1 ]; /* Buffer for keyword string */
data/starlink-ast-9.2.3+dfsg/src/stc.c:3627:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( key, "coord%d", ico );
data/starlink-ast-9.2.3+dfsg/src/stcschan.c:264:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *words[ NEWORD ];
data/starlink-ast-9.2.3+dfsg/src/stcschan.c:267:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int open;
data/starlink-ast-9.2.3+dfsg/src/stcschan.c:311:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char getattrib_buff[ GETATTRIB_BUFF_LEN + 1 ];
data/starlink-ast-9.2.3+dfsg/src/stcschan.c:808:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( (*buf) + 50, "..." );
data/starlink-ast-9.2.3+dfsg/src/stcschan.c:946:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/stcschan.c:955:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/stcschan.c:965:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/stcschan.c:974:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/stcschan.c:1116:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( fmt, "%%.%dg", before + after );
data/starlink-ast-9.2.3+dfsg/src/stcschan.c:1118:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( fmt, "%%.%df", after );
data/starlink-ast-9.2.3+dfsg/src/stcschan.c:1228:20: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
} else if( con->open && ! con->done ) {
data/starlink-ast-9.2.3+dfsg/src/stcschan.c:1313:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((char *) result)[ len - 1 ] = 0;
data/starlink-ast-9.2.3+dfsg/src/stcschan.c:1320:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((char *) result)[ len - 1 ] = 0;
data/starlink-ast-9.2.3+dfsg/src/stcschan.c:1401:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[ 100 ]; /* Buffer for formatted values */
data/starlink-ast-9.2.3+dfsg/src/stcschan.c:1402:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fmt[ 10 ]; /* Buffer for format specifier */
data/starlink-ast-9.2.3+dfsg/src/stcschan.c:1731:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf, "REGION%d", i + 1 );
data/starlink-ast-9.2.3+dfsg/src/stcschan.c:1926:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[ 20 ]; /* Key for argument region */
data/starlink-ast-9.2.3+dfsg/src/stcschan.c:2074:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( key, "REGION%d", ireg + 1 );
data/starlink-ast-9.2.3+dfsg/src/stcschan.c:2302:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[ 20 ];
data/starlink-ast-9.2.3+dfsg/src/stcschan.c:2381:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( key, "REGION%d", ireg + 1 );
data/starlink-ast-9.2.3+dfsg/src/stcschan.c:4793:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[ 20 ]; /* Key for argument region */
data/starlink-ast-9.2.3+dfsg/src/stcschan.c:5169:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( key, "REGION%d", ++nreg );
data/starlink-ast-9.2.3+dfsg/src/stcschan.c:6416:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[ 100 ]; /* Buffer for formatted values */
data/starlink-ast-9.2.3+dfsg/src/stcschan.c:6417:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fmt[ 10 ]; /* Buffer for format specifier */
data/starlink-ast-9.2.3+dfsg/src/stcschan.h:141:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char GetAttrib_Buff[ AST__STCSCHAN_GETATTRIB_BUFF_LEN + 1 ];
data/starlink-ast-9.2.3+dfsg/src/switchmap.c:2007:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[ 20 ];
data/starlink-ast-9.2.3+dfsg/src/switchmap.c:2065:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf, "RMap%d", i + 1 );
data/starlink-ast-9.2.3+dfsg/src/switchmap.c:2071:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf, "RInv%d", i + 1 );
data/starlink-ast-9.2.3+dfsg/src/switchmap.c:2765:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[ 20 ];
data/starlink-ast-9.2.3+dfsg/src/switchmap.c:2831:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf, "rmap%d", i + 1 );
data/starlink-ast-9.2.3+dfsg/src/switchmap.c:2838:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf, "rinv%d", i + 1 );
data/starlink-ast-9.2.3+dfsg/src/table.c:268:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char getattrib_buff[ 101 ];
data/starlink-ast-9.2.3+dfsg/src/table.c:1160:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cname[ AST__MXCOLNAMLEN + 1 ]; /* Column name */
data/starlink-ast-9.2.3+dfsg/src/table.c:1195:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/table.c:1204:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/table.c:1213:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/table.c:1233:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/table.c:1243:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/table.c:1253:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/table.c:1263:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/table.c:1342:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[ AST__MXCOLKEYLEN ]; /* Current cell key string */
data/starlink-ast-9.2.3+dfsg/src/table.c:1365:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( key, "%.*s(%d)", (int) astChrLen(column), column, irow );
data/starlink-ast-9.2.3+dfsg/src/table.c:2408:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char colname[ AST__MXCOLNAMLEN + 1 ]; /* Column name read from string */ \
data/starlink-ast-9.2.3+dfsg/src/table.c:2552:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char colname[ AST__MXCOLNAMLEN + 1 ]; /* Column name read from string */ \
data/starlink-ast-9.2.3+dfsg/src/table.c:2642:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char colname[ AST__MXCOLNAMLEN + 1 ]; /* Column name read from string */
data/starlink-ast-9.2.3+dfsg/src/table.c:2772:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char colname[ AST__MXCOLNAMLEN + 1 ]; /* Column name read from string */ \
data/starlink-ast-9.2.3+dfsg/src/table.c:2861:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char colname[ AST__MXCOLNAMLEN + 1 ]; /* Column name read from string */
data/starlink-ast-9.2.3+dfsg/src/table.c:2975:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char colname[ AST__MXCOLNAMLEN + 1 ]; /* Column name read from string */ \
data/starlink-ast-9.2.3+dfsg/src/table.c:3107:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char colname[ AST__MXCOLNAMLEN + 1 ]; /* Column name read from string */ \
data/starlink-ast-9.2.3+dfsg/src/table.c:3162:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
MAKE_MAPPUT1(C,c,const char *const,AST__STRINGTYPE,astStore(NULL,value[i],strlen(value[i])+1))
data/starlink-ast-9.2.3+dfsg/src/table.c:3243:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char colname[ AST__MXCOLNAMLEN + 1 ]; /* Column name read from string */ \
data/starlink-ast-9.2.3+dfsg/src/table.c:3365:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char colname[ AST__MXCOLNAMLEN + 1 ]; /* Column name read from string */
data/starlink-ast-9.2.3+dfsg/src/table.c:3534:44: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static int ParseKey( AstTable *this, const char *key, int report,
data/starlink-ast-9.2.3+dfsg/src/table.c:3535:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char colname[ AST__MXCOLNAMLEN + 1 ], int *irow,
data/starlink-ast-9.2.3+dfsg/src/table.c:3700:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char newkey[ AST__MXCOLKEYLEN + 1 ]; /* New cell key string */
data/starlink-ast-9.2.3+dfsg/src/table.c:3701:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char oldkey[ AST__MXCOLKEYLEN + 1 ]; /* Old cell key string */
data/starlink-ast-9.2.3+dfsg/src/table.c:3829:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[ AST__MXCOLKEYLEN + 1 ]; /* Cell key string */
data/starlink-ast-9.2.3+dfsg/src/table.c:3856:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( key, "%.*s(%d)", namlen, name, irow );
data/starlink-ast-9.2.3+dfsg/src/table.c:3975:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[ AST__MXCOLKEYLEN + 1 ]; /* Cell key string */
data/starlink-ast-9.2.3+dfsg/src/table.h:152:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char GetAttrib_Buff[ 101 ];
data/starlink-ast-9.2.3+dfsg/src/timeframe.c:348:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char getattrib_buff[ AST__TIMEFRAME_GETATTRIB_BUFF_LEN + 1 ];
data/starlink-ast-9.2.3+dfsg/src/timeframe.c:349:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char format_buff[ AST__TIMEFRAME_FORMAT_BUFF_LEN + 1 ];
data/starlink-ast-9.2.3+dfsg/src/timeframe.c:350:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char getlabel_buff[ AST__TIMEFRAME_GETLABEL_BUFF_LEN + 1 ];
data/starlink-ast-9.2.3+dfsg/src/timeframe.c:351:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char getsymbol_buff[ AST__TIMEFRAME_GETSYMBOL_BUFF_LEN + 1 ];
data/starlink-ast-9.2.3+dfsg/src/timeframe.c:352:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char gettitle_buff[ AST__TIMEFRAME_GETTITLE_BUFF_LEN + 1 ];
data/starlink-ast-9.2.3+dfsg/src/timeframe.c:759:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
v1 = atoi( f1 );
data/starlink-ast-9.2.3+dfsg/src/timeframe.c:760:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
v2 = atoi( f2 );
data/starlink-ast-9.2.3+dfsg/src/timeframe.c:959:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( new_attrib, attrib, len );
data/starlink-ast-9.2.3+dfsg/src/timeframe.c:960:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( new_attrib + len, "(1)", 4 );
data/starlink-ast-9.2.3+dfsg/src/timeframe.c:1646:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tbuf[ 100 ];
data/starlink-ast-9.2.3+dfsg/src/timeframe.c:1647:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sign[ 2 ];
data/starlink-ast-9.2.3+dfsg/src/timeframe.c:1711:18: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
d += sprintf( d, "%4d-%2.2d-%2.2d", iy, im, id );
data/starlink-ast-9.2.3+dfsg/src/timeframe.c:1720:26: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( tbuf, "%c%2.2d:%2.2d:%2.2d.%*.*d", sep,
data/starlink-ast-9.2.3+dfsg/src/timeframe.c:1724:26: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( tbuf, "%c%2.2d:%2.2d:%2.2d", sep, ihmsf[0],
data/starlink-ast-9.2.3+dfsg/src/timeframe.c:2219:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( new_attrib, attrib, len );
data/starlink-ast-9.2.3+dfsg/src/timeframe.c:2220:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( new_attrib + len, "(1)", 4 );
data/starlink-ast-9.2.3+dfsg/src/timeframe.c:2257:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%.*g", AST__DBL_DIG, dval );
data/starlink-ast-9.2.3+dfsg/src/timeframe.c:2266:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%.*g", AST__DBL_DIG, dval );
data/starlink-ast-9.2.3+dfsg/src/timeframe.c:3198:24: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
nc = sprintf( gettitle_buff + pos, " (UTC+%g)", ltoff );
data/starlink-ast-9.2.3+dfsg/src/timeframe.c:3200:24: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
nc = sprintf( gettitle_buff + pos, " (UTC-%g)", -ltoff );
data/starlink-ast-9.2.3+dfsg/src/timeframe.c:4679:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( new_setting, setting, len + 1 );
data/starlink-ast-9.2.3+dfsg/src/timeframe.c:4682:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( a, "(1)", 4 );
data/starlink-ast-9.2.3+dfsg/src/timeframe.c:5794:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( new_attrib, attrib, len );
data/starlink-ast-9.2.3+dfsg/src/timeframe.c:5795:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( new_attrib + len, "(1)", 4 );
data/starlink-ast-9.2.3+dfsg/src/timeframe.h:170:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Format_Buff[ AST__TIMEFRAME_FORMAT_BUFF_LEN + 1 ];
data/starlink-ast-9.2.3+dfsg/src/timeframe.h:171:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char GetAttrib_Buff[ AST__TIMEFRAME_GETATTRIB_BUFF_LEN + 1 ];
data/starlink-ast-9.2.3+dfsg/src/timeframe.h:172:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char GetLabel_Buff[ AST__TIMEFRAME_GETLABEL_BUFF_LEN + 1 ];
data/starlink-ast-9.2.3+dfsg/src/timeframe.h:173:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char GetSymbol_Buff[ AST__TIMEFRAME_GETSYMBOL_BUFF_LEN + 1 ];
data/starlink-ast-9.2.3+dfsg/src/timeframe.h:174:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char GetTitle_Buff[ AST__TIMEFRAME_GETTITLE_BUFF_LEN + 1 ];
data/starlink-ast-9.2.3+dfsg/src/timemap.c:245:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *CvtString( int, const char **, int *, int *, const char *[ MAX_ARGS ], int **order, int * );
data/starlink-ast-9.2.3+dfsg/src/timemap.c:245:42: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *CvtString( int, const char **, int *, int *, const char *[ MAX_ARGS ], int **order, int * );
data/starlink-ast-9.2.3+dfsg/src/timemap.c:245:71: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *CvtString( int, const char **, int *, int *, const char *[ MAX_ARGS ], int **order, int * );
data/starlink-ast-9.2.3+dfsg/src/timemap.c:305:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *argdesc[ MAX_ARGS ];
data/starlink-ast-9.2.3+dfsg/src/timemap.c:698:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *argdesc[ MAX_ARGS ]; /* Pointers to argument descriptions */
data/starlink-ast-9.2.3+dfsg/src/timemap.c:904:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *CvtString( int cvt_code, const char **comment,
data/starlink-ast-9.2.3+dfsg/src/timemap.c:904:51: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *CvtString( int cvt_code, const char **comment,
data/starlink-ast-9.2.3+dfsg/src/timemap.c:906:37: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *arg[ MAX_ARGS ],
data/starlink-ast-9.2.3+dfsg/src/timemap.c:2065:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *argdesc[ MAX_ARGS ]; /* Argument descriptions (junk) */
data/starlink-ast-9.2.3+dfsg/src/timemap.c:3895:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy( time, ptr_in[ 0 ], sizeof( double ) * (size_t) npoint );
data/starlink-ast-9.2.3+dfsg/src/timemap.c:4659:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[ KEY_LEN + 1 ]; /* Buffer for keyword string */
data/starlink-ast-9.2.3+dfsg/src/timemap.c:4660:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *argdesc[ MAX_ARGS ]; /* Pointers to argument descriptions */
data/starlink-ast-9.2.3+dfsg/src/timemap.c:4723:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( key, "Time%d", icvt + 1 );
data/starlink-ast-9.2.3+dfsg/src/timemap.c:4739:23: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( key, "Time%d%c", icvt + 1, ALPHABET[ iarg ] );
data/starlink-ast-9.2.3+dfsg/src/timemap.c:5154:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[ KEY_LEN + 1 ]; /* Buffer for keyword string */
data/starlink-ast-9.2.3+dfsg/src/timemap.c:5155:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *argdesc[ MAX_ARGS ]; /* Pointers to argument descriptions */
data/starlink-ast-9.2.3+dfsg/src/timemap.c:5238:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( key, "time%d", icvt + 1 );
data/starlink-ast-9.2.3+dfsg/src/timemap.c:5286:26: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( key, "time%d%c", icvt + 1, ALPHABET[ iarg ] );
data/starlink-ast-9.2.3+dfsg/src/unit.c:432:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( w, "m*1.0E-6)" );
data/starlink-ast-9.2.3+dfsg/src/unit.c:473:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( p, tok[ i ], len );
data/starlink-ast-9.2.3+dfsg/src/unit.c:2818:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[200];
data/starlink-ast-9.2.3+dfsg/src/unit.c:2867:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
lbuff = sprintf( buff, "%.*g", AST__DBL_DIG, newtree->con );
data/starlink-ast-9.2.3+dfsg/src/unit.c:2880:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( result + 1, newtree->name, tlen );
data/starlink-ast-9.2.3+dfsg/src/unit.c:2881:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( result + tlen + 1, " ", 2 );
data/starlink-ast-9.2.3+dfsg/src/unit.c:2896:24: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if( mtxt ) memcpy( result, mtxt, mlen );
data/starlink-ast-9.2.3+dfsg/src/unit.c:2897:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( result + mlen, newtree->name, tlen + 1 );
data/starlink-ast-9.2.3+dfsg/src/unit.c:2911:23: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if( result ) memcpy( result, "log10(", 7 );
data/starlink-ast-9.2.3+dfsg/src/unit.c:2915:23: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if( result ) memcpy( result, "log(", 5 );
data/starlink-ast-9.2.3+dfsg/src/unit.c:2919:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( a, arg0, larg0 + 1 );
data/starlink-ast-9.2.3+dfsg/src/unit.c:2920:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( a + larg0, ")", 2 );
data/starlink-ast-9.2.3+dfsg/src/unit.c:2929:23: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if( result ) memcpy( result, "log(", 5 );
data/starlink-ast-9.2.3+dfsg/src/unit.c:2933:23: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if( result ) memcpy( result, "ln(", 4 );
data/starlink-ast-9.2.3+dfsg/src/unit.c:2937:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( a, arg0, larg0 );
data/starlink-ast-9.2.3+dfsg/src/unit.c:2938:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( a + larg0, ")", 2 );
data/starlink-ast-9.2.3+dfsg/src/unit.c:2947:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( result, "exp(", 5 );
data/starlink-ast-9.2.3+dfsg/src/unit.c:2948:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( result + 4, arg0, larg0 );
data/starlink-ast-9.2.3+dfsg/src/unit.c:2949:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( result + 4 + larg0, ")", 2 );
data/starlink-ast-9.2.3+dfsg/src/unit.c:2958:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( result, "sqrt(", 6 );
data/starlink-ast-9.2.3+dfsg/src/unit.c:2959:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( result + 5, arg0, larg0 );
data/starlink-ast-9.2.3+dfsg/src/unit.c:2960:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( result + 5 + larg0, ")", 2 );
data/starlink-ast-9.2.3+dfsg/src/unit.c:2983:23: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if( result ) memcpy( result, "(", 2 );
data/starlink-ast-9.2.3+dfsg/src/unit.c:2992:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( a, arg0, larg0 );
data/starlink-ast-9.2.3+dfsg/src/unit.c:2995:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( a, "**", 3 );
data/starlink-ast-9.2.3+dfsg/src/unit.c:2997:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( a, arg1, larg1 );
data/starlink-ast-9.2.3+dfsg/src/unit.c:3031:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( result, arg0, larg0 );
data/starlink-ast-9.2.3+dfsg/src/unit.c:3035:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( a, arg1, larg1 );
data/starlink-ast-9.2.3+dfsg/src/unit.c:3086:16: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( a, arg0, larg0 );
data/starlink-ast-9.2.3+dfsg/src/unit.c:3090:16: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( a, arg1, larg1 );
data/starlink-ast-9.2.3+dfsg/src/unit.c:3343:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( fwdfun, "output_units=", 14 );
data/starlink-ast-9.2.3+dfsg/src/unit.c:3344:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( invfun, "input_units=", 13 );
data/starlink-ast-9.2.3+dfsg/src/unit.c:3419:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[ 10 ];
data/starlink-ast-9.2.3+dfsg/src/unit.c:3652:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[ 10 ];
data/starlink-ast-9.2.3+dfsg/src/unit.c:5084:32: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
double astUnitAnalyser_( const char *in, double powers[9], int *status ){
data/starlink-ast-9.2.3+dfsg/src/unit.h:66:32: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
double astUnitAnalyser_( const char *, double[9], int * );
data/starlink-ast-9.2.3+dfsg/src/unitmap.c:900:20: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy( (void *) ptr_out[ coord ],
data/starlink-ast-9.2.3+dfsg/src/unitnormmap.c:1144:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[ KEY_LEN + 1 ]; /* Buffer for keyword string */
data/starlink-ast-9.2.3+dfsg/src/unitnormmap.c:1145:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char comment[ COMMENT_LEN + 1 ]; /* Buffer for comment string */
data/starlink-ast-9.2.3+dfsg/src/unitnormmap.c:1163:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "Ctr%d", axis + 1 );
data/starlink-ast-9.2.3+dfsg/src/unitnormmap.c:1164:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( comment, "Centre for axis %d", axis + 1 );
data/starlink-ast-9.2.3+dfsg/src/unitnormmap.c:1592:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[ KEY_LEN + 1 ]; /* Buffer for keyword string */
data/starlink-ast-9.2.3+dfsg/src/unitnormmap.c:1657:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "ctr%d", axis + 1 );
data/starlink-ast-9.2.3+dfsg/src/wcsmap.c:653:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char desc[60]; /* Long projection description */
data/starlink-ast-9.2.3+dfsg/src/wcsmap.c:654:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctype[5]; /* FITS CTYPE identifying string */
data/starlink-ast-9.2.3+dfsg/src/wcsmap.c:737:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char getattrib_buff[ 101 ];
data/starlink-ast-9.2.3+dfsg/src/wcsmap.c:1824:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%.*g", AST__DBL_DIG, dval );
data/starlink-ast-9.2.3+dfsg/src/wcsmap.c:1834:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%.*g", AST__DBL_DIG, dval );
data/starlink-ast-9.2.3+dfsg/src/wcsmap.c:1843:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/wcsmap.c:1853:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/wcsmap.c:1862:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%.*g", AST__DBL_DIG, dval );
data/starlink-ast-9.2.3+dfsg/src/wcsmap.c:1871:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%.*g", AST__DBL_DIG, dval );
data/starlink-ast-9.2.3+dfsg/src/wcsmap.c:1882:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/wcsmap.c:4285:20: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy( ptr_out[ i ], ptr_in[ i ], sizeof( double )*
data/starlink-ast-9.2.3+dfsg/src/wcsmap.c:4295:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy( ptr_out[ i ], ptr_in[ i ], sizeof( double )*
data/starlink-ast-9.2.3+dfsg/src/wcsmap.c:4348:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[81];
data/starlink-ast-9.2.3+dfsg/src/wcsmap.c:5284:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[ KEY_LEN + 1 ]; /* Buffer for keyword string */
data/starlink-ast-9.2.3+dfsg/src/wcsmap.c:5285:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char comment_buff[ COMMENT_LEN + 1 ]; /* Buffer for keyword comment */
data/starlink-ast-9.2.3+dfsg/src/wcsmap.c:5356:23: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "PV%d_%d", i + 1, m );
data/starlink-ast-9.2.3+dfsg/src/wcsmap.c:5357:23: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( comment_buff, "Projection parameter %d for axis %d", m, i + 1 );
data/starlink-ast-9.2.3+dfsg/src/wcsmap.c:5368:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "WcsAx%d", axis + 1 );
data/starlink-ast-9.2.3+dfsg/src/wcsmap.c:5955:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[ KEY_LEN + 1 ]; /* Buffer for keyword string */
data/starlink-ast-9.2.3+dfsg/src/wcsmap.c:6035:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[ 10 ];
data/starlink-ast-9.2.3+dfsg/src/wcsmap.c:6036:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( tmp, "-%.8s", text );
data/starlink-ast-9.2.3+dfsg/src/wcsmap.c:6047:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "wcsax%d", axis + 1 );
data/starlink-ast-9.2.3+dfsg/src/wcsmap.c:6065:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "projp%d", m );
data/starlink-ast-9.2.3+dfsg/src/wcsmap.c:6083:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "pv%d_%d", i + 1, m );
data/starlink-ast-9.2.3+dfsg/src/wcsmap.h:424:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char GetAttrib_Buff[ 101 ];
data/starlink-ast-9.2.3+dfsg/src/winmap.c:4482:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[ KEY_LEN + 1 ]; /* Buffer for keyword string */
data/starlink-ast-9.2.3+dfsg/src/winmap.c:4483:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char comment[ COMMENT_LEN + 1 ]; /* Buffer for comment string */
data/starlink-ast-9.2.3+dfsg/src/winmap.c:4502:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "Sft%d", axis + 1 );
data/starlink-ast-9.2.3+dfsg/src/winmap.c:4503:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( comment, "Shift for axis %d", axis + 1 );
data/starlink-ast-9.2.3+dfsg/src/winmap.c:4506:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "Scl%d", axis + 1 );
data/starlink-ast-9.2.3+dfsg/src/winmap.c:4507:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( comment, "Scale factor for axis %d", axis + 1 );
data/starlink-ast-9.2.3+dfsg/src/winmap.c:4985:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[ KEY_LEN + 1 ]; /* Buffer for keyword string */
data/starlink-ast-9.2.3+dfsg/src/winmap.c:5040:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "sft%d", axis + 1 );
data/starlink-ast-9.2.3+dfsg/src/winmap.c:5042:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "scl%d", axis + 1 );
data/starlink-ast-9.2.3+dfsg/src/xml.c:196:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char gettag_buff[ AST__XML_GETTAG_BUFF_LEN + 1 ];
data/starlink-ast-9.2.3+dfsg/src/xml.c:470:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( d, "<" );
data/starlink-ast-9.2.3+dfsg/src/xml.c:474:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( d, ">" );
data/starlink-ast-9.2.3+dfsg/src/xml.c:478:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( d, """ );
data/starlink-ast-9.2.3+dfsg/src/xml.c:482:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( d, "'" );
data/starlink-ast-9.2.3+dfsg/src/xml.c:486:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( d, "&" );
data/starlink-ast-9.2.3+dfsg/src/xml.c:2149:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( gettag_buff + AST__XML_GETTAG_BUFF_LEN - 3, "..." );
data/starlink-ast-9.2.3+dfsg/src/xml.c:3862:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name_buffer[ 50 ]; /* Buffer for name */
data/starlink-ast-9.2.3+dfsg/src/xml.c:3863:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prefix_buffer[ 50 ]; /* Buffer for prefix */
data/starlink-ast-9.2.3+dfsg/src/xml.h:258:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char GetTag_Buff[ AST__XML_GETTAG_BUFF_LEN + 1 ];
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:293:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *xformat[3] = { NATIVE_STRING, QUOTED_STRING, IVOA_STRING };
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:327:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char getattrib_buff[ 51 ];
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:620:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[ AST__DBL_WIDTH + 30 ];
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:623:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *names[4];
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:653:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *key[ 5 ] = { AST__STCERROR,
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:1012:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buff, "epoch= MJD %.*g", AST__DBL_DIG, time_val );
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:1199:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buff, "epoch= MJD %.*g", AST__DBL_DIG, time_val );
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:1326:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *names[4]; /* Names of the subelements to be searched for */
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:1327:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[100]; /* Message buffer */
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:1345:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *key[ 5 ] = { AST__STCERROR,
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:1793:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *names[4]; /* Names of the subelements to be searched for */
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:1938:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[ 200 ]; /* Message buffer */
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:1940:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *names[3]; /* Names of the subelements to be searched for */
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:2260:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[ 200 ]; /* Msg buffer */
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:2337:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[ 200 ]; /* Msg buffer */
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:2416:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[ 200 ]; /* Msg buffer */
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:2422:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *true[ 5 ] = { "true", "TRUE", "yes", "YES", "1" };
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:2423:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *false[ 5 ] = { "false", "FALSE", "no", "NO", "0" };
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:2520:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *names[2]; /* Names of the subelements to be searched for */
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:2699:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *names[2]; /* Names of the subelements to be searched for */
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:2913:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *names[2]; /* Names of the subelements to be searched for */
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:3014:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *names[1]; /* Names of the subelements to be searched for */
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:3140:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *names[2]; /* Names of the subelements to be searched for */
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:3292:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *names[2]; /* Names of the subelements to be searched for */
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:3419:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *names[2]; /* Names of the subelements to be searched for */
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:3537:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[200]; /* Message buffer */
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:3587:28: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buff, "contains more than %d values - "
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:3590:28: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buff, "contains more than 1 value - "
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:3744:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *names[4]; /* Names of the subelements to be searched for */
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:3906:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *names[4]; /* Names of the subelements to be searched for */
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:4166:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[ 200 ]; /* Message buffer */
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:4746:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:5130:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *names[1]; /* Names of the subelements to be searched for */
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:5518:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[100]; /* Text buffer */
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:5519:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *names[3]; /* Names of the subelements to be searched for */
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:5602:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buff, "%.*g %.*g", AST__DBL_DIG, pos[0], AST__DBL_DIG, pos[1] );
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:5611:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buff, "%.*g %.*g", AST__DBL_DIG, pos[0], AST__DBL_DIG, pos[1] );
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:5669:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *names[1]; /* Names of the subelements to be searched for */
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:5747:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *names[2]; /* Names of the subelements to be searched for */
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:5848:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char setting[ 100 ]; /* Attribute setting string */
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:5963:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( setting, "ObsLon(%d)=%.*g", i + 1, AST__DBL_DIG, lambda*AST__DR2D );
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:5965:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( setting, "ObsLat(%d)=%.*g", i + 1, AST__DBL_DIG, phi*AST__DR2D );
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:5968:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( setting, "ObsLon(%d)=%.*g", i + 1, AST__DBL_DIG, lambda*AST__DR2D );
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:5970:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( setting, "ObsLat(%d)=%.*g", i + 1, AST__DBL_DIG, phi*AST__DR2D );
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:6170:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *names[1];
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:6414:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[ 200 ]; /* Message buffer */
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:6537:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *names[6]; /* Names of the subelements to be searched for */
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:6906:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *names[1]; /* Names of the subelements to be searched for */
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:7739:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char orgatt[ 20 ];
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:7740:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char orgset[ 80 ];
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:7741:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char setting[ 80 ];
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:7742:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sysatt[ 20 ];
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:7743:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sysset[ 80 ];
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:7757:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *key[ 5 ] = { AST__STCERROR,
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:7811:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( orgatt, "TimeOrigin(%d)", i + 1 );
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:7820:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( sysatt, "System(%d)", i + 1 );
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:7835:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( setting, "Epoch=MJD %.*g", AST__DBL_DIG, epoch );
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:7958:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *names[3]; /* Names of the subelements to be searched for */
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:8122:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *names[2]; /* Names of the subelements to be searched for */
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:8275:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *names[6]; /* Names of the subelements to be searched for */
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:8968:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[ 200 ]; /* Message buffer */
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:9355:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *names[4]; /* Names of the subelements to be searched for */
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:9563:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[200]; /* Buffer for failure message */
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:9686:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *names[6]; /* Names of the subelements to be searched for */
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:9975:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *names[2]; /* Names of the subelements to be searched for */
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:10096:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *names[2]; /* Names of the subelements to be searched for */
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:10249:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[200]; /* Message buffer */
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:10251:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *names[2]; /* Names of the subelements to be searched for */
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:10415:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[ 200 ]; /* Message buffer */
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:10803:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *names[1]; /* Names of the subelements to be searched for */
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:10957:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *names[3]; /* Names of the subelements to be searched for */
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:11054:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *names[2]; /* Names of the subelements to be searched for */
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:11181:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *names[6]; /* Names of the subelements to be searched for */
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:11482:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[ 80 ];
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:11584:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *names[1]; /* Names of the subelements to be searched for */
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:11917:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *names[2]; /* Names of the subelements to be searched for */
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:12174:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[ BUFF_LEN + 1 ]; /* Local formatting buffer */
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:12203:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "%.*g", AST__DBL_DIG, value );
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:12463:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[ BUFF_LEN + 1 ]; /* Local formatting buffer */
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:12490:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "%d", value );
data/starlink-ast-9.2.3+dfsg/src/xmlchan.h:152:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char GetAttrib_Buff[ 51 ];
data/starlink-ast-9.2.3+dfsg/src/yamlchan.c:293:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *xencod[1] = { ASDF_STRING };
data/starlink-ast-9.2.3+dfsg/src/yamlchan.c:329:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char getattrib_buff[ GETATTRIB_BUFF_LEN + 1 ];
data/starlink-ast-9.2.3+dfsg/src/yamlchan.c:454:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static void Deuler( const char *, double *, double[3][3], int * );
data/starlink-ast-9.2.3+dfsg/src/yamlchan.c:812:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/yamlchan.c:819:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%d", ival );
data/starlink-ast-9.2.3+dfsg/src/yamlchan.c:1860:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static void Deuler( const char *order, double *angles, double rmat[3][3],
data/starlink-ast-9.2.3+dfsg/src/yamlchan.c:2569:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
n1 = sprintf( buf, "%.*g", ndig - 2, dval );
data/starlink-ast-9.2.3+dfsg/src/yamlchan.c:2574:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
n2 = sprintf( buf, "%.*g", ndig, dval );
data/starlink-ast-9.2.3+dfsg/src/yamlchan.c:2576:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf, "%.*g", ndig - 2, dval );
data/starlink-ast-9.2.3+dfsg/src/yamlchan.c:2584:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( buf + n1, ".0" );
data/starlink-ast-9.2.3+dfsg/src/yamlchan.c:4035:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vbuf[ 200 ];
data/starlink-ast-9.2.3+dfsg/src/yamlchan.c:5308:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( buffer, text, *size_read );
data/starlink-ast-9.2.3+dfsg/src/yamlchan.c:5473:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rowkey[30];
data/starlink-ast-9.2.3+dfsg/src/yamlchan.c:5620:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( rowkey, "data_%d", irow );
data/starlink-ast-9.2.3+dfsg/src/yamlchan.c:5981:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *axis_physical_types[ MXDIM ];
data/starlink-ast-9.2.3+dfsg/src/yamlchan.c:5984:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *unit[ MXDIM ];
data/starlink-ast-9.2.3+dfsg/src/yamlchan.c:6719:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *axes_names[ MXDIM ];
data/starlink-ast-9.2.3+dfsg/src/yamlchan.c:6720:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *axis_physical_types[ MXDIM ];
data/starlink-ast-9.2.3+dfsg/src/yamlchan.c:6723:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *unit[ MXDIM ];
data/starlink-ast-9.2.3+dfsg/src/yamlchan.c:7382:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rowname[20];
data/starlink-ast-9.2.3+dfsg/src/yamlchan.c:7438:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( rowname, "coefficients_%d", irow++ );
data/starlink-ast-9.2.3+dfsg/src/yamlchan.c:11289:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[ 100 ];
data/starlink-ast-9.2.3+dfsg/src/yamlchan.c:11348:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[ 100 ];
data/starlink-ast-9.2.3+dfsg/src/yamlchan.c:11363:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "%d", value );
data/starlink-ast-9.2.3+dfsg/src/yamlchan.c:11504:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[ 100 ];
data/starlink-ast-9.2.3+dfsg/src/yamlchan.c:11579:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[ 100 ];
data/starlink-ast-9.2.3+dfsg/src/yamlchan.c:11604:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( buff, "%d", *pv );
data/starlink-ast-9.2.3+dfsg/src/yamlchan.c:11944:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *values[ 2 ];
data/starlink-ast-9.2.3+dfsg/src/yamlchan.c:12406:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *values[ MXDIM ];
data/starlink-ast-9.2.3+dfsg/src/yamlchan.c:12581:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rowkey[30];
data/starlink-ast-9.2.3+dfsg/src/yamlchan.c:12609:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( rowkey, "data_%d", irow );
data/starlink-ast-9.2.3+dfsg/src/yamlchan.h:138:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char GetAttrib_Buff[ AST__YAMLCHAN_GETATTRIB_BUFF_LEN + 1 ];
data/starlink-ast-9.2.3+dfsg/src/zoommap.c:154:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char getattrib_buff[ 101 ];
data/starlink-ast-9.2.3+dfsg/src/zoommap.c:413:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf( getattrib_buff, "%.*g", AST__DBL_DIG, zoom );
data/starlink-ast-9.2.3+dfsg/src/zoommap.h:214:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char GetAttrib_Buff[ 101 ];
data/starlink-ast-9.2.3+dfsg/wcslib/proj.c:354:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char pcode[4];
data/starlink-ast-9.2.3+dfsg/wcslib/proj.c:479:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(prj->code, "AZP");
data/starlink-ast-9.2.3+dfsg/wcslib/proj.c:661:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(prj->code, "SZP");
data/starlink-ast-9.2.3+dfsg/wcslib/proj.c:847:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(prj->code, "TAN");
data/starlink-ast-9.2.3+dfsg/wcslib/proj.c:939:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(prj->code, "STG");
data/starlink-ast-9.2.3+dfsg/wcslib/proj.c:1039:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(prj->code, "SIN");
data/starlink-ast-9.2.3+dfsg/wcslib/proj.c:1229:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(prj->code, "ARC");
data/starlink-ast-9.2.3+dfsg/wcslib/proj.c:1327:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(prj->code, "ZPN");
data/starlink-ast-9.2.3+dfsg/wcslib/proj.c:1571:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(prj->code, "ZEA");
data/starlink-ast-9.2.3+dfsg/wcslib/proj.c:1685:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(prj->code, "AIR");
data/starlink-ast-9.2.3+dfsg/wcslib/proj.c:1857:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(prj->code, "CYP");
data/starlink-ast-9.2.3+dfsg/wcslib/proj.c:1992:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(prj->code, "CEA");
data/starlink-ast-9.2.3+dfsg/wcslib/proj.c:2093:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(prj->code, "CAR");
data/starlink-ast-9.2.3+dfsg/wcslib/proj.c:2173:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(prj->code, "MER");
data/starlink-ast-9.2.3+dfsg/wcslib/proj.c:2257:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(prj->code, "SFL");
data/starlink-ast-9.2.3+dfsg/wcslib/proj.c:2346:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(prj->code, "PAR");
data/starlink-ast-9.2.3+dfsg/wcslib/proj.c:2452:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(prj->code, "MOL");
data/starlink-ast-9.2.3+dfsg/wcslib/proj.c:2598:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(prj->code, "AIT");
data/starlink-ast-9.2.3+dfsg/wcslib/proj.c:2716:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(prj->code, "COP");
data/starlink-ast-9.2.3+dfsg/wcslib/proj.c:2847:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(prj->code, "COE");
data/starlink-ast-9.2.3+dfsg/wcslib/proj.c:2983:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(prj->code, "COD");
data/starlink-ast-9.2.3+dfsg/wcslib/proj.c:3099:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(prj->code, "COO");
data/starlink-ast-9.2.3+dfsg/wcslib/proj.c:3234:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(prj->code, "BON");
data/starlink-ast-9.2.3+dfsg/wcslib/proj.c:3347:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(prj->code, "PCO");
data/starlink-ast-9.2.3+dfsg/wcslib/proj.c:3506:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(prj->code, "TSC");
data/starlink-ast-9.2.3+dfsg/wcslib/proj.c:3726:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(prj->code, "CSC");
data/starlink-ast-9.2.3+dfsg/wcslib/proj.c:4049:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(prj->code, "QSC");
data/starlink-ast-9.2.3+dfsg/wcslib/proj.c:4460:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(prj->code, "HPX");
data/starlink-ast-9.2.3+dfsg/wcslib/proj.c:4641:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(prj->code, "XPH");
data/starlink-ast-9.2.3+dfsg/wcslib/proj.h:62:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char pcodes[26][4];
data/starlink-ast-9.2.3+dfsg/wcslib/proj.h:65:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char code[4];
data/starlink-ast-9.2.3+dfsg/src/axis.c:336:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( str1 && !strcmp( str1, str2 ) ) result += strlen( str2 );
data/starlink-ast-9.2.3+dfsg/src/axis.c:519:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = (int) strlen( str );
data/starlink-ast-9.2.3+dfsg/src/axis.c:557:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p += strlen( log_del );
data/starlink-ast-9.2.3+dfsg/src/axis.c:1579:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nc = strlen( result );
data/starlink-ast-9.2.3+dfsg/src/axis.c:2215:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rlen = strlen( result );
data/starlink-ast-9.2.3+dfsg/src/axis.c:2301:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = (int) strlen( setting );
data/starlink-ast-9.2.3+dfsg/src/axis.c:2667:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen( value ) + (size_t) 1 ))
data/starlink-ast-9.2.3+dfsg/src/axis.c:2686:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen( value ) + (size_t) 1 ))
data/starlink-ast-9.2.3+dfsg/src/axis.c:2705:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen( value ) + (size_t) 1 ))
data/starlink-ast-9.2.3+dfsg/src/axis.c:2723:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen( value ) + (size_t) 1 ))
data/starlink-ast-9.2.3+dfsg/src/axis.c:2782:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen( in->label ) + (size_t) 1 );
data/starlink-ast-9.2.3+dfsg/src/axis.c:2784:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen( in->format ) + (size_t) 1 );
data/starlink-ast-9.2.3+dfsg/src/axis.c:2786:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen( in->symbol ) + (size_t) 1 );
data/starlink-ast-9.2.3+dfsg/src/axis.c:2788:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen( in->unit ) + (size_t) 1 );
data/starlink-ast-9.2.3+dfsg/src/channel.c:489:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
a = astStore( NULL, msg, strlen( msg ) + 1 );
data/starlink-ast-9.2.3+dfsg/src/channel.c:1172:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( line );
data/starlink-ast-9.2.3+dfsg/src/channel.c:1505:30: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( errno = 0, c = getc( fd ), readstat = errno,
data/starlink-ast-9.2.3+dfsg/src/channel.c:3041:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& ( nc >= (int) strlen( value->ptr.string ) ) ) {
data/starlink-ast-9.2.3+dfsg/src/channel.c:3046:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& ( nc >= (int) strlen( value->ptr.string ) ) ) ) {
data/starlink-ast-9.2.3+dfsg/src/channel.c:3167:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& ( nc >= (int) strlen( value->ptr.string ) ) ) ) {
data/starlink-ast-9.2.3+dfsg/src/channel.c:3408:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result = astStore( NULL, def, strlen( def ) + (size_t) 1 );
data/starlink-ast-9.2.3+dfsg/src/channel.c:3536:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = (int) strlen( setting );
data/starlink-ast-9.2.3+dfsg/src/channel.c:3712:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( line ) result = astString( line, (int) strlen( line ) );
data/starlink-ast-9.2.3+dfsg/src/channel.c:5078:142: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
astMAKE_SET(Channel,SourceFile,const char *,fn_in,((this->fd_in=(this->fd_in?(fclose(this->fd_in),NULL):NULL)),astStore( this->fn_in, value, strlen( value ) + (size_t) 1 )))
data/starlink-ast-9.2.3+dfsg/src/channel.c:5154:145: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
astMAKE_SET(Channel,SinkFile,const char *,fn_out,((this->fd_out=(this->fd_out?(fclose(this->fd_out),NULL):NULL)),astStore( this->fn_out, value, strlen( value ) + (size_t) 1 )))
data/starlink-ast-9.2.3+dfsg/src/cmpframe.c:1557:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( attrib );
data/starlink-ast-9.2.3+dfsg/src/cmpframe.c:3249:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( attrib );
data/starlink-ast-9.2.3+dfsg/src/cmpframe.c:3610:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dom1 = t ? astStore( NULL, t, strlen(t) + 1 ) : NULL;
data/starlink-ast-9.2.3+dfsg/src/cmpframe.c:3612:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dom2 = t ? astStore( NULL, t, strlen(t) + 1 ) : NULL;
data/starlink-ast-9.2.3+dfsg/src/cmpframe.c:3615:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( strlen( dom1 ) > 0 || strlen( dom2 ) > 0 ) {
data/starlink-ast-9.2.3+dfsg/src/cmpframe.c:3615:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( strlen( dom1 ) > 0 || strlen( dom2 ) > 0 ) {
data/starlink-ast-9.2.3+dfsg/src/cmpframe.c:5256:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen( ptr ) + (size_t) 1 );
data/starlink-ast-9.2.3+dfsg/src/cmpframe.c:8253:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( setting );
data/starlink-ast-9.2.3+dfsg/src/cmpframe.c:9559:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( attrib );
data/starlink-ast-9.2.3+dfsg/src/dsbspecframe.c:1312:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = (int) strlen( setting );
data/starlink-ast-9.2.3+dfsg/src/error.c:591:13: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
nc += sprintf( buff + nc, "." );
data/starlink-ast-9.2.3+dfsg/src/error.c:599:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
message_stack[ imess ] = MALLOC( strlen( buff ) + 1 );
data/starlink-ast-9.2.3+dfsg/src/error.c:621:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
message_stack[ imess ] = MALLOC( strlen( buff ) + 1 );
data/starlink-ast-9.2.3+dfsg/src/error.c:718:13: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
nc += sprintf( buff + nc, "." );
data/starlink-ast-9.2.3+dfsg/src/error.c:726:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
message_stack[ imess ] = MALLOC( strlen( buff ) + 1 );
data/starlink-ast-9.2.3+dfsg/src/error.c:748:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
message_stack[ imess ] = MALLOC( strlen( buff ) + 1 );
data/starlink-ast-9.2.3+dfsg/src/f77.h:575:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
F77_CREATE_CHARACTER(F,strlen(C)); \
data/starlink-ast-9.2.3+dfsg/src/ferror.c:108:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fmessage_length = strlen( message );
data/starlink-ast-9.2.3+dfsg/src/ffitschan.c:155:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lim = (int) strlen( line );
data/starlink-ast-9.2.3+dfsg/src/ffitschan.c:327:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lim = (int) strlen( extname );
data/starlink-ast-9.2.3+dfsg/src/ffitschan.c:516:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = (int) strlen( card );
data/starlink-ast-9.2.3+dfsg/src/ffitschan.c:891:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = (int) strlen( value ); \
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:3385:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( cval && ( strlen(cval) < 5 || strcmp( cval + 4, "-TAB" ) ) ) {
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:3889:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( cval && ( strlen(cval) < 5 || strcmp( cval + 4, "-TAB" ) ) ) {
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:4760:60: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
temp = astStore( NULL, (void *) cval, strlen( cval ) + 1 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:4772:60: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
temp = astStore( NULL, (void *) cval, strlen( cval ) + 1 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:5337:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen( name );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:5719:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = strlen( string );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:6181:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( cval && ( strlen(cval) < 5 || strcmp( cval + 4, "-TAB" ) ) ) {
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:6474:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( strlen(cval) > 4 && !strncmp( " ", cval + 4, 4 ) ) {
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:6475:10: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( newtype, cval, 4 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:6484:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( strlen(cval) > 4 && !strncmp( " ", cval + 4, 4 ) ) {
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:6485:10: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( newtype, cval, 4 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:6997:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = (int) strlen( ostring );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:7009:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( cnvtype_text, (char *) odata, AST__FITSCHAN_FITSCARDLEN );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:7099:16: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy( cnvtype_text, "Y" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:7101:16: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy( cnvtype_text, "N" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:7285:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( text );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:7627:72: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( createkeyword_seq_nchars < 0 ) createkeyword_seq_nchars = (int) strlen( seq_chars );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:7751:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = (int) strlen( dateobs );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:8807:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( pltdecsn, text, 10 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:9171:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = strlen( buf );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:9231:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for( i = strlen( c ); i >= n; i-- ) c[ i + 1 ] = c[ i ];
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:11506:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( strlen( id ) == 1 && isupper( id[ 0 ] ) ) {
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:13426:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for( c = value ; c < value + strlen( value ) + 1; c++ ){
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:14023:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lname = (char *) astStore( NULL, (void *) name, strlen(name) + 1 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:14026:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
c = lname + strlen(lname) - 1;
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:14673:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cl =strlen( string ); \
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:14827:17: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
(void) strncpy( fitsgetcom_sval, CardComm( this, status ), AST__FITSCHAN_FITSCARDLEN );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:15207:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen( CardComm( this, status ) ) + 1 ); \
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:15353:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen( CardComm( this, status ) ) + 1 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:15892:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = (int) strlen( strcpy( buf, CardName( this, status ) ) );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:16019:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
llist = (char *) astStore( NULL, (void *) list, strlen(list) + 1 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:17072:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
newdata = (char *) astStore( NULL, data, strlen( (char *) data ) + 1 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:17082:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = (int) strlen( keyword );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:17217:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nc = strlen( (const char *) data );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:17238:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nn = strlen( upq );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:17272:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*val = astString( buff, (int) strlen( buff ) );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:17280:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*val = astString( buff, (int) strlen( buff ) );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:17933:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int_dig = strlen( buf );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:18276:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( strlen(cval) > 4 && !strcmp( cval + 4, "-TAB" ) ) return ret;
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:19582:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ctype_len = strlen( ctype );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:19587:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( stype, ctype, 4 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:19597:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( algcode, ctype + 4, 4 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:19632:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( algcode[ 0 ] != '-' && strlen( algcode ) > 0 ) isspectral_ret = NULL;
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:20048:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ltok = (int) strlen( token );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:20053:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(int) ( strlen( prefix ) +
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:20054:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen( middle ) +
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:20055:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen( suffix ) ) - 1 - ltok ) / 2;
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:20185:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
key = astMalloc( strlen( col ) + 5 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:20245:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
key = astMalloc( strlen( col ) + 5 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:22587:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nc = strlen( data );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:22608:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nc = strlen( BAD_STRING );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:22634:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nc = strlen( a );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:23560:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( sym && strlen( sym ) ) {
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:23878:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nc = strlen( cval );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:24420:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
clen = strlen( cards );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:24533:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( value );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:25071:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( id && strlen( id ) == 1 && id[ 0 ] == s ) break;
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:25509:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( text );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:25738:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
c = text + strlen( text );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:26167:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nc = strlen( buf );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:26233:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = (int) strlen( setting );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:26783:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen( val ) + 1 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:28719:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( strlen( latsym ) == 4 && strlen( lonsym ) == 4 ) {
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:28719:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( strlen( latsym ) == 4 && strlen( lonsym ) == 4 ) {
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:28736:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( lontype, lonsym, 4 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:28737:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for( i = strlen( lonsym ); i < 4; i++ ) {
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:28740:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( lattype, latsym, 4 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:28741:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for( i = strlen( latsym ); i < 4; i++ ) {
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:28907:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( line ) result = astString( line, (int) strlen( line ) );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:29262:28: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy( ctype + 7, "F" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:29266:28: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy( ctype + 7, "W" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:29268:28: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy( ctype + 7, "A" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:29270:28: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy( ctype + 7, "V" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:29922:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nc = strlen( cval );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:29928:19: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( prj, cval + 4, 4 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:29929:19: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( lontype, cval, 10 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:29936:19: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( prj, cval + 4, 4 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:29937:19: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( lattype, cval, 10 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:29979:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcpy( sprj, strlen( cval ) > 8 ? "----" : " " );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:29983:22: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( spectype + 4, sprj, 4 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:31093:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( *name, card, ( nc > FITSNAMLEN ) ? FITSNAMLEN : nc );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:31097:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( strspn( *name, " " ) == strlen( *name ) ){
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:31104:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dd = *name + strlen( *name ) - 1;
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:31135:23: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
(void) strncpy( *comment, card + FITSNAMLEN,
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:31234:19: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( v, card + FITSNAMLEN + 1, ncv );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:31251:19: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy ( v, "T" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:31254:19: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy ( v, "F" );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:31349:16: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( c, d, ncc );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:31376:61: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( *name ) *name = (char *) astRealloc( (void *) *name, strlen( *name ) + 1 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:31377:70: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( *comment ) *comment = (char *) astRealloc( (void *) *comment, strlen( *comment ) + 1 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:31378:64: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( *value ) *value = (char *) astRealloc( (void *) *value, strlen( *value ) + 1 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:32367:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( ctype && strlen(ctype) > 4 && !strncmp( ctype + 4, "-TAB", 4 ) ) {
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:32576:19: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( name, ctype, 4 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:33497:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i2 = strlen( string ) - 1;
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:33827:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
b = a + strlen( text );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:33848:10: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( buff, a, nc );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:33894:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
b = a + strlen( text );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:33915:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( buff, a, nc );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:34469:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nc = strlen( ctype );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:34501:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ctlen = strlen( ctype );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:34556:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ctlen = strlen( ctype );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:35103:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = keynam[ strlen( keynam ) - 1 ];
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:35119:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = keynam[ strlen( keynam ) - 1 ];
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:35135:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = keynam[ strlen( keynam ) - 1 ];
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:35152:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = keynam[ strlen( keynam ) - 1 ];
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:35169:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = keynam[ strlen( keynam ) - 1 ];
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:35185:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = keynam[ strlen( keynam ) - 1 ];
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:35201:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = keynam[ strlen( keynam ) - 1 ];
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:35217:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = keynam[ strlen( keynam ) - 1 ];
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:35233:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = keynam[ strlen( keynam ) - 1 ];
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:35249:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = keynam[ strlen( keynam ) - 1 ];
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:35265:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = keynam[ strlen( keynam ) - 1 ];
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:35281:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = keynam[ strlen( keynam ) - 1 ];
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:35297:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = keynam[ strlen( keynam ) - 1 ];
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:35313:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = keynam[ strlen( keynam ) - 1 ];
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:35361:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = keynam[ strlen( keynam ) - 1 ];
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:35377:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = keynam[ strlen( keynam ) - 1 ];
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:35393:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = keynam[ strlen( keynam ) - 1 ];
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:35409:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = keynam[ strlen( keynam ) - 1 ];
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:35427:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = keynam[ strlen( keynam ) - 1 ];
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:35443:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = keynam[ strlen( keynam ) - 1 ];
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:35459:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = keynam[ strlen( keynam ) - 1 ];
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:35483:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = keynam[ strlen( keynam ) - 1 ];
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:35499:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = keynam[ strlen( keynam ) - 1 ];
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:35515:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = keynam[ strlen( keynam ) - 1 ];
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:35531:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = keynam[ strlen( keynam ) - 1 ];
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:35595:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = keynam[ strlen( keynam ) - 1 ];
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:35611:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = keynam[ strlen( keynam ) - 1 ];
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:35627:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = keynam[ strlen( keynam ) - 1 ];
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:35643:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = keynam[ strlen( keynam ) - 1 ];
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:35885:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nc = strlen( cval );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:35901:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tabaxis[ i ] = ( prj == AST__WCSBAD && strlen( cval ) >= 8 &&
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:37580:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen( ckeyval ) + 1 );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:37630:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( ckeyval );
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:38080:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( strlen( sys ) == 1 ) {
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:38411:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( strlen( algcode ) == 0 ) {
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:41653:101: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
astMAKE_SET(FitsChan,FitsAxisOrder,const char *,fitsaxisorder,astStore( this->fitsaxisorder, value, strlen( value ) + (size_t) 1 ))
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:41922:66: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
astStore( this->warnings, value, strlen( value ) + (size_t) 1 ) :
data/starlink-ast-9.2.3+dfsg/src/fitschan.c:42160:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen( in->warnings ) + 1 );
data/starlink-ast-9.2.3+dfsg/src/fitstable.c:1011:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name = astStore( NULL, cval, strlen( cval ) + 1 );
data/starlink-ast-9.2.3+dfsg/src/fitstable.c:1019:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unit = astStore( NULL, cval, strlen( cval ) + 1 );
data/starlink-ast-9.2.3+dfsg/src/fitstable.c:2315:16: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf( dimbuf + nc, ")" );
data/starlink-ast-9.2.3+dfsg/src/fluxframe.c:315:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( attrib );
data/starlink-ast-9.2.3+dfsg/src/fluxframe.c:921:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( attrib );
data/starlink-ast-9.2.3+dfsg/src/fluxframe.c:2708:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( setting );
data/starlink-ast-9.2.3+dfsg/src/fluxframe.c:2876:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
value, strlen( value ) + 1 );
data/starlink-ast-9.2.3+dfsg/src/fluxframe.c:3428:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( attrib );
data/starlink-ast-9.2.3+dfsg/src/fluxframe.c:3694:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen( usedunit ) + 1 );
data/starlink-ast-9.2.3+dfsg/src/fluxframe.c:3844:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for( j = 2; j < strlen( buff ); j++ ) buff[ j ] = tolower( buff[ j ] );
data/starlink-ast-9.2.3+dfsg/src/fluxframe.c:4235:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for( j = 0; j < strlen( buff ); j++ ) buff[ j ] = tolower( buff[ j ] );
data/starlink-ast-9.2.3+dfsg/src/fluxframe.c:4250:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sval, strlen( sval ) + 1 );
data/starlink-ast-9.2.3+dfsg/src/fplot.c:540:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ftext_length = strlen( text );
data/starlink-ast-9.2.3+dfsg/src/fplot.c:544:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fjust_length = strlen( just );
data/starlink-ast-9.2.3+dfsg/src/fplot.c:588:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ftext_length = strlen( text );
data/starlink-ast-9.2.3+dfsg/src/fplot.c:592:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fjust_length = strlen( just );
data/starlink-ast-9.2.3+dfsg/src/frame.c:2201:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( attrib );
data/starlink-ast-9.2.3+dfsg/src/frame.c:2555:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
old_units = astStore( NULL, units, strlen( units ) + 1 );
data/starlink-ast-9.2.3+dfsg/src/frame.c:3109:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen( domainlist ) + (size_t) 1 );
data/starlink-ast-9.2.3+dfsg/src/frame.c:4103:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
domainlist_copy = astMalloc( strlen( domainlist ) + (size_t) 3 );
data/starlink-ast-9.2.3+dfsg/src/frame.c:4130:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
domain_copy = astMalloc( strlen( domain ) + (size_t) 3 );
data/starlink-ast-9.2.3+dfsg/src/frame.c:4836:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( attrib );
data/starlink-ast-9.2.3+dfsg/src/frame.c:7245:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen( ptr ) + (size_t) 1 );
data/starlink-ast-9.2.3+dfsg/src/frame.c:8567:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = (int) strlen( value );
data/starlink-ast-9.2.3+dfsg/src/frame.c:9706:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( setting );
data/starlink-ast-9.2.3+dfsg/src/frame.c:10998:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( attrib );
data/starlink-ast-9.2.3+dfsg/src/frame.c:12973:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
value, strlen( value ) + (size_t) 1 ), status ))
data/starlink-ast-9.2.3+dfsg/src/frame.c:13444:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen( value ) + (size_t) 1 ))
data/starlink-ast-9.2.3+dfsg/src/frame.c:13659:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen( in->title ) + (size_t) 1 );
data/starlink-ast-9.2.3+dfsg/src/frame.c:13661:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen( in->domain ) +
data/starlink-ast-9.2.3+dfsg/src/frame.c:15367:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen( fvalue ) + (size_t) 1 );
data/starlink-ast-9.2.3+dfsg/src/frameset.c:1744:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
myname = astStore( NULL, name, strlen( name ) + 1 );
data/starlink-ast-9.2.3+dfsg/src/frameset.c:1799:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( dom ) dom = astStore( NULL, dom, strlen( dom ) + 1 );
data/starlink-ast-9.2.3+dfsg/src/frameset.c:3301:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen( domainlist ) + (size_t) 1 );
data/starlink-ast-9.2.3+dfsg/src/frameset.c:3915:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen( domainlist ) + (size_t) 1 );
data/starlink-ast-9.2.3+dfsg/src/frameset.c:6943:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( ( nc + strlen(dom) + 1 ) < GETALLVARIANTS_BUFF_LEN ) {
data/starlink-ast-9.2.3+dfsg/src/frameset.c:9440:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( setting );
data/starlink-ast-9.2.3+dfsg/src/frameset.c:9860:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
myvar = astStore( NULL, variant, strlen( variant ) + 1 );
data/starlink-ast-9.2.3+dfsg/src/frameset.c:9913:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( dom ) dom = astStore( NULL, dom, strlen( dom ) + 1 );
data/starlink-ast-9.2.3+dfsg/src/frameset.c:11800:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = (int) strlen( settings );
data/starlink-ast-9.2.3+dfsg/src/grf3d_pgplot.c:2635:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( newjust, just, 2 );
data/starlink-ast-9.2.3+dfsg/src/grf3d_pgplot.c:2773:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tlen = strlen( text );
data/starlink-ast-9.2.3+dfsg/src/grf_pgplot.c:1291:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ftext_length = strlen( text );
data/starlink-ast-9.2.3+dfsg/src/grf_pgplot.c:1317:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ftext_length = strlen( text );
data/starlink-ast-9.2.3+dfsg/src/grf_pgplot.c:1367:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ftext_length = strlen( text );
data/starlink-ast-9.2.3+dfsg/src/grismmap.c:1319:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = (int) strlen( setting );
data/starlink-ast-9.2.3+dfsg/src/intramap.c:909:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
astStore( NULL, purpose, strlen( purpose ) + (size_t) 1 );
data/starlink-ast-9.2.3+dfsg/src/intramap.c:911:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
astStore( NULL, author, strlen( author ) + (size_t) 1 );
data/starlink-ast-9.2.3+dfsg/src/intramap.c:913:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
astStore( NULL, contact, strlen( contact ) + (size_t) 1 );
data/starlink-ast-9.2.3+dfsg/src/intramap.c:1677:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( setting );
data/starlink-ast-9.2.3+dfsg/src/intramap.c:2097:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen( value ) +
data/starlink-ast-9.2.3+dfsg/src/intramap.c:2152:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen( in->intraflag ) +
data/starlink-ast-9.2.3+dfsg/src/keymap.c:1956:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( ( nval == 1 ) && ( nc >= (int) strlen( cval ) ) ) {
data/starlink-ast-9.2.3+dfsg/src/keymap.c:1961:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( ( nval == 1 ) && ( nc >= (int) strlen( cval ) ) ) {
data/starlink-ast-9.2.3+dfsg/src/keymap.c:1972:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( ( nval == 1 ) && ( nc >= (int) strlen( cval ) ) ) {
data/starlink-ast-9.2.3+dfsg/src/keymap.c:1977:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( ( nval == 1 ) && ( nc >= (int) strlen( cval ) ) ) {
data/starlink-ast-9.2.3+dfsg/src/keymap.c:1988:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( ( nval == 1 ) && ( nc >= (int) strlen( cval ) ) ) {
data/starlink-ast-9.2.3+dfsg/src/keymap.c:1993:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( ( nval == 1 ) && ( nc >= (int) strlen( cval ) ) ) {
data/starlink-ast-9.2.3+dfsg/src/keymap.c:2005:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
( nc >= (int) strlen( cval ) ) ) {
data/starlink-ast-9.2.3+dfsg/src/keymap.c:2009:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
( nc >= (int) strlen( cval ) ) ) {
data/starlink-ast-9.2.3+dfsg/src/keymap.c:2020:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( ( nval == 1 ) && ( nc >= (int) strlen( cval ) ) ) {
data/starlink-ast-9.2.3+dfsg/src/keymap.c:2148:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result = strlen( cvalue ) + 1;
data/starlink-ast-9.2.3+dfsg/src/keymap.c:2240:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result->key = text ? astStore( NULL, text, strlen( text ) + 1 ) : NULL;
data/starlink-ast-9.2.3+dfsg/src/keymap.c:2242:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result->comment = text ? astStore( NULL, text, strlen( text ) + 1 ) : NULL;
data/starlink-ast-9.2.3+dfsg/src/keymap.c:2256:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen( text ) + 1 ) : NULL;
data/starlink-ast-9.2.3+dfsg/src/keymap.c:2268:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
slist[ i ] = text ? astStore( NULL, text, strlen( text ) + 1 ) : NULL;
data/starlink-ast-9.2.3+dfsg/src/keymap.c:4341:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen( value ) + (size_t) 1 );
data/starlink-ast-9.2.3+dfsg/src/keymap.c:4501:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
keylen = strlen( key ); \
data/starlink-ast-9.2.3+dfsg/src/keymap.c:4503:66: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( comment ) mapentry->comment = astStore( NULL, comment, strlen( comment ) + 1 ); \
data/starlink-ast-9.2.3+dfsg/src/keymap.c:4572:65: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
MAKE_MAPPUT0(C,const char *,AST__STRINGTYPE,astStore(NULL,value,strlen(value)+1))
data/starlink-ast-9.2.3+dfsg/src/keymap.c:4727:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
keylen = strlen( key ); \
data/starlink-ast-9.2.3+dfsg/src/keymap.c:4729:66: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( comment ) mapentry->comment = astStore( NULL, comment, strlen( comment ) + 1 ); \
data/starlink-ast-9.2.3+dfsg/src/keymap.c:4805:73: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
MAKE_MAPPUT1(C,const char *const,AST__STRINGTYPE,astStore(NULL,value[i],strlen(value[i])+1))
data/starlink-ast-9.2.3+dfsg/src/keymap.c:4883:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
keylen = strlen( key );
data/starlink-ast-9.2.3+dfsg/src/keymap.c:4885:66: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( comment ) mapentry->comment = astStore( NULL, comment, strlen( comment ) + 1 );
data/starlink-ast-9.2.3+dfsg/src/keymap.c:5026:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
keylen = strlen( key );
data/starlink-ast-9.2.3+dfsg/src/keymap.c:5028:66: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( comment ) mapentry->comment = astStore( NULL, comment, strlen( comment ) + 1 );
data/starlink-ast-9.2.3+dfsg/src/keymap.c:5994:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( val, cvalue, l - 1 );
data/starlink-ast-9.2.3+dfsg/src/keymap.c:6859:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( value, cvalue, l - 1 );
data/starlink-ast-9.2.3+dfsg/src/keymap.c:7417:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
keylen = strlen( newkey );
data/starlink-ast-9.2.3+dfsg/src/keymap.c:8150:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*cp = astStore( NULL, *cp, strlen( *cp ) + 1 ); \
data/starlink-ast-9.2.3+dfsg/src/keymap.c:8877:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = (int) strlen( setting );
data/starlink-ast-9.2.3+dfsg/src/lutmap.c:1119:8: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
int equal; /* Are LutMaps equal? */
data/starlink-ast-9.2.3+dfsg/src/lutmap.c:1209:14: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if( equal ) {
data/starlink-ast-9.2.3+dfsg/src/lutmap.c:1297:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = (int) strlen( setting );
data/starlink-ast-9.2.3+dfsg/src/mapping.c:16294:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = (int) strlen( setting );
data/starlink-ast-9.2.3+dfsg/src/mathmap.c:3073:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
( *exprs )[ ifun ] = astMalloc( strlen( ex ) + (size_t) 1 );
data/starlink-ast-9.2.3+dfsg/src/mathmap.c:4529:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
found = ( nc == (int) strlen( var[ *ivar ] ) ) &&
data/starlink-ast-9.2.3+dfsg/src/mathmap.c:5015:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( setting );
data/starlink-ast-9.2.3+dfsg/src/memory.c:621:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = *nc + (int) strlen( str2 );
data/starlink-ast-9.2.3+dfsg/src/memory.c:897:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nct = strlen( text );
data/starlink-ast-9.2.3+dfsg/src/memory.c:1373:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( str );
data/starlink-ast-9.2.3+dfsg/src/memory.c:1771:16: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( w, ws, wl );
data/starlink-ast-9.2.3+dfsg/src/memory.c:2121:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cptr = astStore( NULL, pattern, strlen( pattern ) + 1 );
data/starlink-ast-9.2.3+dfsg/src/memory.c:2149:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tlen = strlen( temp );
data/starlink-ast-9.2.3+dfsg/src/memory.c:2200:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result = ChrMatcher( test, test + strlen( test ), template, pattern,
data/starlink-ast-9.2.3+dfsg/src/memory.c:2448:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nct = strlen( text );
data/starlink-ast-9.2.3+dfsg/src/memory.c:3208:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
na = strlen( a );
data/starlink-ast-9.2.3+dfsg/src/memory.c:3380:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
stl = strlen( subs[ i ] );
data/starlink-ast-9.2.3+dfsg/src/memory.c:4368:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( string );
data/starlink-ast-9.2.3+dfsg/src/memory.c:4444:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = strlen( string );
data/starlink-ast-9.2.3+dfsg/src/memory.c:4579:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lstr = strlen( str );
data/starlink-ast-9.2.3+dfsg/src/memory.c:4790:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mem = astCalloc( 1, strlen( text ) + 1 );
data/starlink-ast-9.2.3+dfsg/src/memory.c:5538:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( mem->file, AST__GLOBALS->Error.Current_File, sizeof(mem->file) );
data/starlink-ast-9.2.3+dfsg/src/moc.c:4949:15: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
nc = sprintf( token, "]" );
data/starlink-ast-9.2.3+dfsg/src/moc.c:4971:12: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
nc = sprintf( token, "}" );
data/starlink-ast-9.2.3+dfsg/src/moc.c:8518:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( setting );
data/starlink-ast-9.2.3+dfsg/src/mocchan.c:685:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = (int) strlen( setting );
data/starlink-ast-9.2.3+dfsg/src/mocchan.c:886:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( line ) result = astString( line, (int) strlen( line ) );
data/starlink-ast-9.2.3+dfsg/src/mocchan.c:937:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( result ) *nc = strlen( result ) ;
data/starlink-ast-9.2.3+dfsg/src/object.c:1120:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = (int) strlen( attrib );
data/starlink-ast-9.2.3+dfsg/src/object.c:1415:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
new->ident = astStore( NULL, this->ident, strlen( this->ident ) + 1 );
data/starlink-ast-9.2.3+dfsg/src/object.c:1876:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
this->vtab->defaults = astStore( NULL, attrs, strlen( attrs ) + 1 );
data/starlink-ast-9.2.3+dfsg/src/object.c:2021:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buff = astMalloc( strlen( attrib ) + (size_t) 1 );
data/starlink-ast-9.2.3+dfsg/src/object.c:2575:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( ( nval == 1 ) && ( nc >= (int) strlen( str ) ) ) { \
data/starlink-ast-9.2.3+dfsg/src/object.c:2640:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
value, strlen( value ) + (size_t) 1 );
data/starlink-ast-9.2.3+dfsg/src/object.c:3281:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = (int) strlen( setting );
data/starlink-ast-9.2.3+dfsg/src/object.c:3889:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
newv = astMalloc( (size_t)( strlen( value ) + 1 ) );
data/starlink-ast-9.2.3+dfsg/src/object.c:4065:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = (int) strlen( attrib );
data/starlink-ast-9.2.3+dfsg/src/object.c:4425:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( p ) ;
data/starlink-ast-9.2.3+dfsg/src/object.c:4439:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( value ) ;
data/starlink-ast-9.2.3+dfsg/src/object.c:4575:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nc = nl ? nl - data->ptr : strlen( data->ptr );
data/starlink-ast-9.2.3+dfsg/src/object.c:4704:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = (int) strlen( settings );
data/starlink-ast-9.2.3+dfsg/src/object.c:4785:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nc = strlen( buff1 );
data/starlink-ast-9.2.3+dfsg/src/object.c:5027:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen( value ) + (size_t) 1 ))
data/starlink-ast-9.2.3+dfsg/src/object.c:5069:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen( value ) + (size_t) 1 ))
data/starlink-ast-9.2.3+dfsg/src/pcdmap.c:909:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( attrib );
data/starlink-ast-9.2.3+dfsg/src/pcdmap.c:1087:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( attrib );
data/starlink-ast-9.2.3+dfsg/src/pcdmap.c:1969:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = (int) strlen( setting );
data/starlink-ast-9.2.3+dfsg/src/pcdmap.c:2066:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( attrib );
data/starlink-ast-9.2.3+dfsg/src/plot.c:4644:4: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
getchar();
data/starlink-ast-9.2.3+dfsg/src/plot.c:6105:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( label ) + 1;
data/starlink-ast-9.2.3+dfsg/src/plot.c:6127:66: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
list[ i ] = (char *) astStore( NULL, (void *) label, strlen( label ) + 1 );
data/starlink-ast-9.2.3+dfsg/src/plot.c:6254:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
llen = strlen( label );
data/starlink-ast-9.2.3+dfsg/src/plot.c:6258:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( llen > strlen( old_list[ i ] ) ) {
data/starlink-ast-9.2.3+dfsg/src/plot.c:6335:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = strlen( string );
data/starlink-ast-9.2.3+dfsg/src/plot.c:6547:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( attrib );
data/starlink-ast-9.2.3+dfsg/src/plot.c:7774:8: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if( getchar() == 'm' ) {
data/starlink-ast-9.2.3+dfsg/src/plot.c:9937:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lt = (char *) astStore( NULL, (void *) text, strlen( text ) + 1 );
data/starlink-ast-9.2.3+dfsg/src/plot.c:11220:85: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(labellist + naxlab)->text = (char *) astStore( NULL, (void *) text, strlen(text) + 1 );
data/starlink-ast-9.2.3+dfsg/src/plot.c:11221:93: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(labellist + naxlab)->just = (char *) astStore( NULL, (void *) just[ axis ], strlen(just[ axis ]) + 1 );
data/starlink-ast-9.2.3+dfsg/src/plot.c:12324:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*nc = strlen( text );
data/starlink-ast-9.2.3+dfsg/src/plot.c:13142:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen( value );
data/starlink-ast-9.2.3+dfsg/src/plot.c:15574:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( attrib );
data/starlink-ast-9.2.3+dfsg/src/plot.c:18129:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dlen = strlen( desc );
data/starlink-ast-9.2.3+dfsg/src/plot.c:18132:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = astStore( NULL, desc, dlen + strlen( text ) + 1 );
data/starlink-ast-9.2.3+dfsg/src/plot.c:19520:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if( nc < strlen( text ) ) {
data/starlink-ast-9.2.3+dfsg/src/plot.c:21209:98: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(labellist + nlab)->text = (char *) astStore( NULL, (void *) text, strlen(text) + 1 );
data/starlink-ast-9.2.3+dfsg/src/plot.c:21212:98: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(labellist + nlab)->just = (char *) astStore( NULL, (void *) just, strlen(just) + 1 );
data/starlink-ast-9.2.3+dfsg/src/plot.c:23818:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lolen = strlen( textlo );
data/starlink-ast-9.2.3+dfsg/src/plot.c:23819:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hilen = strlen( texthi );
data/starlink-ast-9.2.3+dfsg/src/plot.c:24970:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = (int) strlen( setting );
data/starlink-ast-9.2.3+dfsg/src/plot.c:25934:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( attrib );
data/starlink-ast-9.2.3+dfsg/src/plot.c:27440:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
old_format = astStore( NULL, (void *) fmt, strlen(fmt) + 1 );
data/starlink-ast-9.2.3+dfsg/src/plot.c:27503:71: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( fmt ) used_fmt = (char *) astStore( used_fmt, (void *) fmt, strlen( fmt ) + 1 );
data/starlink-ast-9.2.3+dfsg/src/plot.c:27587:63: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
used_fmt = (char *) astStore( NULL, (void *) fmt, strlen( fmt ) + 1 );
data/starlink-ast-9.2.3+dfsg/src/plot3d.c:2340:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( attrib );
data/starlink-ast-9.2.3+dfsg/src/plot3d.c:3232:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( attrib );
data/starlink-ast-9.2.3+dfsg/src/plot3d.c:5615:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = (int) strlen( setting );
data/starlink-ast-9.2.3+dfsg/src/plot3d.c:6532:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( attrib );
data/starlink-ast-9.2.3+dfsg/src/pointlist.c:2127:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = (int) strlen( setting );
data/starlink-ast-9.2.3+dfsg/src/pointset.c:1979:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = (int) strlen( setting );
data/starlink-ast-9.2.3+dfsg/src/polygon.c:5121:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( setting );
data/starlink-ast-9.2.3+dfsg/src/polymap.c:4383:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = (int) strlen( setting );
data/starlink-ast-9.2.3+dfsg/src/prism.c:2923:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( batt );
data/starlink-ast-9.2.3+dfsg/src/prism.c:3056:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( bset );
data/starlink-ast-9.2.3+dfsg/src/region.c:8446:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nc = strlen( aattrib );
data/starlink-ast-9.2.3+dfsg/src/region.c:8465:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( attrib );
data/starlink-ast-9.2.3+dfsg/src/region.c:8482:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
battrib = astMalloc( strlen( attrib ) + 10 );
data/starlink-ast-9.2.3+dfsg/src/region.c:8526:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*base_attrib = astStore( NULL, attrib, strlen( attrib ) + 1 );
data/starlink-ast-9.2.3+dfsg/src/region.c:9882:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nc = strlen( asetting );
data/starlink-ast-9.2.3+dfsg/src/region.c:9901:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( setting );
data/starlink-ast-9.2.3+dfsg/src/region.c:9918:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bsetting = astMalloc( strlen( setting ) + 10 );
data/starlink-ast-9.2.3+dfsg/src/region.c:9964:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*base_setting = astStore( NULL, setting, strlen( setting ) + 1 );
data/starlink-ast-9.2.3+dfsg/src/region.c:10373:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( setting );
data/starlink-ast-9.2.3+dfsg/src/selectormap.c:676:8: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
int equal;
data/starlink-ast-9.2.3+dfsg/src/selectormap.c:758:14: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if( equal ) {
data/starlink-ast-9.2.3+dfsg/src/selectormap.c:1574:8: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
int equal; /* Are Frames equal? */
data/starlink-ast-9.2.3+dfsg/src/selectormap.c:1594:12: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if( !equal ) {
data/starlink-ast-9.2.3+dfsg/src/skyaxis.c:646:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = t + strlen( term );
data/starlink-ast-9.2.3+dfsg/src/skyaxis.c:704:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = t + strlen( term );
data/starlink-ast-9.2.3+dfsg/src/skyaxis.c:752:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = t + strlen( term );
data/starlink-ast-9.2.3+dfsg/src/skyaxis.c:3673:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = (int) strlen( setting );
data/starlink-ast-9.2.3+dfsg/src/skyaxis.c:3756:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen( format ) + (size_t) 1 );
data/starlink-ast-9.2.3+dfsg/src/skyaxis.c:4565:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen( in->skyformat ) + (size_t) 1 );
data/starlink-ast-9.2.3+dfsg/src/skyframe.c:1450:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( attrib );
data/starlink-ast-9.2.3+dfsg/src/skyframe.c:2643:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( attrib );
data/starlink-ast-9.2.3+dfsg/src/skyframe.c:4637:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for ( lextra = (int) strlen( extra ); lextra > 0; lextra-- ) {
data/starlink-ast-9.2.3+dfsg/src/skyframe.c:8596:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( setting );
data/starlink-ast-9.2.3+dfsg/src/skyframe.c:8662:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( nc == strlen( setting + offset ) ) {
data/starlink-ast-9.2.3+dfsg/src/skyframe.c:8716:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( nc == strlen( setting + offset ) ) {
data/starlink-ast-9.2.3+dfsg/src/skyframe.c:10347:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( attrib );
data/starlink-ast-9.2.3+dfsg/src/skyframe.c:11354:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
this->projection, value, strlen( value ) + (size_t) 1 ))
data/starlink-ast-9.2.3+dfsg/src/skyframe.c:11607:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen( in->projection ) + (size_t) 1 );
data/starlink-ast-9.2.3+dfsg/src/specframe.c:479:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( attrib );
data/starlink-ast-9.2.3+dfsg/src/specframe.c:1273:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( attrib );
data/starlink-ast-9.2.3+dfsg/src/specframe.c:1599:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf( getlabel_buff + strlen( getlabel_buff ), " offset from %s",
data/starlink-ast-9.2.3+dfsg/src/specframe.c:3646:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( setting );
data/starlink-ast-9.2.3+dfsg/src/specframe.c:4232:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
value, strlen( value ) + 1 );
data/starlink-ast-9.2.3+dfsg/src/specframe.c:5359:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( attrib );
data/starlink-ast-9.2.3+dfsg/src/specframe.c:6414:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen( usedunit ) + 1 );
data/starlink-ast-9.2.3+dfsg/src/specframe.c:6687:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for( j = 2; j < strlen( buff ); j++ ) buff[ j ] = tolower( buff[ j ] );
data/starlink-ast-9.2.3+dfsg/src/specframe.c:7207:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sval, strlen( sval ) + 1 );
data/starlink-ast-9.2.3+dfsg/src/sphmap.c:1014:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = (int) strlen( setting );
data/starlink-ast-9.2.3+dfsg/src/stc.c:309:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( attrib );
data/starlink-ast-9.2.3+dfsg/src/stc.c:788:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( attrib );
data/starlink-ast-9.2.3+dfsg/src/stc.c:2507:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( setting );
data/starlink-ast-9.2.3+dfsg/src/stc.c:2857:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( attrib );
data/starlink-ast-9.2.3+dfsg/src/stcschan.c:464:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( prefix );
data/starlink-ast-9.2.3+dfsg/src/stcschan.c:484:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( word );
data/starlink-ast-9.2.3+dfsg/src/stcschan.c:1296:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( result );
data/starlink-ast-9.2.3+dfsg/src/stcschan.c:1343:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( astOK && result && strlen( result ) > MXWORDLEN ){
data/starlink-ast-9.2.3+dfsg/src/stcschan.c:1345:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
"characters): %.*s...", status, strlen( result ),
data/starlink-ast-9.2.3+dfsg/src/stcschan.c:5291:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = (int) strlen( setting );
data/starlink-ast-9.2.3+dfsg/src/stcschan.c:5627:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( line ) result = astString( line, (int) strlen( line ) );
data/starlink-ast-9.2.3+dfsg/src/stcschan.c:6910:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unit1 = astStore( NULL, unit, strlen( unit ) + 1 );
data/starlink-ast-9.2.3+dfsg/src/switchmap.c:950:8: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
int equal;
data/starlink-ast-9.2.3+dfsg/src/switchmap.c:1023:14: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if( equal ) {
data/starlink-ast-9.2.3+dfsg/src/table.c:710:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( attrib );
data/starlink-ast-9.2.3+dfsg/src/table.c:1180:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( attrib );
data/starlink-ast-9.2.3+dfsg/src/table.c:3030:67: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
MAKE_MAPPUT0(C,c,const char *,AST__STRINGTYPE,astStore(NULL,value,strlen(value)+1))
data/starlink-ast-9.2.3+dfsg/src/table.c:3162:75: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
MAKE_MAPPUT1(C,c,const char *const,AST__STRINGTYPE,astStore(NULL,value[i],strlen(value[i])+1))
data/starlink-ast-9.2.3+dfsg/src/table.c:3609:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& ( nctot >= strlen( key ) ) ) {
data/starlink-ast-9.2.3+dfsg/src/table.c:4063:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = (int) strlen( setting );
data/starlink-ast-9.2.3+dfsg/src/table.c:4193:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( attrib );
data/starlink-ast-9.2.3+dfsg/src/timeframe.c:694:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( date ) date1 = astStore( NULL, date, strlen( date ) + 1 );
data/starlink-ast-9.2.3+dfsg/src/timeframe.c:696:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( date ) date2 = astStore( NULL, date, strlen( date ) + 1 );
data/starlink-ast-9.2.3+dfsg/src/timeframe.c:701:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nres = strlen( date1 );
data/starlink-ast-9.2.3+dfsg/src/timeframe.c:940:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( attrib );
data/starlink-ast-9.2.3+dfsg/src/timeframe.c:2197:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( attrib );
data/starlink-ast-9.2.3+dfsg/src/timeframe.c:2672:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fmt = astStore( NULL, fmt, strlen( fmt ) + 1 );
data/starlink-ast-9.2.3+dfsg/src/timeframe.c:2679:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf( getlabel_buff + strlen( getlabel_buff ), " offset from %s",
data/starlink-ast-9.2.3+dfsg/src/timeframe.c:2693:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( !strcmp( getlabel_buff + strlen( getlabel_buff ) - 8, "00:00:00" ) ) {
data/starlink-ast-9.2.3+dfsg/src/timeframe.c:2694:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
getlabel_buff[ strlen( getlabel_buff ) - 8 ] = 0;
data/starlink-ast-9.2.3+dfsg/src/timeframe.c:3206:18: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
nc = sprintf( gettitle_buff + pos, "]" );
data/starlink-ast-9.2.3+dfsg/src/timeframe.c:3218:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fmt = astStore( NULL, fmt, strlen( fmt ) + 1 );
data/starlink-ast-9.2.3+dfsg/src/timeframe.c:4655:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( setting );
data/starlink-ast-9.2.3+dfsg/src/timeframe.c:5775:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( attrib );
data/starlink-ast-9.2.3+dfsg/src/timeframe.c:6159:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
old_fmt = astStore( NULL, txt, strlen( txt ) + 1 );
data/starlink-ast-9.2.3+dfsg/src/timeframe.c:6207:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( lt >= l ) lt = strlen( string );
data/starlink-ast-9.2.3+dfsg/src/unit.c:398:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen( t );
data/starlink-ast-9.2.3+dfsg/src/unit.c:429:16: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( w, t, s - t );
data/starlink-ast-9.2.3+dfsg/src/unit.c:472:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( tok[ i ] );
data/starlink-ast-9.2.3+dfsg/src/unit.c:1262:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen( tree->name ) + 1 ) : NULL;
data/starlink-ast-9.2.3+dfsg/src/unit.c:1348:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result = MakeTree( cleanex, strlen( cleanex ), lock, status );
data/starlink-ast-9.2.3+dfsg/src/unit.c:1574:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tlen = strlen( test );
data/starlink-ast-9.2.3+dfsg/src/unit.c:2874:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tlen = strlen( newtree->name );
data/starlink-ast-9.2.3+dfsg/src/unit.c:2908:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
larg0 = strlen( arg0 );
data/starlink-ast-9.2.3+dfsg/src/unit.c:2926:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
larg0 = strlen( arg0 );
data/starlink-ast-9.2.3+dfsg/src/unit.c:2944:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
larg0 = strlen( arg0 );
data/starlink-ast-9.2.3+dfsg/src/unit.c:2955:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
larg0 = strlen( arg0 );
data/starlink-ast-9.2.3+dfsg/src/unit.c:2974:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
larg0 = strlen( arg0 );
data/starlink-ast-9.2.3+dfsg/src/unit.c:2977:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
larg1 = strlen( arg1 );
data/starlink-ast-9.2.3+dfsg/src/unit.c:3016:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
larg0 = strlen( arg0 );
data/starlink-ast-9.2.3+dfsg/src/unit.c:3019:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
larg1 = strlen( arg1 );
data/starlink-ast-9.2.3+dfsg/src/unit.c:3055:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
larg0 = strlen( arg0 );
data/starlink-ast-9.2.3+dfsg/src/unit.c:3058:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
larg1 = strlen( arg1 );
data/starlink-ast-9.2.3+dfsg/src/unit.c:3194:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result->symlen = strlen( sym );
data/starlink-ast-9.2.3+dfsg/src/unit.c:3197:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result->lablen = strlen( label );
data/starlink-ast-9.2.3+dfsg/src/unit.c:3308:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lfwd = strlen( fwdexp );
data/starlink-ast-9.2.3+dfsg/src/unit.c:3335:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
linv = strlen( invexp );
data/starlink-ast-9.2.3+dfsg/src/unit.c:5028:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lu = strlen( u );
data/starlink-ast-9.2.3+dfsg/src/unit.c:5469:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( in_lab ) *out_lab = astStore( NULL, in_lab, strlen( in_lab ) + 1 );
data/starlink-ast-9.2.3+dfsg/src/unit.c:5510:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( in_lab ) *out_lab = astStore( NULL, in_lab, strlen( in_lab ) + 1 );
data/starlink-ast-9.2.3+dfsg/src/unit.c:5707:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
c = exp + strlen( exp ) - 1;
data/starlink-ast-9.2.3+dfsg/src/wcsmap.c:1192:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( attrib );
data/starlink-ast-9.2.3+dfsg/src/wcsmap.c:1811:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( attrib );
data/starlink-ast-9.2.3+dfsg/src/wcsmap.c:3768:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = (int) strlen( setting );
data/starlink-ast-9.2.3+dfsg/src/wcsmap.c:4038:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( attrib );
data/starlink-ast-9.2.3+dfsg/src/xml.c:458:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result = astMalloc( 6*strlen( text ) + 1 );
data/starlink-ast-9.2.3+dfsg/src/xml.c:1280:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
this->defns = astStore( this->defns, uri, strlen( uri ) + 1 );
data/starlink-ast-9.2.3+dfsg/src/xml.c:1526:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen( elem->defns ) + 1 );
data/starlink-ast-9.2.3+dfsg/src/xml.c:2147:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( strlen( result ) > AST__XML_GETTAG_BUFF_LEN ) {
data/starlink-ast-9.2.3+dfsg/src/xml.c:2148:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( gettag_buff, result, AST__XML_GETTAG_BUFF_LEN -3 );
data/starlink-ast-9.2.3+dfsg/src/xml.c:2151:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( gettag_buff, result, AST__XML_GETTAG_BUFF_LEN );
data/starlink-ast-9.2.3+dfsg/src/xml.c:3360:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result = astStore( NULL, text, strlen( text ) + 1 );
data/starlink-ast-9.2.3+dfsg/src/xml.c:3889:10: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( prefix_buffer, name0, len );
data/starlink-ast-9.2.3+dfsg/src/xml.c:3892:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( colon + 1 );
data/starlink-ast-9.2.3+dfsg/src/xml.c:4412:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nc = strlen( name ) - ( colon - name ) - 1;
data/starlink-ast-9.2.3+dfsg/src/xml.c:4426:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
new->name = astStore( NULL, newname, strlen( newname ) + 1 );
data/starlink-ast-9.2.3+dfsg/src/xml.c:4427:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
new->value = astStore( NULL, value, strlen( value ) + 1 );
data/starlink-ast-9.2.3+dfsg/src/xml.c:4430:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nc = strlen( newpref );
data/starlink-ast-9.2.3+dfsg/src/xml.c:4490:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
new->text = astStore( NULL, text, strlen( text ) + 1 );
data/starlink-ast-9.2.3+dfsg/src/xml.c:4554:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
new->text = astStore( NULL, text, strlen( text ) + 1 );
data/starlink-ast-9.2.3+dfsg/src/xml.c:4604:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
new->text = astStore( NULL, text, strlen( text ) + 1 );
data/starlink-ast-9.2.3+dfsg/src/xml.c:4661:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
new->text = astStore( NULL, text, strlen( text ) + 1 );
data/starlink-ast-9.2.3+dfsg/src/xml.c:4712:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
new->text = astStore( NULL, text, strlen( text ) + 1 );
data/starlink-ast-9.2.3+dfsg/src/xml.c:4820:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
new->name = astStore( NULL, name, strlen( name ) + 1 );
data/starlink-ast-9.2.3+dfsg/src/xml.c:4821:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
new->external = astStore( NULL, external, strlen( external ) + 1 );
data/starlink-ast-9.2.3+dfsg/src/xml.c:4822:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
new->internal = astStore( NULL, internal, strlen( internal ) + 1 );
data/starlink-ast-9.2.3+dfsg/src/xml.c:4892:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nc = strlen( name ) - ( colon - name ) - 1;
data/starlink-ast-9.2.3+dfsg/src/xml.c:4906:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
new->name = astStore( NULL, newname, strlen( newname ) + 1 );
data/starlink-ast-9.2.3+dfsg/src/xml.c:4918:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nc = strlen( newpref );
data/starlink-ast-9.2.3+dfsg/src/xml.c:4984:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
new->prefix = astStore( NULL, prefix, strlen( prefix ) + 1 );
data/starlink-ast-9.2.3+dfsg/src/xml.c:4985:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
new->uri = astStore( NULL, uri, strlen( uri ) + 1 );
data/starlink-ast-9.2.3+dfsg/src/xml.c:5105:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
new->target = astStore( NULL, target, strlen( target ) + 1 );
data/starlink-ast-9.2.3+dfsg/src/xml.c:5106:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
new->text = astStore( NULL, text, strlen( text ) + 1 );
data/starlink-ast-9.2.3+dfsg/src/xml.c:5215:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nc = strlen( name ) - ( colon - name ) - 1;
data/starlink-ast-9.2.3+dfsg/src/xml.c:5543:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result = astMalloc( strlen( text ) + 1 );
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:938:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = text ? strlen( text ) : 0;
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:943:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = text ? strlen( text ) : 0;
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:1429:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
anames[ axis ] = astStore( NULL, nam, strlen( nam ) + 1 );
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:1430:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
anames[ axis + 1 ] = astStore( NULL, nam, strlen( nam ) + 1 );
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:1476:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
anames[ axis ] = astStore( NULL, nam, strlen( nam ) + 1 );
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:1516:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
anames[ axis ] = astStore( NULL, nam, strlen( nam ) + 1 );
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:1548:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
anames[ axis ] = astStore( NULL, nam, strlen( nam ) + 1 );
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:1597:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( empty && strlen( anames[ i ] ) > 0 ) {
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:2007:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( iso && astUnformat( cfrm, 0, iso, &val ) != strlen( iso ) ) {
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:2281:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( value );
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:2358:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( value );
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:3611:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( strlen( text ) > 30 ) text[ 30 ] = 0;
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:3684:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& ( nc >= (int) strlen( value ) ) );
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:5064:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
class = astStore( NULL, ptr, strlen( ptr ) + 1 );
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:5568:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l1 = strlen( words[ 0 ] );
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:5569:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l2 = strlen( words[ 1 ] );
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:7250:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& ( nc >= (int) strlen( value ) ) ) {
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:7254:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& ( nc >= (int) strlen( value ) ) ) ) {
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:7366:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& ( nc >= (int) strlen( value ) ) ) ) {
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:7572:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result = astStore( NULL, value, strlen( value ) + 1 );
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:7595:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result = astStore( NULL, def, strlen( def ) + (size_t) 1 );
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:7856:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( strlen( sysatt ) && strlen( orgatt ) ) {
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:7856:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( strlen( sysatt ) && strlen( orgatt ) ) {
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:7867:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen( old_unit ) + 1 );
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:8605:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pl = strlen( punit );
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:8606:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tl = strlen( tunit );
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:9019:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen( name );
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:9057:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( strlen( text ) > 30 ) text[ 30 ] = 0;
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:9151:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = (int) strlen( setting );
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:9307:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( line ) result = astString( line, (int) strlen( line ) );
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:10141:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( title ) title = astStore( NULL, title, strlen( title ) + 1 );
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:10517:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( strlen( text ) > 30 ) text[ 30 ] = 0;
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:11244:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( title ) title = astStore( NULL, title, strlen( title ) + 1 );
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:11256:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
funit = astStore( NULL, funit, strlen( funit ) + 1 );
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:12722:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
this->objectname = ( name && strlen( name ) ) ? name : NULL;
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:13137:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen( value ) + (size_t) 1 ))
data/starlink-ast-9.2.3+dfsg/src/xmlchan.c:13195:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen( in->xmlprefix ) + (size_t) 1 );
data/starlink-ast-9.2.3+dfsg/src/yamlchan.c:1211:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = (int) strlen( setting );
data/starlink-ast-9.2.3+dfsg/src/yamlchan.c:1401:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( line ) result = astString( line, (int) strlen( line ) );
data/starlink-ast-9.2.3+dfsg/src/yamlchan.c:2583:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n1 = strlen( buf );
data/starlink-ast-9.2.3+dfsg/src/yamlchan.c:3394:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if( !strncmp( result, STSCI_TAG, strlen(STSCI_TAG) ) ) {
data/starlink-ast-9.2.3+dfsg/src/yamlchan.c:3395:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result += strlen(STSCI_TAG);
data/starlink-ast-9.2.3+dfsg/src/yamlchan.c:3397:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if( !strncmp( result, ASTROPY_TAG, strlen(ASTROPY_TAG) ) ) {
data/starlink-ast-9.2.3+dfsg/src/yamlchan.c:3398:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result += strlen( ASTROPY_TAG );
data/starlink-ast-9.2.3+dfsg/src/yamlchan.c:4143:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( nc != strlen( value ) && astOK ) {
data/starlink-ast-9.2.3+dfsg/src/yamlchan.c:5283:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while( astOK && text && strlen( text ) == 0 ) {
data/starlink-ast-9.2.3+dfsg/src/yamlchan.c:5297:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*size_read = strlen( text ) + 1;
data/starlink-ast-9.2.3+dfsg/src/yamlchan.c:8163:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( axes_order && strlen( axes_order) != nang && astOK ){
data/starlink-ast-9.2.3+dfsg/src/yamlchan.c:8166:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
axes_order, (int) strlen( axes_order) );
data/starlink-ast-9.2.3+dfsg/src/yamlchan.c:8383:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nc = strlen( name );
data/starlink-ast-9.2.3+dfsg/src/yamlchan.c:8632:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
km_class = astStore( NULL, km_class, strlen( km_class) + 1 );
data/starlink-ast-9.2.3+dfsg/src/yamlchan.c:9383:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( name ) name = astStore( NULL, name, strlen(name) + 1 );
data/starlink-ast-9.2.3+dfsg/src/yamlchan.c:9627:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( class ) class = astStore( NULL, class, strlen( class ) + 1 );
data/starlink-ast-9.2.3+dfsg/src/yamlchan.c:9648:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( class && !strncmp( GWCS_TAG"wcs-", class, strlen(GWCS_TAG"wcs-") ) ){
data/starlink-ast-9.2.3+dfsg/src/yamlchan.c:9834:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
id = astStore( NULL, id, strlen( id ) + 1 );
data/starlink-ast-9.2.3+dfsg/src/yamlchan.c:9949:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
key = astMalloc( strlen(id) + 10 );
data/starlink-ast-9.2.3+dfsg/src/yamlchan.c:10681:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(yaml_char_t *) key, strlen(key), 1, 0,
data/starlink-ast-9.2.3+dfsg/src/yamlchan.c:10755:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(yaml_char_t *) key, strlen(key), 1, 0,
data/starlink-ast-9.2.3+dfsg/src/yamlchan.c:10925:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(key), 1, 0, YAML_PLAIN_SCALAR_STYLE);
data/starlink-ast-9.2.3+dfsg/src/yamlchan.c:10931:60: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(yaml_char_t *) value, strlen(value),
data/starlink-ast-9.2.3+dfsg/src/yamlchan.c:11298:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(key), 1, 1, YAML_PLAIN_SCALAR_STYLE);
data/starlink-ast-9.2.3+dfsg/src/yamlchan.c:11306:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(buff), 1, 1, YAML_PLAIN_SCALAR_STYLE );
data/starlink-ast-9.2.3+dfsg/src/yamlchan.c:11357:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(key), 1, 1, YAML_PLAIN_SCALAR_STYLE);
data/starlink-ast-9.2.3+dfsg/src/yamlchan.c:11365:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(buff), 1, 1, YAML_PLAIN_SCALAR_STYLE );
data/starlink-ast-9.2.3+dfsg/src/yamlchan.c:11431:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(key), 1, 1, YAML_PLAIN_SCALAR_STYLE);
data/starlink-ast-9.2.3+dfsg/src/yamlchan.c:11452:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(yaml_char_t *) *pv, strlen(*pv),
data/starlink-ast-9.2.3+dfsg/src/yamlchan.c:11515:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(key), 1, 1, YAML_PLAIN_SCALAR_STYLE);
data/starlink-ast-9.2.3+dfsg/src/yamlchan.c:11531:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(buff), 1, 1, YAML_PLAIN_SCALAR_STYLE );
data/starlink-ast-9.2.3+dfsg/src/yamlchan.c:11590:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(key), 1, 1, YAML_PLAIN_SCALAR_STYLE);
data/starlink-ast-9.2.3+dfsg/src/yamlchan.c:11606:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(buff), 1, 1, YAML_PLAIN_SCALAR_STYLE );
data/starlink-ast-9.2.3+dfsg/src/yamlchan.c:14960:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
LibYamlWriter( this, (yaml_char_t *) ASDF_HEADER, strlen(ASDF_HEADER) );
data/starlink-ast-9.2.3+dfsg/src/zoommap.c:1420:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = (int) strlen( setting );
ANALYSIS SUMMARY:
Hits = 2961
Lines analyzed = 518168 in approximately 15.77 seconds (32860 lines/second)
Physical Source Lines of Code (SLOC) = 189848
Hits@level = [0] 132 [1] 557 [2] 1845 [3] 4 [4] 555 [5] 0
Hits@level+ = [0+] 3093 [1+] 2961 [2+] 2404 [3+] 559 [4+] 555 [5+] 0
Hits/KSLOC@level+ = [0+] 16.292 [1+] 15.5967 [2+] 12.6628 [3+] 2.94446 [4+] 2.92339 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.