Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/sylpheed-3.7.0/libsylph/enums.h
Examining data/sylpheed-3.7.0/libsylph/account.h
Examining data/sylpheed-3.7.0/libsylph/base64.h
Examining data/sylpheed-3.7.0/libsylph/codeconv.h
Examining data/sylpheed-3.7.0/libsylph/customheader.h
Examining data/sylpheed-3.7.0/libsylph/displayheader.h
Examining data/sylpheed-3.7.0/libsylph/filter.h
Examining data/sylpheed-3.7.0/libsylph/folder.h
Examining data/sylpheed-3.7.0/libsylph/html.h
Examining data/sylpheed-3.7.0/libsylph/imap.h
Examining data/sylpheed-3.7.0/libsylph/mbox.h
Examining data/sylpheed-3.7.0/libsylph/md5.h
Examining data/sylpheed-3.7.0/libsylph/md5_hmac.h
Examining data/sylpheed-3.7.0/libsylph/mh.h
Examining data/sylpheed-3.7.0/libsylph/news.h
Examining data/sylpheed-3.7.0/libsylph/nntp.h
Examining data/sylpheed-3.7.0/libsylph/pop.h
Examining data/sylpheed-3.7.0/libsylph/prefs.h
Examining data/sylpheed-3.7.0/libsylph/prefs_account.h
Examining data/sylpheed-3.7.0/libsylph/prefs_common.h
Examining data/sylpheed-3.7.0/libsylph/procheader.h
Examining data/sylpheed-3.7.0/libsylph/procmime.h
Examining data/sylpheed-3.7.0/libsylph/procmsg.h
Examining data/sylpheed-3.7.0/libsylph/quoted-printable.h
Examining data/sylpheed-3.7.0/libsylph/recv.h
Examining data/sylpheed-3.7.0/libsylph/session.h
Examining data/sylpheed-3.7.0/libsylph/smtp.h
Examining data/sylpheed-3.7.0/libsylph/socket.h
Examining data/sylpheed-3.7.0/libsylph/socks.h
Examining data/sylpheed-3.7.0/libsylph/ssl.h
Examining data/sylpheed-3.7.0/libsylph/ssl_hostname_validation.h
Examining data/sylpheed-3.7.0/libsylph/stringtable.h
Examining data/sylpheed-3.7.0/libsylph/sylmain.h
Examining data/sylpheed-3.7.0/libsylph/unmime.h
Examining data/sylpheed-3.7.0/libsylph/utils.h
Examining data/sylpheed-3.7.0/libsylph/uuencode.h
Examining data/sylpheed-3.7.0/libsylph/virtual.h
Examining data/sylpheed-3.7.0/libsylph/xml.h
Examining data/sylpheed-3.7.0/libsylph/syl-marshal.h
Examining data/sylpheed-3.7.0/libsylph/account.c
Examining data/sylpheed-3.7.0/libsylph/base64.c
Examining data/sylpheed-3.7.0/libsylph/codeconv.c
Examining data/sylpheed-3.7.0/libsylph/customheader.c
Examining data/sylpheed-3.7.0/libsylph/displayheader.c
Examining data/sylpheed-3.7.0/libsylph/filter.c
Examining data/sylpheed-3.7.0/libsylph/folder.c
Examining data/sylpheed-3.7.0/libsylph/html.c
Examining data/sylpheed-3.7.0/libsylph/imap.c
Examining data/sylpheed-3.7.0/libsylph/mbox.c
Examining data/sylpheed-3.7.0/libsylph/md5.c
Examining data/sylpheed-3.7.0/libsylph/md5_hmac.c
Examining data/sylpheed-3.7.0/libsylph/mh.c
Examining data/sylpheed-3.7.0/libsylph/news.c
Examining data/sylpheed-3.7.0/libsylph/nntp.c
Examining data/sylpheed-3.7.0/libsylph/pop.c
Examining data/sylpheed-3.7.0/libsylph/prefs.c
Examining data/sylpheed-3.7.0/libsylph/prefs_account.c
Examining data/sylpheed-3.7.0/libsylph/procheader.c
Examining data/sylpheed-3.7.0/libsylph/procmime.c
Examining data/sylpheed-3.7.0/libsylph/procmsg.c
Examining data/sylpheed-3.7.0/libsylph/recv.c
Examining data/sylpheed-3.7.0/libsylph/session.c
Examining data/sylpheed-3.7.0/libsylph/smtp.c
Examining data/sylpheed-3.7.0/libsylph/socket.c
Examining data/sylpheed-3.7.0/libsylph/socks.c
Examining data/sylpheed-3.7.0/libsylph/ssl_hostname_validation.c
Examining data/sylpheed-3.7.0/libsylph/stringtable.c
Examining data/sylpheed-3.7.0/libsylph/sylmain.c
Examining data/sylpheed-3.7.0/libsylph/unmime.c
Examining data/sylpheed-3.7.0/libsylph/utils.c
Examining data/sylpheed-3.7.0/libsylph/uuencode.c
Examining data/sylpheed-3.7.0/libsylph/virtual.c
Examining data/sylpheed-3.7.0/libsylph/xml.c
Examining data/sylpheed-3.7.0/libsylph/syl-marshal.c
Examining data/sylpheed-3.7.0/libsylph/defs.h
Examining data/sylpheed-3.7.0/libsylph/prefs_common.c
Examining data/sylpheed-3.7.0/libsylph/quoted-printable.c
Examining data/sylpheed-3.7.0/libsylph/ssl.c
Examining data/sylpheed-3.7.0/src/quote_fmt_lex.c
Examining data/sylpheed-3.7.0/src/quote_fmt_parse.h
Examining data/sylpheed-3.7.0/src/quote_fmt_parse.c
Examining data/sylpheed-3.7.0/src/plugin.h
Examining data/sylpheed-3.7.0/src/plugin-types.h
Examining data/sylpheed-3.7.0/src/plugin-marshal.c
Examining data/sylpheed-3.7.0/src/plugin-marshal.h
Examining data/sylpheed-3.7.0/src/plugin.c
Examining data/sylpheed-3.7.0/src/version.h
Examining data/sylpheed-3.7.0/src/main.c
Examining data/sylpheed-3.7.0/src/main.h
Examining data/sylpheed-3.7.0/src/mainwindow.h
Examining data/sylpheed-3.7.0/src/folderview.c
Examining data/sylpheed-3.7.0/src/folderview.h
Examining data/sylpheed-3.7.0/src/summaryview.c
Examining data/sylpheed-3.7.0/src/summaryview.h
Examining data/sylpheed-3.7.0/src/messageview.c
Examining data/sylpheed-3.7.0/src/messageview.h
Examining data/sylpheed-3.7.0/src/headerview.c
Examining data/sylpheed-3.7.0/src/headerview.h
Examining data/sylpheed-3.7.0/src/textview.c
Examining data/sylpheed-3.7.0/src/textview.h
Examining data/sylpheed-3.7.0/src/imageview.c
Examining data/sylpheed-3.7.0/src/imageview.h
Examining data/sylpheed-3.7.0/src/mimeview.c
Examining data/sylpheed-3.7.0/src/mimeview.h
Examining data/sylpheed-3.7.0/src/quick_search.c
Examining data/sylpheed-3.7.0/src/quick_search.h
Examining data/sylpheed-3.7.0/src/query_search.c
Examining data/sylpheed-3.7.0/src/query_search.h
Examining data/sylpheed-3.7.0/src/message_search.c
Examining data/sylpheed-3.7.0/src/message_search.h
Examining data/sylpheed-3.7.0/src/colorlabel.c
Examining data/sylpheed-3.7.0/src/colorlabel.h
Examining data/sylpheed-3.7.0/src/action.c
Examining data/sylpheed-3.7.0/src/action.h
Examining data/sylpheed-3.7.0/src/compose.h
Examining data/sylpheed-3.7.0/src/gtkshruler.c
Examining data/sylpheed-3.7.0/src/gtkshruler.h
Examining data/sylpheed-3.7.0/src/menu.c
Examining data/sylpheed-3.7.0/src/menu.h
Examining data/sylpheed-3.7.0/src/stock_pixmap.c
Examining data/sylpheed-3.7.0/src/stock_pixmap.h
Examining data/sylpheed-3.7.0/src/prefs_ui.c
Examining data/sylpheed-3.7.0/src/prefs_ui.h
Examining data/sylpheed-3.7.0/src/prefs_common_dialog.h
Examining data/sylpheed-3.7.0/src/prefs_filter.c
Examining data/sylpheed-3.7.0/src/prefs_filter.h
Examining data/sylpheed-3.7.0/src/prefs_filter_edit.c
Examining data/sylpheed-3.7.0/src/prefs_filter_edit.h
Examining data/sylpheed-3.7.0/src/prefs_account_dialog.c
Examining data/sylpheed-3.7.0/src/prefs_account_dialog.h
Examining data/sylpheed-3.7.0/src/prefs_folder_item.c
Examining data/sylpheed-3.7.0/src/prefs_folder_item.h
Examining data/sylpheed-3.7.0/src/prefs_display_items.c
Examining data/sylpheed-3.7.0/src/prefs_display_items.h
Examining data/sylpheed-3.7.0/src/prefs_display_header.c
Examining data/sylpheed-3.7.0/src/prefs_display_header.h
Examining data/sylpheed-3.7.0/src/prefs_customheader.c
Examining data/sylpheed-3.7.0/src/prefs_customheader.h
Examining data/sylpheed-3.7.0/src/prefs_summary_column.c
Examining data/sylpheed-3.7.0/src/prefs_summary_column.h
Examining data/sylpheed-3.7.0/src/prefs_template.c
Examining data/sylpheed-3.7.0/src/prefs_template.h
Examining data/sylpheed-3.7.0/src/prefs_actions.c
Examining data/sylpheed-3.7.0/src/prefs_actions.h
Examining data/sylpheed-3.7.0/src/prefs_search_folder.c
Examining data/sylpheed-3.7.0/src/prefs_search_folder.h
Examining data/sylpheed-3.7.0/src/prefs_toolbar.c
Examining data/sylpheed-3.7.0/src/prefs_toolbar.h
Examining data/sylpheed-3.7.0/src/account_dialog.c
Examining data/sylpheed-3.7.0/src/account_dialog.h
Examining data/sylpheed-3.7.0/src/template.c
Examining data/sylpheed-3.7.0/src/template.h
Examining data/sylpheed-3.7.0/src/addressbook.h
Examining data/sylpheed-3.7.0/src/addr_compl.c
Examining data/sylpheed-3.7.0/src/addr_compl.h
Examining data/sylpheed-3.7.0/src/addressitem.h
Examining data/sylpheed-3.7.0/src/addritem.c
Examining data/sylpheed-3.7.0/src/addritem.h
Examining data/sylpheed-3.7.0/src/addrcache.c
Examining data/sylpheed-3.7.0/src/addrcache.h
Examining data/sylpheed-3.7.0/src/addrbook.c
Examining data/sylpheed-3.7.0/src/addrbook.h
Examining data/sylpheed-3.7.0/src/addrindex.c
Examining data/sylpheed-3.7.0/src/addrindex.h
Examining data/sylpheed-3.7.0/src/mgutils.c
Examining data/sylpheed-3.7.0/src/mgutils.h
Examining data/sylpheed-3.7.0/src/vcard.c
Examining data/sylpheed-3.7.0/src/vcard.h
Examining data/sylpheed-3.7.0/src/ldif.c
Examining data/sylpheed-3.7.0/src/ldif.h
Examining data/sylpheed-3.7.0/src/importldif.c
Examining data/sylpheed-3.7.0/src/importldif.h
Examining data/sylpheed-3.7.0/src/importcsv.c
Examining data/sylpheed-3.7.0/src/importcsv.h
Examining data/sylpheed-3.7.0/src/exportcsv.c
Examining data/sylpheed-3.7.0/src/exportcsv.h
Examining data/sylpheed-3.7.0/src/jpilot.c
Examining data/sylpheed-3.7.0/src/jpilot.h
Examining data/sylpheed-3.7.0/src/syldap.c
Examining data/sylpheed-3.7.0/src/syldap.h
Examining data/sylpheed-3.7.0/src/editbook.c
Examining data/sylpheed-3.7.0/src/editbook.h
Examining data/sylpheed-3.7.0/src/editgroup.c
Examining data/sylpheed-3.7.0/src/editgroup.h
Examining data/sylpheed-3.7.0/src/editaddress.c
Examining data/sylpheed-3.7.0/src/editaddress.h
Examining data/sylpheed-3.7.0/src/editvcard.c
Examining data/sylpheed-3.7.0/src/editvcard.h
Examining data/sylpheed-3.7.0/src/editjpilot.c
Examining data/sylpheed-3.7.0/src/editjpilot.h
Examining data/sylpheed-3.7.0/src/editldap.c
Examining data/sylpheed-3.7.0/src/editldap.h
Examining data/sylpheed-3.7.0/src/editldap_basedn.c
Examining data/sylpheed-3.7.0/src/editldap_basedn.h
Examining data/sylpheed-3.7.0/src/addressadd.c
Examining data/sylpheed-3.7.0/src/addressadd.h
Examining data/sylpheed-3.7.0/src/filesel.c
Examining data/sylpheed-3.7.0/src/filesel.h
Examining data/sylpheed-3.7.0/src/foldersel.c
Examining data/sylpheed-3.7.0/src/foldersel.h
Examining data/sylpheed-3.7.0/src/statusbar.c
Examining data/sylpheed-3.7.0/src/statusbar.h
Examining data/sylpheed-3.7.0/src/logwindow.c
Examining data/sylpheed-3.7.0/src/logwindow.h
Examining data/sylpheed-3.7.0/src/sourcewindow.c
Examining data/sylpheed-3.7.0/src/sourcewindow.h
Examining data/sylpheed-3.7.0/src/manage_window.c
Examining data/sylpheed-3.7.0/src/manage_window.h
Examining data/sylpheed-3.7.0/src/undo.c
Examining data/sylpheed-3.7.0/src/undo.h
Examining data/sylpheed-3.7.0/src/alertpanel.c
Examining data/sylpheed-3.7.0/src/alertpanel.h
Examining data/sylpheed-3.7.0/src/inputdialog.c
Examining data/sylpheed-3.7.0/src/inputdialog.h
Examining data/sylpheed-3.7.0/src/progressdialog.c
Examining data/sylpheed-3.7.0/src/progressdialog.h
Examining data/sylpheed-3.7.0/src/subscribedialog.c
Examining data/sylpheed-3.7.0/src/subscribedialog.h
Examining data/sylpheed-3.7.0/src/about.c
Examining data/sylpheed-3.7.0/src/about.h
Examining data/sylpheed-3.7.0/src/setup.c
Examining data/sylpheed-3.7.0/src/setup.h
Examining data/sylpheed-3.7.0/src/gtkutils.c
Examining data/sylpheed-3.7.0/src/gtkutils.h
Examining data/sylpheed-3.7.0/src/send_message.c
Examining data/sylpheed-3.7.0/src/send_message.h
Examining data/sylpheed-3.7.0/src/inc.c
Examining data/sylpheed-3.7.0/src/inc.h
Examining data/sylpheed-3.7.0/src/rpop3.c
Examining data/sylpheed-3.7.0/src/rpop3.h
Examining data/sylpheed-3.7.0/src/import.c
Examining data/sylpheed-3.7.0/src/import.h
Examining data/sylpheed-3.7.0/src/export.c
Examining data/sylpheed-3.7.0/src/export.h
Examining data/sylpheed-3.7.0/src/rfc2015.c
Examining data/sylpheed-3.7.0/src/rfc2015.h
Examining data/sylpheed-3.7.0/src/passphrase.c
Examining data/sylpheed-3.7.0/src/passphrase.h
Examining data/sylpheed-3.7.0/src/select-keys.c
Examining data/sylpheed-3.7.0/src/select-keys.h
Examining data/sylpheed-3.7.0/src/sigstatus.c
Examining data/sylpheed-3.7.0/src/sigstatus.h
Examining data/sylpheed-3.7.0/src/simple-gettext.c
Examining data/sylpheed-3.7.0/src/manual.h
Examining data/sylpheed-3.7.0/src/eggtrayicon.c
Examining data/sylpheed-3.7.0/src/eggtrayicon.h
Examining data/sylpheed-3.7.0/src/trayicon.c
Examining data/sylpheed-3.7.0/src/trayicon.h
Examining data/sylpheed-3.7.0/src/printing.c
Examining data/sylpheed-3.7.0/src/printing.h
Examining data/sylpheed-3.7.0/src/sslmanager.c
Examining data/sylpheed-3.7.0/src/sslmanager.h
Examining data/sylpheed-3.7.0/src/plugin_manager.c
Examining data/sylpheed-3.7.0/src/plugin_manager.h
Examining data/sylpheed-3.7.0/src/update_check.c
Examining data/sylpheed-3.7.0/src/update_check.h
Examining data/sylpheed-3.7.0/src/icons/stock_addressbook.h
Examining data/sylpheed-3.7.0/src/icons/stock_attach.h
Examining data/sylpheed-3.7.0/src/icons/stock_delete.h
Examining data/sylpheed-3.7.0/src/icons/stock_delete_16.h
Examining data/sylpheed-3.7.0/src/icons/stock_hand-signed.h
Examining data/sylpheed-3.7.0/src/icons/stock_inbox.h
Examining data/sylpheed-3.7.0/src/icons/stock_insert-file.h
Examining data/sylpheed-3.7.0/src/icons/stock_mail-compose.h
Examining data/sylpheed-3.7.0/src/icons/stock_mail-compose_16.h
Examining data/sylpheed-3.7.0/src/icons/stock_mail-forward.h
Examining data/sylpheed-3.7.0/src/icons/stock_mail-receive.h
Examining data/sylpheed-3.7.0/src/icons/stock_mail-reply-to-all.h
Examining data/sylpheed-3.7.0/src/icons/stock_mail-reply.h
Examining data/sylpheed-3.7.0/src/icons/stock_mail-send.h
Examining data/sylpheed-3.7.0/src/icons/stock_mail.h
Examining data/sylpheed-3.7.0/src/icons/stock_mail_receive_all.h
Examining data/sylpheed-3.7.0/src/icons/stock_mail_send_queue.h
Examining data/sylpheed-3.7.0/src/icons/stock_outbox.h
Examining data/sylpheed-3.7.0/src/icons/stock_person.h
Examining data/sylpheed-3.7.0/src/icons/stock_book.h
Examining data/sylpheed-3.7.0/src/icons/stock_spam.h
Examining data/sylpheed-3.7.0/src/icons/stock_spam_16.h
Examining data/sylpheed-3.7.0/src/icons/stock_notspam.h
Examining data/sylpheed-3.7.0/src/icons/stock_sylpheed.h
Examining data/sylpheed-3.7.0/src/icons/stock_sylpheed_16.h
Examining data/sylpheed-3.7.0/src/icons/stock_sylpheed_32.h
Examining data/sylpheed-3.7.0/src/icons/stock_sylpheed_newmail.h
Examining data/sylpheed-3.7.0/src/icons/stock_sylpheed_newmail_16.h
Examining data/sylpheed-3.7.0/src/icons/sylpheed-logo.h
Examining data/sylpheed-3.7.0/src/icons/folder-close.h
Examining data/sylpheed-3.7.0/src/icons/folder-open.h
Examining data/sylpheed-3.7.0/src/icons/folder-noselect.h
Examining data/sylpheed-3.7.0/src/icons/folder-search.h
Examining data/sylpheed-3.7.0/src/icons/group.h
Examining data/sylpheed-3.7.0/src/icons/html.h
Examining data/sylpheed-3.7.0/src/quote_fmt_lex.h
Examining data/sylpheed-3.7.0/src/quote_fmt.h
Examining data/sylpheed-3.7.0/src/sylpheed-marshal.c
Examining data/sylpheed-3.7.0/src/sylpheed-marshal.h
Examining data/sylpheed-3.7.0/src/notificationwindow.c
Examining data/sylpheed-3.7.0/src/notificationwindow.h
Examining data/sylpheed-3.7.0/src/mainwindow.c
Examining data/sylpheed-3.7.0/src/manual.c
Examining data/sylpheed-3.7.0/src/prefs_common_dialog.c
Examining data/sylpheed-3.7.0/src/addressbook.c
Examining data/sylpheed-3.7.0/src/compose.c
Examining data/sylpheed-3.7.0/plugin/attachment_tool/attachment_tool.c
Examining data/sylpheed-3.7.0/plugin/test/test.c
Examining data/sylpheed-3.7.0/plugin/test/test.h
FINAL RESULTS:
data/sylpheed-3.7.0/libsylph/utils.c:145:12: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
retval = chmod(cp_path, mode);
data/sylpheed-3.7.0/libsylph/utils.c:154:9: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
return chmod(path, mode);
data/sylpheed-3.7.0/libsylph/utils.h:61:18: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
#define g_chmod chmod
data/sylpheed-3.7.0/libsylph/html.c:755:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(up, val);
data/sylpheed-3.7.0/libsylph/html.c:758:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(up, symbol_name);
data/sylpheed-3.7.0/libsylph/html.c:777:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(up, symbol_name);
data/sylpheed-3.7.0/libsylph/imap.c:3841:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p, user);
data/sylpheed-3.7.0/libsylph/imap.c:3843:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p, user);
data/sylpheed-3.7.0/libsylph/imap.c:3845:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p, pass);
data/sylpheed-3.7.0/libsylph/mbox.c:112:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(from_line, buf);
data/sylpheed-3.7.0/libsylph/mbox.c:183:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(from_line, buf);
data/sylpheed-3.7.0/libsylph/nntp.c:370:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(argbuf, buf);
data/sylpheed-3.7.0/libsylph/pop.c:510:7: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (sscanf(buf, "%s\t%ld", uidl, &recv_time) != 2) {
data/sylpheed-3.7.0/libsylph/pop.c:511:8: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (sscanf(buf, "%s", uidl) != 1)
data/sylpheed-3.7.0/libsylph/procheader.c:788:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tmp, str);
data/sylpheed-3.7.0/libsylph/procmime.c:993:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(prev_empty_line, buf);
data/sylpheed-3.7.0/libsylph/procmime.c:1119:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(prev_empty_line, buf);
data/sylpheed-3.7.0/libsylph/procmsg.c:1725:6: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (system(buf) != 0)
data/sylpheed-3.7.0/libsylph/smtp.c:341:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p, session->user);
data/sylpheed-3.7.0/libsylph/smtp.c:343:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p, session->pass);
data/sylpheed-3.7.0/libsylph/utils.c:1794:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ap, p);
data/sylpheed-3.7.0/libsylph/utils.h:146:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(__tmp, str); \
data/sylpheed-3.7.0/src/action.c:782:4: [4] (shell) execvp:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execvp("/bin/sh", cmdline);
data/sylpheed-3.7.0/src/addrbook.c:1656:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( buf, book->path );
data/sylpheed-3.7.0/src/addrbook.c:1666:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( buf, ADDRBOOK_PREFIX );
data/sylpheed-3.7.0/src/addrbook.c:1684:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( buf, adbookdir );
data/sylpheed-3.7.0/src/addrbook.c:1685:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( buf, dir_name );
data/sylpheed-3.7.0/src/addrbook.c:1733:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( fmt, "%%s%%0%dd%%s", FILE_NUMDIGITS );
data/sylpheed-3.7.0/src/addrbook.c:1734:2: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf( buf, fmt, ADDRBOOK_PREFIX, n, ADDRBOOK_SUFFIX );
data/sylpheed-3.7.0/src/addrindex.c:828:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( name, "%s%d", ATTAG_JPILOT_CUSTOM, ind );
data/sylpheed-3.7.0/src/headerview.c:390:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(xpm[line++], xface_header);
data/sylpheed-3.7.0/src/headerview.c:391:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(xpm[line++], xface_black);
data/sylpheed-3.7.0/src/headerview.c:392:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(xpm[line++], xface_white);
data/sylpheed-3.7.0/src/headerview.c:415:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buf, bit_pattern[n]);
data/sylpheed-3.7.0/src/headerview.c:422:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(xpm[line++], buf);
data/sylpheed-3.7.0/src/jpilot.c:1112:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( bufEMail, labelEntry );
data/sylpheed-3.7.0/src/jpilot.c:1140:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( bufEMail, labelEntry );
data/sylpheed-3.7.0/src/jpilot.c:1638:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( str, homedir );
data/sylpheed-3.7.0/src/jpilot.c:1646:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( str, JPILOT_DBHOME_DIR );
data/sylpheed-3.7.0/src/jpilot.c:1647:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( str, G_DIR_SEPARATOR_S );
data/sylpheed-3.7.0/src/jpilot.c:1648:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( str, JPILOT_DBHOME_FILE );
data/sylpheed-3.7.0/src/mgutils.c:106:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( start, str );
data/sylpheed-3.7.0/src/prefs_actions.c:509:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(action, entry_text);
data/sylpheed-3.7.0/src/prefs_common_dialog.c:3443:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(new_format, format);
data/sylpheed-3.7.0/src/prefs_common_dialog.c:3444:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(new_format, &old_format[cur_pos]);
data/sylpheed-3.7.0/src/quote_fmt_parse.c:210:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buffer + bufsize, s);
data/sylpheed-3.7.0/src/quote_fmt_parse.c:854:21: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
# define YYFPRINTF fprintf
data/sylpheed-3.7.0/src/quote_fmt_parse.c:1624:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(str, msginfo->fromname);
data/sylpheed-3.7.0/src/setup.c:1256:8: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
ret = system(cpcmdline);
data/sylpheed-3.7.0/src/vcard.c:656:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( str, homedir );
data/sylpheed-3.7.0/src/vcard.c:664:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( str, GNOMECARD_DIR );
data/sylpheed-3.7.0/src/vcard.c:665:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( str, G_DIR_SEPARATOR_S );
data/sylpheed-3.7.0/src/vcard.c:666:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( str, GNOMECARD_FILE );
data/sylpheed-3.7.0/libsylph/utils.c:2252:14: [3] (buffer) g_get_home_dir:
This function is synonymous with 'getenv("HOME")';it returns untrustable
input if the environment can beset by an attacker. It can have any content
and length, and the same variable can be set more than once (CWE-807,
CWE-20). Check environment variables carefully before using them.
home_dir = g_get_home_dir();
data/sylpheed-3.7.0/libsylph/utils.c:2259:9: [3] (buffer) g_get_home_dir:
This function is synonymous with 'getenv("HOME")';it returns untrustable
input if the environment can beset by an attacker. It can have any content
and length, and the same variable can be set more than once (CWE-807,
CWE-20). Check environment variables carefully before using them.
return g_get_home_dir();
data/sylpheed-3.7.0/libsylph/utils.c:3706:21: [3] (random) g_random_int_range:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
buf_uniq[i] = tbl[g_random_int_range(0, sizeof(tbl) - 1)];
data/sylpheed-3.7.0/src/compose.c:5282:6: [3] (random) g_random_int:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
g_random_int(), addr_left);
data/sylpheed-3.7.0/src/main.c:1509:9: [3] (buffer) g_get_tmp_dir:
This function is synonymous with 'getenv("TMP")';it returns untrustable
input if the environment can beset by an attacker. It can have any content
and length, and the same variable can be set more than once (CWE-807,
CWE-20). Check environment variables carefully before using them.
g_get_tmp_dir(), G_DIR_SEPARATOR,
data/sylpheed-3.7.0/src/send_message.c:255:37: [3] (random) g_random_int:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
get_rc_dir(), G_DIR_SEPARATOR, g_random_int());
data/sylpheed-3.7.0/src/update_check.c:150:21: [3] (buffer) g_get_tmp_dir:
This function is synonymous with 'getenv("TMP")';it returns untrustable
input if the environment can beset by an attacker. It can have any content
and length, and the same variable can be set more than once (CWE-807,
CWE-20). Check environment variables carefully before using them.
dest = g_strconcat(g_get_tmp_dir(), G_DIR_SEPARATOR_S, "sylpheed-update-manager.exe", NULL);
data/sylpheed-3.7.0/src/update_check.c:574:35: [3] (buffer) g_get_tmp_dir:
This function is synonymous with 'getenv("TMP")';it returns untrustable
input if the environment can beset by an attacker. It can have any content
and length, and the same variable can be set more than once (CWE-807,
CWE-20). Check environment variables carefully before using them.
plugin_updater_ini = g_strconcat(g_get_tmp_dir(), G_DIR_SEPARATOR_S, "sylpheed-plugin-updater.ini", NULL);
data/sylpheed-3.7.0/libsylph/account.c:237:34: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tmp_ac = account_find_from_id(atoi(str));
data/sylpheed-3.7.0/libsylph/base64.c:156:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(decoder->buf, buf, sizeof(buf));
data/sylpheed-3.7.0/libsylph/filter.c:1494:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cond->int_value = atoi(value);
data/sylpheed-3.7.0/libsylph/filter.c:1526:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
action->int_value = atoi(str);
data/sylpheed-3.7.0/libsylph/folder.c:1639:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
new = atoi(attr->value);
data/sylpheed-3.7.0/libsylph/folder.c:1641:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
unread = atoi(attr->value);
data/sylpheed-3.7.0/libsylph/folder.c:1643:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
total = atoi(attr->value);
data/sylpheed-3.7.0/libsylph/folder.c:1706:35: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
account = account_find_from_id(atoi(attr->value));
data/sylpheed-3.7.0/libsylph/folder.c:1817:35: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
account = account_find_from_id(atoi(attr->value));
data/sylpheed-3.7.0/libsylph/html.c:662:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ch = atoi(symbol_name + 2);
data/sylpheed-3.7.0/libsylph/html.c:764:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ch = atoi(symbol_name + 2);
data/sylpheed-3.7.0/libsylph/html.c:774:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(up, buf, len);
data/sylpheed-3.7.0/libsylph/imap.c:2847:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(seq_set, "1:*");
data/sylpheed-3.7.0/libsylph/imap.c:3221:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
len = atoi(buf);
data/sylpheed-3.7.0/libsylph/imap.c:3244:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest, cur_pos, MIN(len, dest_len - 1));
data/sylpheed-3.7.0/libsylph/imap.c:3281:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
len = atoi(buf);
data/sylpheed-3.7.0/libsylph/imap.c:3424:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
msgnum = atoi(buf);
data/sylpheed-3.7.0/libsylph/imap.c:4242:13: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
size_num = atol(size_str);
data/sylpheed-3.7.0/libsylph/imap.c:4311:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(date_time + 3, monthstr + lt->tm_mon * 3, 3);
data/sylpheed-3.7.0/libsylph/imap.c:4519:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
len = atoi(obuf);
data/sylpheed-3.7.0/libsylph/imap.c:4673:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest, src, MIN(tmp - src, len - 1));
data/sylpheed-3.7.0/libsylph/mbox.c:387:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((lockfd = open(base, O_RDWR)) < 0) {
data/sylpheed-3.7.0/libsylph/md5.c:426:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (md52->digest, md5->digest, sizeof(md5->digest));
data/sylpheed-3.7.0/libsylph/md5_hmac.c:59:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(k_ipad, s_gnet_md5_get_digest(tmd5),
data/sylpheed-3.7.0/libsylph/md5_hmac.c:61:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(k_opad, s_gnet_md5_get_digest(tmd5),
data/sylpheed-3.7.0/libsylph/md5_hmac.c:65:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(k_ipad, key, key_len);
data/sylpheed-3.7.0/libsylph/md5_hmac.c:66:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(k_opad, key, key_len);
data/sylpheed-3.7.0/libsylph/md5_hmac.c:95:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(digest, s_gnet_md5_get_digest(md5), S_GNET_MD5_HASH_LENGTH);
data/sylpheed-3.7.0/libsylph/md5_hmac.c:119:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(digest, s_gnet_md5_get_digest(md5), S_GNET_MD5_HASH_LENGTH);
data/sylpheed-3.7.0/libsylph/mh.c:1596:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
msginfo->msgnum = atoi(file);
data/sylpheed-3.7.0/libsylph/news.c:990:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
num = atoi(xover_str);
data/sylpheed-3.7.0/libsylph/news.c:991:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
size_int = atoi(size);
data/sylpheed-3.7.0/libsylph/news.c:992:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
line_int = atoi(line);
data/sylpheed-3.7.0/libsylph/news.c:1035:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
num = atoi(xhdr_str);
data/sylpheed-3.7.0/libsylph/nntp.c:401:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf, "\r\n");
data/sylpheed-3.7.0/libsylph/pop.c:262:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, p, buf_len);
data/sylpheed-3.7.0/libsylph/pop.c:314:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, p, buf_len);
data/sylpheed-3.7.0/libsylph/prefs.c:187:34: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*((gint *)param->data) = (gint)atoi(value);
data/sylpheed-3.7.0/libsylph/prefs.c:194:44: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*((DummyEnum *)param->data) = (DummyEnum)atoi(value);
data/sylpheed-3.7.0/libsylph/prefs.c:197:40: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*((gushort *)param->data) = (gushort)atoi(value);
data/sylpheed-3.7.0/libsylph/prefs.c:537:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
(gint)atoi(param[i].defval);
data/sylpheed-3.7.0/libsylph/prefs.c:547:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
atoi(param[i].defval) ? TRUE : FALSE;
data/sylpheed-3.7.0/libsylph/prefs.c:554:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
(DummyEnum)atoi(param[i].defval);
data/sylpheed-3.7.0/libsylph/prefs.c:561:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
(gushort)atoi(param[i].defval);
data/sylpheed-3.7.0/libsylph/prefs_account.c:222:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
id = atoi(p);
data/sylpheed-3.7.0/libsylph/procheader.c:910:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dmonth = atoi(month);
data/sylpheed-3.7.0/libsylph/procmime.c:581:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
count = atoi(next);
data/sylpheed-3.7.0/libsylph/procmime.c:806:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
t = atoi(param->value);
data/sylpheed-3.7.0/libsylph/procmime.c:810:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
n = atoi(param->value);
data/sylpheed-3.7.0/libsylph/procmime.c:1103:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(prev_empty_line, "\r\n");
data/sylpheed-3.7.0/libsylph/session.c:770:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, session->read_buf_p, line_len);
data/sylpheed-3.7.0/libsylph/smtp.c:347:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(outbuf, "AUTH PLAIN ");
data/sylpheed-3.7.0/libsylph/socket.c:880:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(inp, &inaddr, sizeof(inaddr));
data/sylpheed-3.7.0/libsylph/socket.c:922:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ad.sin_addr, hp->h_addr, hp->h_length);
data/sylpheed-3.7.0/libsylph/socket.c:1006:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
port = atoi(service);
data/sylpheed-3.7.0/libsylph/socket.c:1026:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&addr.sin_addr, hp->h_addr, hp->h_length);
data/sylpheed-3.7.0/libsylph/socket.c:1031:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(paddr, &addr, sizeof(struct sockaddr_in));
data/sylpheed-3.7.0/libsylph/socket.c:1594:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ad.sin_addr, *addr_list_p, hp->h_length);
data/sylpheed-3.7.0/libsylph/socket.c:2036:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(str + cur_offset, buf, len + 1);
data/sylpheed-3.7.0/libsylph/socket.c:2062:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(str + cur_offset, buf, len + 1);
data/sylpheed-3.7.0/libsylph/socks.c:109:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(socks_req + 4, (guchar *)hp->h_addr, 4);
data/sylpheed-3.7.0/libsylph/socks.c:194:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(socks_req + 2, proxy_name, userlen);
data/sylpheed-3.7.0/libsylph/socks.c:197:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(socks_req + 2 + userlen + 1, proxy_pass, passlen);
data/sylpheed-3.7.0/libsylph/socks.c:223:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(socks_req + 5, hostname, len);
data/sylpheed-3.7.0/libsylph/unmime.c:95:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(charset, eword_begin_p + 2, len);
data/sylpheed-3.7.0/libsylph/utils.c:318:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
return atoi(nstr);
data/sylpheed-3.7.0/libsylph/utils.c:2231:3: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
wchar_t path[MAX_PATH + 1];
data/sylpheed-3.7.0/libsylph/utils.c:3884:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fname, tmpdir, tmplen);
data/sylpheed-3.7.0/libsylph/utils.c:3886:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fname + tmplen + 1, progname, proglen);
data/sylpheed-3.7.0/libsylph/utils.c:3887:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fname + tmplen + 1 + proglen, suffix, sizeof(suffix));
data/sylpheed-3.7.0/libsylph/utils.c:3892:10: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
return tmpfile();
data/sylpheed-3.7.0/libsylph/utils.h:44:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
#define g_open open
data/sylpheed-3.7.0/libsylph/utils.h:52:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
#define g_fopen fopen
data/sylpheed-3.7.0/libsylph/utils.h:177:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(__tmp, str1, len1); \
data/sylpheed-3.7.0/libsylph/utils.h:178:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(__tmp + len1, str2, len2 + 1); \
data/sylpheed-3.7.0/libsylph/uuencode.c:25:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char uudigit[64] =
data/sylpheed-3.7.0/src/addrindex.c:864:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
gint ivalue = atoi( value );
data/sylpheed-3.7.0/src/addrindex.c:908:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( value, "%d", server->port );
data/sylpheed-3.7.0/src/addrindex.c:916:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( value, "%d", server->maxEntries );
data/sylpheed-3.7.0/src/addrindex.c:918:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( value, "%d", server->timeOut );
data/sylpheed-3.7.0/src/editldap_basedn.c:266:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( sPort, "%d", iPort );
data/sylpheed-3.7.0/src/eggtrayicon.c:437:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[256];
data/sylpheed-3.7.0/src/eggtrayicon.c:545:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (&ev.data, message, 20);
data/sylpheed-3.7.0/src/eggtrayicon.c:551:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (&ev.data, message, len);
data/sylpheed-3.7.0/src/filesel.c:545:2: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
wchar_t wtarget[MAX_PATH];
data/sylpheed-3.7.0/src/jpilot.c:73:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char db_name[32];
data/sylpheed-3.7.0/src/jpilot.c:74:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char flags[2];
data/sylpheed-3.7.0/src/jpilot.c:75:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char version[2];
data/sylpheed-3.7.0/src/jpilot.c:76:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char creation_time[4];
data/sylpheed-3.7.0/src/jpilot.c:77:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char modification_time[4];
data/sylpheed-3.7.0/src/jpilot.c:78:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char backup_time[4];
data/sylpheed-3.7.0/src/jpilot.c:79:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char modification_number[4];
data/sylpheed-3.7.0/src/jpilot.c:80:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char app_info_offset[4];
data/sylpheed-3.7.0/src/jpilot.c:81:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char sort_info_offset[4];
data/sylpheed-3.7.0/src/jpilot.c:82:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char type[4];/*Database ID */
data/sylpheed-3.7.0/src/jpilot.c:83:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char creator_id[4];/*Application ID */
data/sylpheed-3.7.0/src/jpilot.c:84:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char unique_id_seed[4];
data/sylpheed-3.7.0/src/jpilot.c:85:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char next_record_list_id[4];
data/sylpheed-3.7.0/src/jpilot.c:86:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char number_of_records[2];
data/sylpheed-3.7.0/src/jpilot.c:91:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char db_name[32];
data/sylpheed-3.7.0/src/jpilot.c:100:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type[5];/*Database ID */
data/sylpheed-3.7.0/src/jpilot.c:101:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char creator_id[5];/*Application ID */
data/sylpheed-3.7.0/src/jpilot.c:102:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char unique_id_seed[5];
data/sylpheed-3.7.0/src/jpilot.c:109:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char Offset[4]; /*4 bytes offset from BOF to record */
data/sylpheed-3.7.0/src/jpilot.c:111:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char unique_ID[3];
data/sylpheed-3.7.0/src/jpilot.c:735:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(header->attrib), p, sizeof(unsigned char));
data/sylpheed-3.7.0/src/jpilot.c:744:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char packed_header[256];
data/sylpheed-3.7.0/src/jpilot.c:754:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(packed_header, &l, sizeof(l));
data/sylpheed-3.7.0/src/jpilot.c:1039:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(RecordBuffer->data, buf->buf, buf->size);
data/sylpheed-3.7.0/src/jpilot.c:1490:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( name, "? %d", i );
data/sylpheed-3.7.0/src/main.c:653:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cmd.ipcport = atoi(argv[i + 1]);
data/sylpheed-3.7.0/src/prefs_actions.c:489:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(action, ": ");
data/sylpheed-3.7.0/src/prefs_ui.c:202:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int_data = atoi(tmpparam.defval);
data/sylpheed-3.7.0/src/prefs_ui.c:209:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ushort_data = atoi(tmpparam.defval);
data/sylpheed-3.7.0/src/prefs_ui.c:219:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bool_data = atoi(tmpparam.defval)
data/sylpheed-3.7.0/src/prefs_ui.c:227:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
enum_data = (DummyEnum)atoi(tmpparam.defval);
data/sylpheed-3.7.0/src/prefs_ui.c:260:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*((gushort *)pparam->data) = atoi(entry_str);
data/sylpheed-3.7.0/src/prefs_ui.c:263:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*((gint *)pparam->data) = atoi(entry_str);
data/sylpheed-3.7.0/src/quote_fmt_parse.c:1151:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char const *yyarg[YYERROR_VERBOSE_ARGS_MAXIMUM];
data/sylpheed-3.7.0/src/quote_fmt_parse.c:1168:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char yyformat[sizeof yyunexpected
data/sylpheed-3.7.0/src/quote_fmt_parse.c:1336:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char yymsgbuf[128];
data/sylpheed-3.7.0/src/select-keys.c:160:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *text[N_COL_TITLES];
data/sylpheed-3.7.0/src/select-keys.c:278:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *titles[N_COL_TITLES];
data/sylpheed-3.7.0/src/send_message.c:182:37: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
qinfo->ac = account_find_from_id(atoi(p));
data/sylpheed-3.7.0/src/setup.c:1037:2: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
wchar_t name[1024];
data/sylpheed-3.7.0/src/simple-gettext.c:149:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen( filename, "rb" );
data/sylpheed-3.7.0/src/simple-gettext.c:257:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(stpcpy(stpcpy(stpcpy( buf, dir),"\\"), filename),".mo");
data/sylpheed-3.7.0/src/syldap.c:500:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *attribs[10];
data/sylpheed-3.7.0/src/syldap.c:853:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
ch = ( char * ) strchr( vals[i], ':' );
data/sylpheed-3.7.0/src/syldap.c:984:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
ch = ( char * ) strchr( vals[i], ':' );
data/sylpheed-3.7.0/src/template.c:149:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tmplid = atoi(dir_name);
data/sylpheed-3.7.0/src/update_check.c:123:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*major = atoi(vers[0]);
data/sylpheed-3.7.0/src/update_check.c:125:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*minor = atoi(vers[1]);
data/sylpheed-3.7.0/src/update_check.c:127:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*micro = atoi(vers[2]);
data/sylpheed-3.7.0/libsylph/account.c:68:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(buf, buf + 1, strlen(buf));
data/sylpheed-3.7.0/libsylph/account.c:69:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf[strlen(buf) - 1] = '\0';
data/sylpheed-3.7.0/libsylph/account.c:231:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str = buf + strlen(hentry[hnum].name);
data/sylpheed-3.7.0/libsylph/codeconv.c:194:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
outbuf = g_malloc(strlen(inbuf) * 2 + 1);
data/sylpheed-3.7.0/libsylph/codeconv.c:279:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
outbuf = g_malloc(strlen(inbuf) * 2 + 1);
data/sylpheed-3.7.0/libsylph/codeconv.c:459:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
outbuf = g_malloc(strlen(inbuf) * 3 + 4);
data/sylpheed-3.7.0/libsylph/codeconv.c:596:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
outbuf = g_malloc(strlen(inbuf) * 5 + 4);
data/sylpheed-3.7.0/libsylph/codeconv.c:694:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
outbuf = g_malloc(strlen(inbuf) * 2 + 1);
data/sylpheed-3.7.0/libsylph/codeconv.c:1068:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(p, p + 1, strlen(p));
data/sylpheed-3.7.0/libsylph/codeconv.c:1111:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(p, p + 1, strlen(p));
data/sylpheed-3.7.0/libsylph/codeconv.c:1125:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(p, p + 1, strlen(p));
data/sylpheed-3.7.0/libsylph/codeconv.c:1158:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str);
data/sylpheed-3.7.0/libsylph/codeconv.c:1550:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
in_size = strlen(inbuf);
data/sylpheed-3.7.0/libsylph/codeconv.c:1994:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(locale_table[i].locale))) {
data/sylpheed-3.7.0/libsylph/codeconv.c:2000:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(cur_locale) == 2 &&
data/sylpheed-3.7.0/libsylph/codeconv.c:2085:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(locale_table[i].locale))) {
data/sylpheed-3.7.0/libsylph/codeconv.c:2090:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(cur_locale) == 2 &&
data/sylpheed-3.7.0/libsylph/codeconv.c:2294:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mimestr_len = strlen(MIMESEP_BEGIN) + strlen(mimesep_enc) +
data/sylpheed-3.7.0/libsylph/codeconv.c:2294:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mimestr_len = strlen(MIMESEP_BEGIN) + strlen(mimesep_enc) +
data/sylpheed-3.7.0/libsylph/codeconv.c:2295:3: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(MIMESEP_END);
data/sylpheed-3.7.0/libsylph/codeconv.c:2372:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
out_str_len = strlen(out_str);
data/sylpheed-3.7.0/libsylph/codeconv.c:2384:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (mimestr_len + strlen(block_encoding) + out_enc_str_len <= left) {
data/sylpheed-3.7.0/libsylph/codeconv.c:2411:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
out_str_len = strlen(out_str);
data/sylpheed-3.7.0/libsylph/codeconv.c:2430:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(block_encoding) +
data/sylpheed-3.7.0/libsylph/codeconv.c:2431:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(enc_str);
data/sylpheed-3.7.0/libsylph/codeconv.c:2476:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
outp = out = g_malloc(strlen(str) * 3 + 1);
data/sylpheed-3.7.0/libsylph/codeconv.c:2512:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name_len = strlen(param_name);
data/sylpheed-3.7.0/libsylph/codeconv.c:2526:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(enc_str) <= max_linelen) {
data/sylpheed-3.7.0/libsylph/filter.c:346:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = onig_new(®, ptn, ptn + strlen(needle),
data/sylpheed-3.7.0/libsylph/filter.c:357:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
haystack_len = strlen(haystack);
data/sylpheed-3.7.0/libsylph/filter.c:1663:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
oldpathlen = strlen(old_path);
data/sylpheed-3.7.0/libsylph/filter.c:1699:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pathlen = strlen(path);
data/sylpheed-3.7.0/libsylph/html.c:738:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
up = unescape_str = g_malloc(strlen(str) + 1);
data/sylpheed-3.7.0/libsylph/html.c:753:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
gint len = strlen(val);
data/sylpheed-3.7.0/libsylph/imap.c:74:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str) * 2 + 3; \
data/sylpheed-3.7.0/libsylph/imap.c:2143:8: [1] (buffer) sscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
if (sscanf(buf, "%*d %16s", buf) < 1 ||
data/sylpheed-3.7.0/libsylph/imap.c:2217:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
root_path_len = strlen(root_path);
data/sylpheed-3.7.0/libsylph/imap.c:2304:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(item->path);
data/sylpheed-3.7.0/libsylph/imap.c:3130:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(tmp_path, name, strlen(name)) == 0)
data/sylpheed-3.7.0/libsylph/imap.c:3272:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(buf);
data/sylpheed-3.7.0/libsylph/imap.c:3818:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
capability += strlen("CAPABILITY ");
data/sylpheed-3.7.0/libsylph/imap.c:3840:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = response = g_malloc(strlen(user) * 2 + 2 + strlen(pass) + 1);
data/sylpheed-3.7.0/libsylph/imap.c:3840:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = response = g_malloc(strlen(user) * 2 + 2 + strlen(pass) + 1);
data/sylpheed-3.7.0/libsylph/imap.c:3842:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p += strlen(user) + 1;
data/sylpheed-3.7.0/libsylph/imap.c:3844:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p += strlen(user) + 1;
data/sylpheed-3.7.0/libsylph/imap.c:3846:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p += strlen(pass);
data/sylpheed-3.7.0/libsylph/imap.c:3872:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
challenge = g_malloc(strlen(challenge64 + 2) + 1);
data/sylpheed-3.7.0/libsylph/imap.c:3878:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(guchar *)pass, strlen(pass));
data/sylpheed-3.7.0/libsylph/imap.c:3883:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
response64 = g_malloc((strlen(response) + 3) * 2 + 1);
data/sylpheed-3.7.0/libsylph/imap.c:3884:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
base64_encode(response64, (guchar *)response, strlen(response));
data/sylpheed-3.7.0/libsylph/imap.c:4260:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (buf[0] == '\0' || buf[strlen(buf) - 1] != ')') {
data/sylpheed-3.7.0/libsylph/imap.c:4619:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sock_write_all(SESSION(session)->sock, buf, strlen(buf));
data/sylpheed-3.7.0/libsylph/imap.c:4723:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str);
data/sylpheed-3.7.0/libsylph/imap.c:4809:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
to_len = strlen(mutf7_str) * 5;
data/sylpheed-3.7.0/libsylph/imap.c:4855:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
from_len = strlen(from);
data/sylpheed-3.7.0/libsylph/imap.c:5077:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
oldpathlen = strlen(oldpath);
data/sylpheed-3.7.0/libsylph/mbox.c:195:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
g_memmove(buf, buf + 1, strlen(buf));
data/sylpheed-3.7.0/libsylph/md5.c:361:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
g_return_val_if_fail (strlen(str) >= (S_GNET_MD5_HASH_LENGTH * 2), NULL);
data/sylpheed-3.7.0/libsylph/mh.c:1882:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
oldpathlen = strlen(oldpath);
data/sylpheed-3.7.0/libsylph/nntp.c:322:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (sock_write_all(SESSION(session)->sock, msg, strlen(msg)) < 0) {
data/sylpheed-3.7.0/libsylph/nntp.c:364:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buf) < 3)
data/sylpheed-3.7.0/libsylph/nntp.c:402:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (sock_write_all(sock, buf, strlen(buf)) < 0) {
data/sylpheed-3.7.0/libsylph/pop.c:177:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
md5 = s_gnet_md5_new((guchar *)apop_str, strlen(apop_str));
data/sylpheed-3.7.0/libsylph/pop.c:585:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(buf);
data/sylpheed-3.7.0/libsylph/prefs.c:113:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(conv_str, block_label, strlen(block_label));
data/sylpheed-3.7.0/libsylph/prefs.c:116:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
val = strncmp(buf, block_label, strlen(block_label));
data/sylpheed-3.7.0/libsylph/prefs.c:250:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
val = strncmp(buf, block_label, strlen(block_label));
data/sylpheed-3.7.0/libsylph/prefs_common.c:617:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(old_path);
data/sylpheed-3.7.0/libsylph/procheader.c:61:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(hp->name)))
data/sylpheed-3.7.0/libsylph/procheader.c:73:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
gchar *bufp = buf + strlen(buf);
data/sylpheed-3.7.0/libsylph/procheader.c:81:15: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
nexthead = fgetc(fp);
data/sylpheed-3.7.0/libsylph/procheader.c:105:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bufp += strlen(bufp);
data/sylpheed-3.7.0/libsylph/procheader.c:123:14: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
nexthead = fgetc(fp);
data/sylpheed-3.7.0/libsylph/procheader.c:125:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t buflen = strlen(buf);
data/sylpheed-3.7.0/libsylph/procheader.c:159:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bufp = buf + strlen(buf);
data/sylpheed-3.7.0/libsylph/procheader.c:167:14: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
nexthead = fgetc(fp);
data/sylpheed-3.7.0/libsylph/procheader.c:191:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bufp += strlen(bufp);
data/sylpheed-3.7.0/libsylph/procheader.c:505:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = buf + strlen(hp->name);
data/sylpheed-3.7.0/libsylph/procheader.c:629:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hp = buf + strlen(hentry[hnum].name);
data/sylpheed-3.7.0/libsylph/procheader.c:840:11: [1] (buffer) sscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
result = sscanf(str, "%10s %d %9s %d %2d:%2d:%2d %5s",
data/sylpheed-3.7.0/libsylph/procheader.c:844:11: [1] (buffer) sscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
result = sscanf(str, "%3s,%d %9s %d %2d:%2d:%2d %5s",
data/sylpheed-3.7.0/libsylph/procheader.c:848:11: [1] (buffer) sscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
result = sscanf(str, "%3s,%d %9s %d %2d.%2d.%2d %5s",
data/sylpheed-3.7.0/libsylph/procheader.c:852:11: [1] (buffer) sscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
result = sscanf(str, "%3s %d, %9s %d %2d:%2d:%2d %5s",
data/sylpheed-3.7.0/libsylph/procheader.c:856:11: [1] (buffer) sscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
result = sscanf(str, "%d %9s %d %2d:%2d:%2d %5s",
data/sylpheed-3.7.0/libsylph/procheader.c:860:11: [1] (buffer) sscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
result = sscanf(str, "%d-%2s-%2d %2d:%2d:%2d",
data/sylpheed-3.7.0/libsylph/procheader.c:865:11: [1] (buffer) sscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
result = sscanf(str, "%10s %d %9s %d %2d:%2d %5s",
data/sylpheed-3.7.0/libsylph/procheader.c:869:11: [1] (buffer) sscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
result = sscanf(str, "%d %9s %d %2d:%2d %5s",
data/sylpheed-3.7.0/libsylph/procmime.c:264:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
boundary_len = strlen(boundary);
data/sylpheed-3.7.0/libsylph/procmime.c:275:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
boundary_len = strlen(boundary);
data/sylpheed-3.7.0/libsylph/procmime.c:366:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(buf);
data/sylpheed-3.7.0/libsylph/procmime.c:379:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fpos - partinfo->sub->fpos - strlen(buf);
data/sylpheed-3.7.0/libsylph/procmime.c:654:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dec_value = g_malloc(strlen(begin) + 1);
data/sylpheed-3.7.0/libsylph/procmime.c:680:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dec_value = g_malloc(strlen(begin) + 1);
data/sylpheed-3.7.0/libsylph/procmime.c:879:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(mimeinfo, buf + strlen(hp->name));
data/sylpheed-3.7.0/libsylph/procmime.c:882:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(mimeinfo, buf + strlen(hp->name));
data/sylpheed-3.7.0/libsylph/procmime.c:885:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(mimeinfo, buf + strlen(hp->name));
data/sylpheed-3.7.0/libsylph/procmime.c:914:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(buf);
data/sylpheed-3.7.0/libsylph/procmime.c:959:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
boundary_len = strlen(boundary);
data/sylpheed-3.7.0/libsylph/procmime.c:1087:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(buf);
data/sylpheed-3.7.0/libsylph/procmime.c:1111:6: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(prev_empty_line, "\n");
data/sylpheed-3.7.0/libsylph/procmime.c:1915:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
total_len = strlen(str);
data/sylpheed-3.7.0/libsylph/procmsg.c:1722:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (buf[strlen(buf) - 1] != '&')
data/sylpheed-3.7.0/libsylph/procmsg.c:1723:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buf, "&");
data/sylpheed-3.7.0/libsylph/procmsg.c:1998:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
procmime_scan_content_type_partial(buf + strlen(hentry[0].name),
data/sylpheed-3.7.0/libsylph/procmsg.h:159:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(data); \
data/sylpheed-3.7.0/libsylph/recv.c:145:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(buf);
data/sylpheed-3.7.0/libsylph/session.c:538:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
session->write_buf_len = strlen(msg) + 2;
data/sylpheed-3.7.0/libsylph/session.c:856:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
terminator_len = strlen(session->read_data_terminator);
data/sylpheed-3.7.0/libsylph/session.c:974:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
terminator_len = strlen(session->read_data_terminator);
data/sylpheed-3.7.0/libsylph/smtp.c:174:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(session->user));
data/sylpheed-3.7.0/libsylph/smtp.c:196:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
challenge = g_malloc(strlen(msg + 4) + 1);
data/sylpheed-3.7.0/libsylph/smtp.c:203:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(guchar *)buf, strlen(buf));
data/sylpheed-3.7.0/libsylph/smtp.c:210:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
response64 = g_malloc((strlen(response) + 3) * 2 + 1);
data/sylpheed-3.7.0/libsylph/smtp.c:212:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(response));
data/sylpheed-3.7.0/libsylph/smtp.c:245:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(session->pass));
data/sylpheed-3.7.0/libsylph/smtp.c:335:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
authlen = 1 + strlen(session->user) + 1 + strlen(session->pass);
data/sylpheed-3.7.0/libsylph/smtp.c:335:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
authlen = 1 + strlen(session->user) + 1 + strlen(session->pass);
data/sylpheed-3.7.0/libsylph/smtp.c:342:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p += strlen(p) + 1;
data/sylpheed-3.7.0/libsylph/smtp.c:348:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = outbuf + strlen(outbuf);
data/sylpheed-3.7.0/libsylph/smtp.c:465:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(msg) < 4) {
data/sylpheed-3.7.0/libsylph/socket.c:312:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(addr.sun_path, path, sizeof(addr.sun_path) - 1);
data/sylpheed-3.7.0/libsylph/socket.c:348:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(addr.sun_path, path, sizeof(addr.sun_path) - 1);
data/sylpheed-3.7.0/libsylph/socket.c:1768:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return sock_write_all(sock, buf, strlen(buf));
data/sylpheed-3.7.0/libsylph/socket.c:1805:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return read(fd, buf, len);
data/sylpheed-3.7.0/libsylph/socket.c:2093:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((ret = sock_write_all(sock, buf, strlen(buf))) < 0)
data/sylpheed-3.7.0/libsylph/socks.c:156:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(hostname);
data/sylpheed-3.7.0/libsylph/socks.c:186:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
userlen = strlen(proxy_name);
data/sylpheed-3.7.0/libsylph/socks.c:187:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
passlen = strlen(proxy_pass);
data/sylpheed-3.7.0/libsylph/ssl_hostname_validation.c:194:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (ASN1_STRING_length(common_name_asn1) != strlen(common_name_str)) {
data/sylpheed-3.7.0/libsylph/ssl_hostname_validation.c:235:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (ASN1_STRING_length(current_name->d.dNSName) != strlen(dns_name)) {
data/sylpheed-3.7.0/libsylph/stringtable.c:152:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*totals += strlen(key) * (entry->ref_count - 1);
data/sylpheed-3.7.0/libsylph/unmime.c:49:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
outbuf = g_string_sized_new(strlen(encoded_str) * 2);
data/sylpheed-3.7.0/libsylph/utils.c:402:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len1 = strlen(s1);
data/sylpheed-3.7.0/libsylph/utils.c:403:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len2 = strlen(s2);
data/sylpheed-3.7.0/libsylph/utils.c:431:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
plen = strlen(parent);
data/sylpheed-3.7.0/libsylph/utils.c:456:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (s = str + strlen(str) - 1;
data/sylpheed-3.7.0/libsylph/utils.c:472:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (s = str + strlen(str) - 1; s >= str && *s == tail_char; s--)
data/sylpheed-3.7.0/libsylph/utils.c:485:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = str + strlen(str) - 1;
data/sylpheed-3.7.0/libsylph/utils.c:499:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
haystack_len = strlen(haystack);
data/sylpheed-3.7.0/libsylph/utils.c:500:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
needle_len = strlen(needle);
data/sylpheed-3.7.0/libsylph/utils.c:564:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str);
data/sylpheed-3.7.0/libsylph/utils.c:565:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s_len = strlen(suffix);
data/sylpheed-3.7.0/libsylph/utils.c:675:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(str, srcp, strlen(srcp) + 1);
data/sylpheed-3.7.0/libsylph/utils.c:688:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(str, srcp, strlen(srcp) + 1);
data/sylpheed-3.7.0/libsylph/utils.c:725:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(destp, srcp, strlen(srcp) + 1);
data/sylpheed-3.7.0/libsylph/utils.c:748:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(destp, srcp, strlen(srcp) + 1);
data/sylpheed-3.7.0/libsylph/utils.c:762:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(destp, srcp + 1, strlen(srcp));
data/sylpheed-3.7.0/libsylph/utils.c:821:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(destp, srcp + 1, strlen(srcp));
data/sylpheed-3.7.0/libsylph/utils.c:850:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(destp, srcp, strlen(srcp) + 1);
data/sylpheed-3.7.0/libsylph/utils.c:903:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(destp, srcp, strlen(srcp) + 1);
data/sylpheed-3.7.0/libsylph/utils.c:926:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(destp, srcp, strlen(srcp) + 1);
data/sylpheed-3.7.0/libsylph/utils.c:950:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = str + strlen(str) - 1;
data/sylpheed-3.7.0/libsylph/utils.c:1235:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(p, p + 1, strlen(p));
data/sylpheed-3.7.0/libsylph/utils.c:1251:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(p, p + spc, strlen(p + spc) + 1);
data/sylpheed-3.7.0/libsylph/utils.c:1269:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(p, p + spc, strlen(p + spc) + 1);
data/sylpheed-3.7.0/libsylph/utils.c:1430:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(p);
data/sylpheed-3.7.0/libsylph/utils.c:1445:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
haystack_len = strlen(haystack);
data/sylpheed-3.7.0/libsylph/utils.c:1446:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
needle_len = strlen(needle);
data/sylpheed-3.7.0/libsylph/utils.c:1482:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
haystack_len = strlen(haystack);
data/sylpheed-3.7.0/libsylph/utils.c:1483:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
needle_len = strlen(needle);
data/sylpheed-3.7.0/libsylph/utils.c:1569:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(new_string, str, len);
data/sylpheed-3.7.0/libsylph/utils.c:1616:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
guint delimiter_len = strlen(delim);
data/sylpheed-3.7.0/libsylph/utils.c:1638:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str);
data/sylpheed-3.7.0/libsylph/utils.c:1700:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str);
data/sylpheed-3.7.0/libsylph/utils.c:1784:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
last = group + strlen(group);
data/sylpheed-3.7.0/libsylph/utils.c:1785:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
abbrev_group = ap = g_malloc(strlen(group) + 1);
data/sylpheed-3.7.0/libsylph/utils.c:1811:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(str) <= len)
data/sylpheed-3.7.0/libsylph/utils.c:1838:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((new_len = strlen(str)) <= len)
data/sylpheed-3.7.0/libsylph/utils.c:1898:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(file, p, q - p + 1);
data/sylpheed-3.7.0/libsylph/utils.c:2061:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
outp = enc = g_malloc(strlen(filename) * 3 + 1);
data/sylpheed-3.7.0/libsylph/utils.c:2081:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
outp = enc = g_malloc(strlen(mailto) * 3 + 1);
data/sylpheed-3.7.0/libsylph/utils.c:2114:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*to = g_malloc(strlen(tmp_mailto) + 1);
data/sylpheed-3.7.0/libsylph/utils.c:2139:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*cc = g_malloc(strlen(value) + 1);
data/sylpheed-3.7.0/libsylph/utils.c:2142:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*bcc = g_malloc(strlen(value) + 1);
data/sylpheed-3.7.0/libsylph/utils.c:2146:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*subject = g_malloc(strlen(value) + 1);
data/sylpheed-3.7.0/libsylph/utils.c:2150:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*inreplyto = g_malloc(strlen(value) + 1);
data/sylpheed-3.7.0/libsylph/utils.c:2154:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*body = g_malloc(strlen(value) + 1);
data/sylpheed-3.7.0/libsylph/utils.c:2467:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size += strlen(buf) + 2;
data/sylpheed-3.7.0/libsylph/utils.c:3017:19: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((n_read = read(srcfd, buf, sizeof(buf))) > 0) {
data/sylpheed-3.7.0/libsylph/utils.c:3281:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(buf);
data/sylpheed-3.7.0/libsylph/utils.c:3369:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(buf);
data/sylpheed-3.7.0/libsylph/utils.c:3507:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
out = outp = g_malloc(strlen(str) + 1);
data/sylpheed-3.7.0/libsylph/utils.c:3527:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
out = outp = g_malloc(strlen(str) + 1);
data/sylpheed-3.7.0/libsylph/utils.c:3534:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(outp, p, last - p);
data/sylpheed-3.7.0/libsylph/utils.c:3538:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(outp, newline - 1, 2);
data/sylpheed-3.7.0/libsylph/utils.c:3546:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (last = p + strlen(p);
data/sylpheed-3.7.0/libsylph/utils.c:3549:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(outp, p, last - p);
data/sylpheed-3.7.0/libsylph/utils.c:3578:12: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
next = fgetc(fp);
data/sylpheed-3.7.0/libsylph/utils.c:3640:12: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
next = fgetc(fp);
data/sylpheed-3.7.0/libsylph/utils.c:3877:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmplen = strlen(tmpdir);
data/sylpheed-3.7.0/libsylph/utils.c:3881:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
proglen = strlen(progname);
data/sylpheed-3.7.0/libsylph/utils.c:3922:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str);
data/sylpheed-3.7.0/libsylph/utils.c:3953:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str);
data/sylpheed-3.7.0/libsylph/utils.c:4382:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(zone3, zone, 3);
data/sylpheed-3.7.0/libsylph/utils.c:4394:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if (strlen(zone3) == 3) {
data/sylpheed-3.7.0/libsylph/utils.c:4404:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if (strlen(zone3) == 1) {
data/sylpheed-3.7.0/libsylph/utils.c:4528:2: [1] (buffer) sscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
sscanf(asctime(lt), "%3s %3s %d %d:%d:%d %d\n",
data/sylpheed-3.7.0/libsylph/utils.h:142:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((__tmp = alloca(strlen(str) + 1)) == NULL) { \
data/sylpheed-3.7.0/libsylph/utils.h:159:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(__tmp, str, len); \
data/sylpheed-3.7.0/libsylph/utils.h:171:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len1 = strlen(str1); \
data/sylpheed-3.7.0/libsylph/utils.h:172:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len2 = strlen(str2); \
data/sylpheed-3.7.0/libsylph/xml.c:220:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(buf);
data/sylpheed-3.7.0/libsylph/xml.c:226:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buf) == 0) {
data/sylpheed-3.7.0/libsylph/xml.c:514:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(start + 1, end + 1, strlen(end + 1) + 1);
data/sylpheed-3.7.0/libsylph/xml.c:529:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
estr = g_string_sized_new(strlen(str));
data/sylpheed-3.7.0/plugin/attachment_tool/attachment_tool.c:108:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
boundary_len = strlen(boundary);
data/sylpheed-3.7.0/plugin/attachment_tool/attachment_tool.c:140:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
boundary_len = strlen(boundary);
data/sylpheed-3.7.0/src/about.c:192:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 1; i <= strlen(HOMEPAGE_URI); i++) buf[i] = '_';
data/sylpheed-3.7.0/src/about.c:193:2: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(buf + i, " ");
data/sylpheed-3.7.0/src/action.c:250:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cmd = g_string_sized_new(strlen(action));
data/sylpheed-3.7.0/src/action.c:859:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
write(chld_in[1], msg_str, strlen(msg_str));
data/sylpheed-3.7.0/src/action.c:1199:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = read(source, &buf, 1);
data/sylpheed-3.7.0/src/action.c:1234:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(input);
data/sylpheed-3.7.0/src/action.c:1284:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = read(source, buf, sizeof(buf) - 1);
data/sylpheed-3.7.0/src/action.c:1307:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = read(source, buf, sizeof(buf) - 1);
data/sylpheed-3.7.0/src/addr_compl.c:324:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
gtk_editable_insert_text(GTK_EDITABLE(entry), newtext, strlen(newtext),
data/sylpheed-3.7.0/src/addrbook.c:1657:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( buf );
data/sylpheed-3.7.0/src/addrbook.c:1674:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lenpre = strlen( ADDRBOOK_PREFIX );
data/sylpheed-3.7.0/src/addrbook.c:1675:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lensuf = strlen( ADDRBOOK_SUFFIX );
data/sylpheed-3.7.0/src/addrbook.c:1690:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( numbuf, (dir_name) + lenpre, FILE_NUMDIGITS );
data/sylpheed-3.7.0/src/addressbook.c:4209:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (*sLookup == '\0' || strlen(sLookup) < 1 )
data/sylpheed-3.7.0/src/compose.c:1601:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen((gchar *)cur->data) + 5;
data/sylpheed-3.7.0/src/compose.c:1680:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str = buf + strlen(hentry[hnum].name);
data/sylpheed-3.7.0/src/compose.c:1904:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(buf, p, strlen(p) + 1);
data/sylpheed-3.7.0/src/compose.c:2115:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = sig_body = g_malloc(strlen(sig_text) + 1);
data/sylpheed-3.7.0/src/compose.c:2273:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str);
data/sylpheed-3.7.0/src/compose.c:4130:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(buf);
data/sylpheed-3.7.0/src/compose.c:4147:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
outlen = strlen(outbuf);
data/sylpheed-3.7.0/src/compose.c:4304:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(chars);
data/sylpheed-3.7.0/src/compose.c:4352:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen("Return-Path:")) == 0 ||
data/sylpheed-3.7.0/src/compose.c:4354:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen("Delivered-To:")) == 0 ||
data/sylpheed-3.7.0/src/compose.c:4356:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen("Received:")) == 0 ||
data/sylpheed-3.7.0/src/compose.c:4358:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen("Subject:")) == 0 ||
data/sylpheed-3.7.0/src/compose.c:4360:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen("X-UIDL:")) == 0)
data/sylpheed-3.7.0/src/compose.c:4367:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (g_ascii_strncasecmp(buf, "From:", strlen("From:")) == 0) {
data/sylpheed-3.7.0/src/compose.c:4373:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(" (by way of "),
data/sylpheed-3.7.0/src/compose.c:4804:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(header) + 2, TRUE, charset); \
data/sylpheed-3.7.0/src/compose.c:4839:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen("From: "), TRUE, charset);
data/sylpheed-3.7.0/src/compose.c:4877:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen("Newsgroups: "),
data/sylpheed-3.7.0/src/compose.c:4907:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen("Subject: "), FALSE,
data/sylpheed-3.7.0/src/compose.c:4940:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen("Followup-To: "),
data/sylpheed-3.7.0/src/compose.c:4957:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen("Reply-To: "),
data/sylpheed-3.7.0/src/compose.c:4977:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen("Organization: "), FALSE,
data/sylpheed-3.7.0/src/compose.c:5015:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(chdr->name) + 2, FALSE,
data/sylpheed-3.7.0/src/compose.c:5095:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen("Resent-From: "), TRUE, NULL);
data/sylpheed-3.7.0/src/compose.c:5137:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen("Newsgroups: "),
data/sylpheed-3.7.0/src/compose.c:5155:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen("Subject: "), FALSE,
data/sylpheed-3.7.0/src/compose.c:5180:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen("Followup-To: "),
data/sylpheed-3.7.0/src/compose.c:5197:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen("Resent-Reply-To: "), TRUE,
data/sylpheed-3.7.0/src/compose.c:5283:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
md5 = s_gnet_md5_new((guchar *)hash_str, strlen(hash_str));
data/sylpheed-3.7.0/src/eggtrayicon.c:516:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (message);
data/sylpheed-3.7.0/src/exportcsv.c:280:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( *sFile == '\0'|| strlen( sFile ) < 1 ) {
data/sylpheed-3.7.0/src/folderview.c:1363:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(new_s, "-");
data/sylpheed-3.7.0/src/folderview.c:1364:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(unread_s, "-");
data/sylpheed-3.7.0/src/folderview.c:1365:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(total_s, "-");
data/sylpheed-3.7.0/src/gtkutils.c:817:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(text);
data/sylpheed-3.7.0/src/gtkutils.c:819:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (len > strlen(text))
data/sylpheed-3.7.0/src/gtkutils.c:963:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(text);
data/sylpheed-3.7.0/src/headerview.c:277:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!msginfo->xface || strlen(msginfo->xface) < 5) {
data/sylpheed-3.7.0/src/importcsv.c:517:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( *sFile == '\0'|| strlen( sFile ) < 1 ) {
data/sylpheed-3.7.0/src/importcsv.c:523:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( *sName == '\0'|| strlen( sName ) < 1 ) {
data/sylpheed-3.7.0/src/importldif.c:317:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( *sFile == '\0'|| strlen( sFile ) < 1 ) {
data/sylpheed-3.7.0/src/importldif.c:323:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( *sName == '\0'|| strlen( sName ) < 1 ) {
data/sylpheed-3.7.0/src/jpilot.c:315:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( fileSpec );
data/sylpheed-3.7.0/src/jpilot.c:514:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(dbh->db_name, (gchar *)rdbh->db_name, 31);
data/sylpheed-3.7.0/src/jpilot.c:527:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(dbh->type, (gchar *)rdbh->type, 4);
data/sylpheed-3.7.0/src/jpilot.c:529:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(dbh->creator_id, (gchar *)rdbh->creator_id, 4);
data/sylpheed-3.7.0/src/jpilot.c:531:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(dbh->unique_id_seed, (gchar *)rdbh->unique_id_seed, 4);
data/sylpheed-3.7.0/src/jpilot.c:1585:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( strlen( lblCheck ) < 1 ) return -1;
data/sylpheed-3.7.0/src/jpilot.c:1589:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( strlen( lblName ) ) {
data/sylpheed-3.7.0/src/jpilot.c:1608:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( strlen( pilotFile->path ) < 1 ) retVal = FALSE;
data/sylpheed-3.7.0/src/jpilot.c:1614:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( strlen( pilotFile->name ) < 1 ) retVal = FALSE;
data/sylpheed-3.7.0/src/jpilot.c:1639:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( str );
data/sylpheed-3.7.0/src/ldif.c:382:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
iLen = strlen( firstName );
data/sylpheed-3.7.0/src/ldif.c:385:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( ( iLenT = strlen( nodeFirst->data ) ) > iLen ) {
data/sylpheed-3.7.0/src/ldif.c:637:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
outbuf = g_malloc(strlen(buf) + 1);
data/sylpheed-3.7.0/src/main.c:1579:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fd_write_all(sock, compose_str, strlen(compose_str));
data/sylpheed-3.7.0/src/main.c:1584:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fd_write_all(sock, str, strlen(str));
data/sylpheed-3.7.0/src/main.c:1598:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fd_write_all(sock, compose_str, strlen(compose_str));
data/sylpheed-3.7.0/src/main.c:1613:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fd_write_all(sock, command, strlen(command));
data/sylpheed-3.7.0/src/main.c:1616:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fd_write_all(sock, folder, strlen(folder));
data/sylpheed-3.7.0/src/main.c:1629:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fd_write_all(sock, str, strlen(str));
data/sylpheed-3.7.0/src/main.c:1740:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mailto = g_strdup(buf + strlen("compose_attach") + 1);
data/sylpheed-3.7.0/src/main.c:1752:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
open_compose_new(buf + strlen("compose") + 1, NULL);
data/sylpheed-3.7.0/src/main.c:1763:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fd_write_all(sock, status, strlen(status));
data/sylpheed-3.7.0/src/main.c:1769:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buf) < 6 || buf[4] != ' ') {
data/sylpheed-3.7.0/src/menu.c:134:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
src_path_len = strlen(src_path);
data/sylpheed-3.7.0/src/menu.c:135:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dest_path_len = strlen(dest_path);
data/sylpheed-3.7.0/src/mgutils.c:95:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += 1 + strlen( str );
data/sylpheed-3.7.0/src/mgutils.c:105:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( str );
data/sylpheed-3.7.0/src/mimeview.c:1044:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(mimeview->drag_file));
data/sylpheed-3.7.0/src/passphrase.c:273:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
munlock(last_pass, strlen(last_pass));
data/sylpheed-3.7.0/src/passphrase.c:295:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
gpgme_io_writen(fd, last_pass, strlen(last_pass));
data/sylpheed-3.7.0/src/passphrase.c:298:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
WriteFile(hd, last_pass, strlen(last_pass), &n, NULL);
data/sylpheed-3.7.0/src/passphrase.c:301:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
write(fd, last_pass, strlen(last_pass));
data/sylpheed-3.7.0/src/passphrase.c:326:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (mlock(last_pass, strlen(last_pass)) == -1)
data/sylpheed-3.7.0/src/passphrase.c:337:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
gpgme_io_writen(fd, pass, strlen(pass));
data/sylpheed-3.7.0/src/passphrase.c:340:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
WriteFile(hd, pass, strlen(pass), &n, NULL);
data/sylpheed-3.7.0/src/passphrase.c:343:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
write(fd, pass, strlen(pass));
data/sylpheed-3.7.0/src/prefs_actions.c:479:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(action, entry_text, PREFSBUFSIZE - 1);
data/sylpheed-3.7.0/src/prefs_actions.c:483:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(action) + 2;
data/sylpheed-3.7.0/src/prefs_actions.c:498:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (len + strlen(entry_text) >= PREFSBUFSIZE - 1) {
data/sylpheed-3.7.0/src/prefs_actions.c:618:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf, action, PREFSBUFSIZE - 1);
data/sylpheed-3.7.0/src/prefs_common_dialog.c:3439:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
new_format = g_malloc(strlen(old_format) + 3);
data/sylpheed-3.7.0/src/prefs_common_dialog.c:3441:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(new_format, old_format, cur_pos);
data/sylpheed-3.7.0/src/prefs_ui.c:329:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = str = g_malloc(strlen(text) * 2 + 1);
data/sylpheed-3.7.0/src/prefs_ui.c:378:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bufp = buf = g_malloc(strlen(str) + 1);
data/sylpheed-3.7.0/src/quote_fmt_lex.c:569:14: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
(c = getc( quote_fmtin )) != EOF && c != '\n'; ++n ) \
data/sylpheed-3.7.0/src/quote_fmt_lex.c:1652:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return quote_fmt_scan_bytes(yystr,strlen(yystr) );
data/sylpheed-3.7.0/src/quote_fmt_parse.c:202:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(s);
data/sylpheed-3.7.0/src/quote_fmt_parse.c:1032:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
# define yystrlen strlen
data/sylpheed-3.7.0/src/quote_fmt_parse.c:1622:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str = alloca(strlen(msginfo->fromname) + 1);
data/sylpheed-3.7.0/src/rfc2015.c:102:24: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while (size-- && (c = getc (fp)) != EOF)
data/sylpheed-3.7.0/src/rfc2015.c:235:7: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (fgetc(fp) == '\n') {
data/sylpheed-3.7.0/src/rfc2015.c:243:9: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (fgetc(fp) == '\r')
data/sylpheed-3.7.0/src/rfc2015.c:940:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bytesRW = gpgme_data_write(header, buf, strlen(buf));
data/sylpheed-3.7.0/src/rfc2015.c:950:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bytesRW = gpgme_data_write(plain, clines[i], strlen(clines[i]));
data/sylpheed-3.7.0/src/rfc2015.c:955:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bytesRW = gpgme_data_write(plain, buf, strlen(buf));
data/sylpheed-3.7.0/src/rfc2015.c:1131:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bytesRW = gpgme_data_write(plain, buf, strlen(buf));
data/sylpheed-3.7.0/src/rfc2015.c:1430:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bytesRW = gpgme_data_write(header, buf, strlen (buf));
data/sylpheed-3.7.0/src/rfc2015.c:1439:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bytesRW = gpgme_data_write(plain, clines[i], strlen(clines[i]));
data/sylpheed-3.7.0/src/rfc2015.c:1444:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bytesRW = gpgme_data_write(plain, buf, strlen(buf));
data/sylpheed-3.7.0/src/rfc2015.c:1608:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bytesRW = gpgme_data_write(text, buf, strlen(buf));
data/sylpheed-3.7.0/src/rfc2015.c:1746:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bytesRW = gpgme_data_write(header, buf, strlen (buf));
data/sylpheed-3.7.0/src/rfc2015.c:1755:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bytesRW = gpgme_data_write(plain, clines[i], strlen(clines[i]));
data/sylpheed-3.7.0/src/rfc2015.c:1760:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bytesRW = gpgme_data_write(plain, buf, strlen(buf));
data/sylpheed-3.7.0/src/rfc2015.c:1920:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bytesRW = gpgme_data_write(plain, buf, strlen(buf));
data/sylpheed-3.7.0/src/select-keys.c:174:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (s) == 16)
data/sylpheed-3.7.0/src/send_message.c:166:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = buf + strlen(qentry[hnum].name);
data/sylpheed-3.7.0/src/send_message.c:592:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (fd_write_all(child_stdin, buf, strlen(buf)) < 0 ||
data/sylpheed-3.7.0/src/simple-gettext.c:256:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( dir && (buf=malloc(strlen(dir)+strlen(filename)+1+3+1)) ) {
data/sylpheed-3.7.0/src/simple-gettext.c:256:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( dir && (buf=malloc(strlen(dir)+strlen(filename)+1+3+1)) ) {
data/sylpheed-3.7.0/src/simple-gettext.c:311:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
u32 len = strlen (msgid);
data/sylpheed-3.7.0/src/summaryview.c:6514:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(summaryview->drag_list));
data/sylpheed-3.7.0/src/syldap.c:358:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
iLen = strlen( firstName );
data/sylpheed-3.7.0/src/syldap.c:361:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( ( iLenT = strlen( nodeFirst->data ) ) > iLen ) {
data/sylpheed-3.7.0/src/syldap.c:475:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( strlen( ldapServer->searchCriteria ) < 1 ) {
data/sylpheed-3.7.0/src/syldap.c:482:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( strlen( ldapServer->searchValue ) < 1 ) {
data/sylpheed-3.7.0/src/template.c:225:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(tmpl->value, sizeof(gchar) * strlen(tmpl->value), 1, fp);
data/sylpheed-3.7.0/src/textview.c:574:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
boundary_len = strlen(boundary);
data/sylpheed-3.7.0/src/textview.c:950:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
boundary_len = strlen(boundary);
data/sylpheed-3.7.0/src/textview.c:1475:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& (ep - bp - 1) > strlen(parser[last_index].needle)) {
data/sylpheed-3.7.0/src/textview.c:1480:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(parser[last_index].needle);
data/sylpheed-3.7.0/src/textview.c:2611:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
addr = g_malloc(strlen(uri->uri + 7) + 1);
data/sylpheed-3.7.0/src/textview.c:2634:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uri_string = g_malloc(strlen(uri->uri + 7) + 1);
data/sylpheed-3.7.0/src/vcard.c:248:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( start );
data/sylpheed-3.7.0/src/vcard.c:250:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( buf, start, len );
data/sylpheed-3.7.0/src/vcard.c:281:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( line ) - 1;
data/sylpheed-3.7.0/src/vcard.c:624:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( strlen( cardFile->path ) < 1 ) retVal = FALSE;
data/sylpheed-3.7.0/src/vcard.c:630:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( strlen( cardFile->name ) < 1 ) retVal = FALSE;
data/sylpheed-3.7.0/src/vcard.c:657:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( str );
data/sylpheed-3.7.0/src/vcard.c:671:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lenlbl = strlen( GNOMECARD_SECTION );
ANALYSIS SUMMARY:
Hits = 547
Lines analyzed = 159291 in approximately 3.23 seconds (49251 lines/second)
Physical Source Lines of Code (SLOC) = 124420
Hits@level = [0] 352 [1] 352 [2] 134 [3] 8 [4] 50 [5] 3
Hits@level+ = [0+] 899 [1+] 547 [2+] 195 [3+] 61 [4+] 53 [5+] 3
Hits/KSLOC@level+ = [0+] 7.22553 [1+] 4.3964 [2+] 1.56727 [3+] 0.490275 [4+] 0.425977 [5+] 0.0241119
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.