Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/tcl-fitstcl-2.4/fitsCmds.c Examining data/tcl-fitstcl-2.4/fitsTcl.c Examining data/tcl-fitstcl-2.4/fitsTcl.h Examining data/tcl-fitstcl-2.4/fitsTclInt.h Examining data/tcl-fitstcl-2.4/fitsUtils.c Examining data/tcl-fitstcl-2.4/fvTcl.c Examining data/tcl-fitstcl-2.4/tclShared.c Examining data/tcl-fitstcl-2.4/eval_defs.h Examining data/tcl-fitstcl-2.4/eval_tab.h Examining data/tcl-fitstcl-2.4/fitsInit.c Examining data/tcl-fitstcl-2.4/fitsIO.c FINAL RESULTS: data/tcl-fitstcl-2.4/fitsCmds.c:1082:10: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(outfile, argv[6]); data/tcl-fitstcl-2.4/fitsCmds.c:1115:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(dest, argv[5]); data/tcl-fitstcl-2.4/fitsCmds.c:2809:7: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. If the scanf format is influenceable by an attacker, it's exploitable. sscanf(addStr,PTRFORMAT,&databuff); data/tcl-fitstcl-2.4/fitsCmds.c:3400:13: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy( wtcol, Tcl_GetStringFromObj( argv[argNum], NULL ) ); data/tcl-fitstcl-2.4/fitsCmds.c:3499:10: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy( colname[i], opt ); data/tcl-fitstcl-2.4/fitsCmds.c:3513:16: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy( minname[i], opt ); data/tcl-fitstcl-2.4/fitsCmds.c:3529:16: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy( maxname[i], opt ); data/tcl-fitstcl-2.4/fitsCmds.c:3545:16: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy( binname[i], opt ); data/tcl-fitstcl-2.4/fitsCmds.c:3836:8: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(outfile, opt ); data/tcl-fitstcl-2.4/fitsCmds.c:3946:8: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(strtemp,curFile->fileName); data/tcl-fitstcl-2.4/fitsCmds.c:3964:4: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(strtemp,curFile->fileName); data/tcl-fitstcl-2.4/fitsIO.c:185:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(curFile->CHDUInfo.image.blank, tmpKwd->value); data/tcl-fitstcl-2.4/fitsIO.c:220:6: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(curFile->CHDUInfo.table.colDisp[i], tmpKwd->value); data/tcl-fitstcl-2.4/fitsIO.c:229:6: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(curFile->CHDUInfo.table.colNull[i], tmpKwd->value); data/tcl-fitstcl-2.4/fitsIO.c:289:16: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(testChar, p); data/tcl-fitstcl-2.4/fitsIO.c:409:19: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(testChar, p); data/tcl-fitstcl-2.4/fitsIO.c:632:6: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(hisCard->value,Comment); data/tcl-fitstcl-2.4/fitsIO.c:636:6: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(hisCard->value,Comment); data/tcl-fitstcl-2.4/fitsIO.c:652:6: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(comCard->value,Comment); data/tcl-fitstcl-2.4/fitsIO.c:656:6: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(comCard->value,Comment); data/tcl-fitstcl-2.4/fitsIO.c:665:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(newKwd->name,Name); data/tcl-fitstcl-2.4/fitsIO.c:666:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(newKwd->value,Value); data/tcl-fitstcl-2.4/fitsIO.c:667:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(newKwd->comment,Comment); data/tcl-fitstcl-2.4/fitsIO.c:1253:4: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. If the scanf format is influenceable by an attacker, it's exploitable. sscanf( Tcl_GetStringResult(curFile->interp), data/tcl-fitstcl-2.4/fitsIO.c:1277:7: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(result, PTRFORMAT " %d %ld", backPtr, FLOAT_DATA, nCols); data/tcl-fitstcl-2.4/fitsIO.c:1291:7: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(result, PTRFORMAT " %d %ld", backPtr, FLOAT_DATA, nCols); data/tcl-fitstcl-2.4/fitsIO.c:1305:7: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(result, PTRFORMAT " %d %ld", backPtr, FLOAT_DATA, nCols); data/tcl-fitstcl-2.4/fitsIO.c:1319:7: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(result, PTRFORMAT " %d %ld", backPtr, FLOAT_DATA, nCols); data/tcl-fitstcl-2.4/fitsIO.c:1333:7: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(result, PTRFORMAT " %d %ld", backPtr, DOUBLE_DATA, nCols); data/tcl-fitstcl-2.4/fitsIO.c:1347:7: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(result, PTRFORMAT " %d %ld", backPtr, LONGLONG_DATA, nCols); data/tcl-fitstcl-2.4/fitsIO.c:1409:4: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. If the scanf format is influenceable by an attacker, it's exploitable. sscanf( Tcl_GetStringResult(curFile->interp), data/tcl-fitstcl-2.4/fitsIO.c:1433:7: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(result, PTRFORMAT " %d %ld", backPtr, FLOAT_DATA, nRows); data/tcl-fitstcl-2.4/fitsIO.c:1447:7: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(result, PTRFORMAT " %d %ld", backPtr, FLOAT_DATA, nRows); data/tcl-fitstcl-2.4/fitsIO.c:1461:7: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(result, PTRFORMAT " %d %ld", backPtr, FLOAT_DATA, nRows); data/tcl-fitstcl-2.4/fitsIO.c:1475:7: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(result, PTRFORMAT " %d %ld", backPtr, FLOAT_DATA, nRows); data/tcl-fitstcl-2.4/fitsIO.c:1489:7: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(result, PTRFORMAT " %d %ld", backPtr, DOUBLE_DATA, nRows); data/tcl-fitstcl-2.4/fitsIO.c:1503:7: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(result, PTRFORMAT " %d %ld", backPtr, LONGLONG_DATA, nCols); data/tcl-fitstcl-2.4/fitsIO.c:1823:3: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(result, PTRFORMAT " %d %I64d", dblData, 4, nCol*nRow); data/tcl-fitstcl-2.4/fitsIO.c:1825:3: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(result, PTRFORMAT " %d %lld", dblData, 4, nCol*nRow); data/tcl-fitstcl-2.4/fitsIO.c:1875:3: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(result, PTRFORMAT " %d %I64d", longlongData, 4, nCol*nRow); data/tcl-fitstcl-2.4/fitsIO.c:1877:3: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(result, PTRFORMAT " %d %lld", longlongData, 4, nCol*nRow); data/tcl-fitstcl-2.4/fitsIO.c:1931:3: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(result, PTRFORMAT " %d %I64d", floatData, 3, nCol*nRow); data/tcl-fitstcl-2.4/fitsIO.c:1933:3: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(result, PTRFORMAT " %d %lld", floatData, 3, nCol*nRow); data/tcl-fitstcl-2.4/fitsIO.c:1983:3: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(result, PTRFORMAT " %d %I64d", intData, 2, nCol*nRow); data/tcl-fitstcl-2.4/fitsIO.c:1985:3: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(result, PTRFORMAT " %d %lld", intData, 2, nCol*nRow); data/tcl-fitstcl-2.4/fitsIO.c:2035:3: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(result, PTRFORMAT " %d %I64d", shortData, 1, nCol*nRow); data/tcl-fitstcl-2.4/fitsIO.c:2037:3: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(result, PTRFORMAT " %d %lld", shortData, 1, nCol*nRow); data/tcl-fitstcl-2.4/fitsIO.c:2087:3: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(result, PTRFORMAT " %d %I64d", byteData, 0, nCol*nRow); data/tcl-fitstcl-2.4/fitsIO.c:2089:3: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(result, PTRFORMAT " %d %lld", byteData, 0, nCol*nRow); data/tcl-fitstcl-2.4/fitsIO.c:2449:4: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(result, PTRFORMAT, backPtr); data/tcl-fitstcl-2.4/fitsIO.c:2577:4: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(result, PTRFORMAT " %d %ld", backPtr, retnType, dataSize); data/tcl-fitstcl-2.4/fitsIO.c:2803:4: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(result, PTRFORMAT " %d %ld", backPtr, dataType, numRows); data/tcl-fitstcl-2.4/fitsIO.c:3035:4: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(result, PTRFORMAT " %d %ld", backPtr, dataType, numRows); data/tcl-fitstcl-2.4/fitsIO.c:3101:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(colFormat, curFile->CHDUInfo.table.colFormat[colNums[k]-1]); data/tcl-fitstcl-2.4/fitsIO.c:3140:9: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(cValue[1], colFormat, cValue[0]); data/tcl-fitstcl-2.4/fitsIO.c:3207:9: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(tmpStr,colFormat,xValue[0]); data/tcl-fitstcl-2.4/fitsIO.c:3244:9: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(tmpStr,colFormat,longValue[0]); data/tcl-fitstcl-2.4/fitsIO.c:3281:5: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(tmpStr,colFormat,tmpInt); data/tcl-fitstcl-2.4/fitsIO.c:3284:5: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(tmpStr,colFormat,tmpStr); data/tcl-fitstcl-2.4/fitsIO.c:3286:5: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(tmpStr,colFormat,dblValue[0]); data/tcl-fitstcl-2.4/fitsIO.c:3340:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(cplxFormat,"%s, %s",colFormat,colFormat); data/tcl-fitstcl-2.4/fitsIO.c:3364:9: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(tmpStr,cplxFormat,dblComplex[0],dblComplex[1]); data/tcl-fitstcl-2.4/fitsIO.c:3839:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(card, inCard); data/tcl-fitstcl-2.4/fitsIO.c:4007:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(colFormat, curFile->CHDUInfo.table.colFormat[baseColNum-1]); data/tcl-fitstcl-2.4/fitsIO.c:4089:4: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(outputStr, colFormat, cValue[0]); data/tcl-fitstcl-2.4/fitsIO.c:4134:4: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(outputStr,colFormat,xValue[0]); data/tcl-fitstcl-2.4/fitsIO.c:4158:4: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(outputStr,colFormat,longValue[0]); data/tcl-fitstcl-2.4/fitsIO.c:4184:6: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(outputStr,colFormat,tmpInt); data/tcl-fitstcl-2.4/fitsIO.c:4187:6: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(outputStr,colFormat,outputStr); data/tcl-fitstcl-2.4/fitsIO.c:4189:6: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(outputStr,colFormat,dblValue[0]); data/tcl-fitstcl-2.4/fitsIO.c:4211:4: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(outputStr,colFormat,longlongValue[0]); data/tcl-fitstcl-2.4/fitsIO.c:4307:6: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(colFStr[k], curFile->CHDUInfo.table.colFormat[colNums[k]-1]); data/tcl-fitstcl-2.4/fitsIO.c:4324:4: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(fPtr,rowFormatStr,outputStr); data/tcl-fitstcl-2.4/fitsIO.c:4333:4: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(fPtr,outFStr[k],curFile->CHDUInfo.table.colName[colNums[k]-1]); data/tcl-fitstcl-2.4/fitsIO.c:4339:4: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(fPtr,rowFormatStr,outputStr); data/tcl-fitstcl-2.4/fitsIO.c:4348:4: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(fPtr,outFStr[k],curFile->CHDUInfo.table.colType[colNums[k]-1]); data/tcl-fitstcl-2.4/fitsIO.c:4354:4: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(fPtr,rowFormatStr,outputStr); data/tcl-fitstcl-2.4/fitsIO.c:4363:4: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(fPtr,outFStr[k],curFile->CHDUInfo.table.colUnit[colNums[k]-1]); data/tcl-fitstcl-2.4/fitsIO.c:4385:3: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(fPtr,outFStr[k],curFile->CHDUInfo.table.colName[colNums[k]-1]); data/tcl-fitstcl-2.4/fitsIO.c:4396:3: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(fPtr,outFStr[k],curFile->CHDUInfo.table.colType[colNums[k]-1]); data/tcl-fitstcl-2.4/fitsIO.c:4407:3: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(fPtr,outFStr[k],curFile->CHDUInfo.table.colUnit[colNums[k]-1]); data/tcl-fitstcl-2.4/fitsIO.c:4430:4: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(fPtr, rowFormatStr, outputStr); data/tcl-fitstcl-2.4/fitsIO.c:4475:11: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(outputStr,colFStr[j],cValue[0]); data/tcl-fitstcl-2.4/fitsIO.c:4496:12: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(outputStr,colFStr[j],"U"); data/tcl-fitstcl-2.4/fitsIO.c:4499:6: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(outputStr,colFStr[j],"T"); data/tcl-fitstcl-2.4/fitsIO.c:4501:6: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(outputStr,colFStr[j],"F"); data/tcl-fitstcl-2.4/fitsIO.c:4523:11: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(outputStr,colFStr[j],binValue[0]); data/tcl-fitstcl-2.4/fitsIO.c:4544:12: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(outputStr,colFStr[j],binValue[0]); data/tcl-fitstcl-2.4/fitsIO.c:4565:12: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(outputStr,colFStr[j],shtValue[0]); data/tcl-fitstcl-2.4/fitsIO.c:4586:12: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(outputStr,colFStr[j],intValue[0]); data/tcl-fitstcl-2.4/fitsIO.c:4607:12: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(outputStr,colFStr[j],longValue[0]); data/tcl-fitstcl-2.4/fitsIO.c:4628:12: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(outputStr,colFStr[j],fValue[0]); data/tcl-fitstcl-2.4/fitsIO.c:4652:8: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(outputStr,colFStr[j],tmpInt); data/tcl-fitstcl-2.4/fitsIO.c:4654:8: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(outputStr,colFStr[j],dblValue[0]); data/tcl-fitstcl-2.4/fitsIO.c:4740:6: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(fPtr, outFStr[j], outputStr); data/tcl-fitstcl-2.4/fitsIO.c:5876:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(keyword, "%s%d%c", Keys[isImage][cRefVal],axisNum[row], dest); data/tcl-fitstcl-2.4/fitsIO.c:5880:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(keyword, "%s%d%c", Keys[isImage][cRefPix], axisNum[row], dest); data/tcl-fitstcl-2.4/fitsIO.c:5884:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(keyword, "%s%d%c", Keys[isImage][cType], axisNum[row], dest); data/tcl-fitstcl-2.4/fitsIO.c:5908:10: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(keyword,"%s%d_%d%c", Keys[isImage][cMatrix], data/tcl-fitstcl-2.4/fitsIO.c:5921:10: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(keyword,"%s%d%c", Keys[isImage][cRota], axisNum[1], dest); data/tcl-fitstcl-2.4/fitsIO.c:5927:16: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(keyword,"%s%d%c", Keys[isImage][cRota], axisNum[0], dest); data/tcl-fitstcl-2.4/fitsIO.c:5937:10: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(keyword, "%s%d%c", Keys[isImage][cDelta], axisNum[col], dest); data/tcl-fitstcl-2.4/fitsIO.c:6057:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(keyword, "%s%d%c", Keys[isImage][cRefVal],axisNum[row], dest); data/tcl-fitstcl-2.4/fitsIO.c:6061:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(keyword, "%s%d%c", Keys[isImage][cRefPix], axisNum[row], dest); data/tcl-fitstcl-2.4/fitsIO.c:6065:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(keyword, "%s%d%c", Keys[isImage][cType], axisNum[row], dest); data/tcl-fitstcl-2.4/fitsIO.c:6089:10: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(keyword,"%s%d_%d%c", Keys[isImage][cMatrix], data/tcl-fitstcl-2.4/fitsIO.c:6102:10: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(keyword,"%s%d%c", Keys[isImage][cRota], axisNum[1], dest); data/tcl-fitstcl-2.4/fitsIO.c:6108:16: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(keyword,"%s%d%c", Keys[isImage][cRota], axisNum[0], dest); data/tcl-fitstcl-2.4/fitsIO.c:6118:10: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(keyword, "%s%d%c", Keys[isImage][cDelta], axisNum[col], dest); data/tcl-fitstcl-2.4/fitsIO.c:6239:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(keyword, "%s%d%c", Keys[isImage][cRefVal],axisNum[row], dest); data/tcl-fitstcl-2.4/fitsIO.c:6243:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(keyword, "%s%d%c", Keys[isImage][cRefPix], axisNum[row], dest); data/tcl-fitstcl-2.4/fitsIO.c:6247:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(keyword, "%s%d%c", Keys[isImage][cType], axisNum[row], dest); data/tcl-fitstcl-2.4/fitsIO.c:6271:10: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(keyword,"%s%d_%d%c", Keys[isImage][cMatrix], data/tcl-fitstcl-2.4/fitsIO.c:6284:10: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(keyword,"%s%d%c", Keys[isImage][cRota], axisNum[1], dest); data/tcl-fitstcl-2.4/fitsIO.c:6290:16: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(keyword,"%s%d%c", Keys[isImage][cRota], axisNum[0], dest); data/tcl-fitstcl-2.4/fitsIO.c:6300:10: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(keyword, "%s%d%c", Keys[isImage][cDelta], axisNum[col], dest); data/tcl-fitstcl-2.4/fitsIO.c:6415:4: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(keyword, "%s%d%c", Keys[isImage][cRefVal], Col1, dest); data/tcl-fitstcl-2.4/fitsIO.c:6419:4: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(keyword, "%s%d%c", Keys[isImage][cRefVal], Col2, dest); data/tcl-fitstcl-2.4/fitsIO.c:6423:4: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(keyword, "%s%d%c", Keys[isImage][cRefPix], Col1, dest); data/tcl-fitstcl-2.4/fitsIO.c:6427:4: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(keyword, "%s%d%c", Keys[isImage][cRefPix], Col2, dest); data/tcl-fitstcl-2.4/fitsIO.c:6432:4: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(keyword, "%s%d%c", Keys[isImage][cDelta], Col1, dest); data/tcl-fitstcl-2.4/fitsIO.c:6436:4: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(keyword, "%s%d%c", Keys[isImage][cDelta], Col2, dest); data/tcl-fitstcl-2.4/fitsIO.c:6440:4: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(keyword, "%s%d%c", Keys[isImage][cRota], Col2, dest); data/tcl-fitstcl-2.4/fitsIO.c:6446:10: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(keyword, "%s%d%c", Keys[isImage][cRota], Col1, dest); data/tcl-fitstcl-2.4/fitsIO.c:6461:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(keyword, "%s%d_%d%c", Keys[isImage][cMatrix], Col1, Col1, dest); data/tcl-fitstcl-2.4/fitsIO.c:6466:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(keyword, "%s%d_%d%c", Keys[isImage][cMatrix], Col2, Col2, dest); data/tcl-fitstcl-2.4/fitsIO.c:6471:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(keyword, "%s%d_%d%c", Keys[isImage][cMatrix], Col1, Col2, dest); data/tcl-fitstcl-2.4/fitsIO.c:6476:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(keyword, "%s%d_%d%c", Keys[isImage][cMatrix], Col2, Col1, dest); data/tcl-fitstcl-2.4/fitsIO.c:6540:4: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(keyword, "%s%d%c", Keys[isImage][cType], Col1, dest); data/tcl-fitstcl-2.4/fitsIO.c:6542:4: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(keyword, "%s%d%c", Keys[isImage][cType], Col2, dest); data/tcl-fitstcl-2.4/fitsIO.c:6619:4: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(keyword, "%s%d%c", Keys[isImage][cRefVal], Col1, dest); data/tcl-fitstcl-2.4/fitsIO.c:6623:4: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(keyword, "%s%d%c", Keys[isImage][cRefVal], Col2, dest); data/tcl-fitstcl-2.4/fitsIO.c:6627:4: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(keyword, "%s%d%c", Keys[isImage][cRefPix], Col1, dest); data/tcl-fitstcl-2.4/fitsIO.c:6631:4: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(keyword, "%s%d%c", Keys[isImage][cRefPix], Col2, dest); data/tcl-fitstcl-2.4/fitsIO.c:6636:4: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(keyword, "%s%d%c", Keys[isImage][cDelta], Col1, dest); data/tcl-fitstcl-2.4/fitsIO.c:6640:4: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(keyword, "%s%d%c", Keys[isImage][cDelta], Col2, dest); data/tcl-fitstcl-2.4/fitsIO.c:6644:4: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(keyword, "%s%d%c", Keys[isImage][cRota], Col2, dest); data/tcl-fitstcl-2.4/fitsIO.c:6650:10: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(keyword, "%s%d%c", Keys[isImage][cRota], Col1, dest); data/tcl-fitstcl-2.4/fitsIO.c:6665:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(keyword, "%s%d_%d%c", Keys[isImage][cMatrix], Col1, Col1, dest); data/tcl-fitstcl-2.4/fitsIO.c:6670:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(keyword, "%s%d_%d%c", Keys[isImage][cMatrix], Col2, Col2, dest); data/tcl-fitstcl-2.4/fitsIO.c:6675:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(keyword, "%s%d_%d%c", Keys[isImage][cMatrix], Col1, Col2, dest); data/tcl-fitstcl-2.4/fitsIO.c:6680:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(keyword, "%s%d_%d%c", Keys[isImage][cMatrix], Col2, Col1, dest); data/tcl-fitstcl-2.4/fitsIO.c:6744:4: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(keyword, "%s%d%c", Keys[isImage][cType], Col1, dest); data/tcl-fitstcl-2.4/fitsIO.c:6746:4: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(keyword, "%s%d%c", Keys[isImage][cType], Col2, dest); data/tcl-fitstcl-2.4/fitsIO.c:6881:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(columndata[i].strData, cPtr); data/tcl-fitstcl-2.4/fitsIO.c:7727:4: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(negExpr,"DEFNULL(!(%s),T)",expr); data/tcl-fitstcl-2.4/fitsIO.c:7913:4: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf( result, PTRFORMAT " %d %ld", data/tcl-fitstcl-2.4/fitsTcl.c:152:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buffer,"%s %5.3f", FITSTCL_VERSION, cfitsioVersion); data/tcl-fitstcl-2.4/fitsTcl.c:329:4: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(newFile->fileName, filename); data/tcl-fitstcl-2.4/fitsTcl.c:338:4: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(newFile->handleName,objName); data/tcl-fitstcl-2.4/fitsTcl.c:411:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(result, "Error closing Fits file %s\n", curFile->fileName); data/tcl-fitstcl-2.4/fitsTcl.c:609:4: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(ptrStr, PTRFORMAT, dataPtr); data/tcl-fitstcl-2.4/fitsTcl.c:919:7: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(strBuff,PTRFORMAT, ptr2.Dbl); data/tcl-fitstcl-2.4/fitsTcl.c:987:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(gParse.expr,expr); data/tcl-fitstcl-2.4/fitsUtils.c:225:4: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(rangeCpy,rangeStr); data/tcl-fitstcl-2.4/fitsUtils.c:263:6: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(errMsg,"Error converting token %s in element %s", data/tcl-fitstcl-2.4/fitsUtils.c:282:6: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(errMsg,"Error converting token %s in element %s", data/tcl-fitstcl-2.4/fitsUtils.c:298:6: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(errMsg,"Error converting token %s in element %s", data/tcl-fitstcl-2.4/fitsUtils.c:307:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(errMsg,"Range out of order in element %s",tokstore); data/tcl-fitstcl-2.4/fitsUtils.c:586:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy( colArray[i], tmpstr ); data/tcl-fitstcl-2.4/fitsUtils.c:660:4: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy( *outStr, inStr); data/tcl-fitstcl-2.4/fitsUtils.c:684:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(tmp, curFile->CHDUInfo.table.colDisp[colnum]); data/tcl-fitstcl-2.4/fitsUtils.c:687:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(tmp, curFile->CHDUInfo.table.colType[colnum]); data/tcl-fitstcl-2.4/fitsUtils.c:706:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(rtFormat,"%%s"); data/tcl-fitstcl-2.4/fitsUtils.c:719:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(rtFormat,"%%s"); data/tcl-fitstcl-2.4/fitsUtils.c:751:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(rtFormat,"%%%su", tokenPtr); data/tcl-fitstcl-2.4/fitsUtils.c:777:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(rtFormat,"%%%sd", tokenPtr); data/tcl-fitstcl-2.4/fitsUtils.c:803:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(rtFormat,"%%%sd", tokenPtr); data/tcl-fitstcl-2.4/fitsUtils.c:836:6: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(rtFormat,"%%%sE", tokenPtr); data/tcl-fitstcl-2.4/fitsUtils.c:860:6: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(rtFormat,"%%%sf", tokenPtr); data/tcl-fitstcl-2.4/fitsUtils.c:882:6: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(rtFormat,"%%%sf", tokenPtr); data/tcl-fitstcl-2.4/fitsUtils.c:905:6: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(rtFormat,"%%%sG", tokenPtr); data/tcl-fitstcl-2.4/fitsUtils.c:943:6: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(rtFormat,"%%%so", tokenPtr); data/tcl-fitstcl-2.4/fitsUtils.c:962:6: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(rtFormat,"%%%sx", tokenPtr); data/tcl-fitstcl-2.4/fitsUtils.c:1029:14: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(curFile->CHDUInfo.table.colFormat[colnum], rtFormat); data/tcl-fitstcl-2.4/fitsUtils.c:1038:4: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(curFile->CHDUInfo.table.colFormat[colnum], rtFormat); data/tcl-fitstcl-2.4/fitsUtils.c:1069:18: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(checkStr, a[i].strData); data/tcl-fitstcl-2.4/fitsUtils.c:1075:21: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(checkStr, a[i].strData); data/tcl-fitstcl-2.4/fitsUtils.c:1680:8: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. If the scanf format is influenceable by an attacker, it's exploitable. if( sscanf( str, PTRFORMAT, &ptr) == EOF ) data/tcl-fitstcl-2.4/fitsUtils.c:1385:20: [3] (random) drand48: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. i1 = (long) (drand48()*numRows); data/tcl-fitstcl-2.4/fitsUtils.c:1386:20: [3] (random) drand48: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. i2 = (long) (drand48()*numRows); data/tcl-fitstcl-2.4/eval_defs.h:25:19: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[MAXVARNAME+1]; data/tcl-fitstcl-2.4/eval_defs.h:43:26: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[256]; data/tcl-fitstcl-2.4/eval_tab.h:6:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[256]; /* string value */ data/tcl-fitstcl-2.4/fitsCmds.c:318:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char result[32]; data/tcl-fitstcl-2.4/fitsCmds.c:319:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmpStr[3][FLEN_VALUE]; /* Some general purpose string buffers */ data/tcl-fitstcl-2.4/fitsCmds.c:320:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *mrgList[9], *pattern, *tmpStrPtr; data/tcl-fitstcl-2.4/fitsCmds.c:321:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errMsg[256], **colList; data/tcl-fitstcl-2.4/fitsCmds.c:342:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(result,"%d",curFile->chdu); data/tcl-fitstcl-2.4/fitsCmds.c:358:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(result,"%d", bitpix); data/tcl-fitstcl-2.4/fitsCmds.c:363:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(result,"%lld",curFile->fptr->Fptr->filesize/2880); data/tcl-fitstcl-2.4/fitsCmds.c:396:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(result, "%d", nhdu); data/tcl-fitstcl-2.4/fitsCmds.c:401:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(result, "%-d", curFile->numKwds); data/tcl-fitstcl-2.4/fitsCmds.c:411:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(result, "%d", curFile->CHDUInfo.table.numCols); data/tcl-fitstcl-2.4/fitsCmds.c:421:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(result,"%lld",curFile->CHDUInfo.table.numRows); data/tcl-fitstcl-2.4/fitsCmds.c:559:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(tmpStr[0], "%d", data/tcl-fitstcl-2.4/fitsCmds.c:562:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(tmpStr[1], "%d", data/tcl-fitstcl-2.4/fitsCmds.c:565:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(tmpStr[2], "%d", data/tcl-fitstcl-2.4/fitsCmds.c:606:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(tmpStr[0], "%d", data/tcl-fitstcl-2.4/fitsCmds.c:609:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(tmpStr[1], "%d", data/tcl-fitstcl-2.4/fitsCmds.c:612:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(tmpStr[2], "%d", data/tcl-fitstcl-2.4/fitsCmds.c:668:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(tmpStr[0], "%lld", curFile->CHDUInfo.image.naxisn[i]); data/tcl-fitstcl-2.4/fitsCmds.c:716:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char Comment[FLEN_COMMENT], Name[FLEN_KEYWORD], Value[FLEN_VALUE]; data/tcl-fitstcl-2.4/fitsCmds.c:724:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errMsg[256]; data/tcl-fitstcl-2.4/fitsCmds.c:1065:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char outfile[FLEN_FILENAME]; data/tcl-fitstcl-2.4/fitsCmds.c:1066:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dest[8]; data/tcl-fitstcl-2.4/fitsCmds.c:1078:10: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(outfile, "mem://_1"); data/tcl-fitstcl-2.4/fitsCmds.c:1096:16: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). rownum = atol(argv[4]); data/tcl-fitstcl-2.4/fitsCmds.c:1260:11: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). fElem = atol( argv[3] ); data/tcl-fitstcl-2.4/fitsCmds.c:1262:14: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). nElem = atol( argv[4] ); data/tcl-fitstcl-2.4/fitsCmds.c:1299:11: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). slice = atol(argv[8]); data/tcl-fitstcl-2.4/fitsCmds.c:1302:12: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). cslice = atol(argv[9]); data/tcl-fitstcl-2.4/fitsCmds.c:1497:15: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). felem = atoi(argv[idx++]); data/tcl-fitstcl-2.4/fitsCmds.c:1597:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errMsg[256], *argStr, *cmd, **args; data/tcl-fitstcl-2.4/fitsCmds.c:1800:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char const *newArg[7]; data/tcl-fitstcl-2.4/fitsCmds.c:1824:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char const *newArg[5]; data/tcl-fitstcl-2.4/fitsCmds.c:2250:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char card[81]; data/tcl-fitstcl-2.4/fitsCmds.c:2286:11: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). slice = atol(argv[5]); data/tcl-fitstcl-2.4/fitsCmds.c:2290:9: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). atol(argv[3]), /* first row */ data/tcl-fitstcl-2.4/fitsCmds.c:2291:9: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). atol(argv[4]), /* last row*/ data/tcl-fitstcl-2.4/fitsCmds.c:2318:11: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). slice = atol(argv[5]); data/tcl-fitstcl-2.4/fitsCmds.c:2321:39: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if( imageColsMeanToPtr(curFile, atol(argv[3]), data/tcl-fitstcl-2.4/fitsCmds.c:2322:9: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). atol(argv[4]), slice) != TCL_OK ) { data/tcl-fitstcl-2.4/fitsCmds.c:2436:11: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). slice = atol(argv[3]); data/tcl-fitstcl-2.4/fitsCmds.c:2452:15: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). rotate = atoi(argv[4]); data/tcl-fitstcl-2.4/fitsCmds.c:2618:16: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). rowNum = atol(argv[4]); data/tcl-fitstcl-2.4/fitsCmds.c:2619:16: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). nelem = atol(argv[5]); data/tcl-fitstcl-2.4/fitsCmds.c:2625:11: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). felem = atol(argv[7]); data/tcl-fitstcl-2.4/fitsCmds.c:2662:11: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). felem = atol(argv[5]); data/tcl-fitstcl-2.4/fitsCmds.c:2979:11: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). slice = atol(argv[13]); data/tcl-fitstcl-2.4/fitsCmds.c:3031:23: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). ifVariableVec = atol(argv[13]); data/tcl-fitstcl-2.4/fitsCmds.c:3198:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char result[16]; data/tcl-fitstcl-2.4/fitsCmds.c:3201:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errMsg[256]; data/tcl-fitstcl-2.4/fitsCmds.c:3263:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(result,"%d",isNew); data/tcl-fitstcl-2.4/fitsCmds.c:3339:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errMsg[256]; data/tcl-fitstcl-2.4/fitsCmds.c:3347:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char colname[4][FLEN_VALUE]; data/tcl-fitstcl-2.4/fitsCmds.c:3351:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char minname[4][FLEN_VALUE]; data/tcl-fitstcl-2.4/fitsCmds.c:3352:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char maxname[4][FLEN_VALUE]; data/tcl-fitstcl-2.4/fitsCmds.c:3353:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char binname[4][FLEN_VALUE]; data/tcl-fitstcl-2.4/fitsCmds.c:3355:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char wtcol[FLEN_VALUE]; data/tcl-fitstcl-2.4/fitsCmds.c:3749:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char outfile[FLEN_FILENAME]; data/tcl-fitstcl-2.4/fitsCmds.c:3766:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char strtemp[FLEN_FILENAME]; data/tcl-fitstcl-2.4/fitsCmds.c:3945:8: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(strtemp,"Error opening output file: "); data/tcl-fitstcl-2.4/fitsCmds.c:3963:4: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(strtemp,"Smoothed output of the image file: "); data/tcl-fitstcl-2.4/fitsIO.c:85:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmpStr[80]; data/tcl-fitstcl-2.4/fitsIO.c:86:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmpKey[FLEN_KEYWORD]; data/tcl-fitstcl-2.4/fitsIO.c:89:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char testChar[1024]; data/tcl-fitstcl-2.4/fitsIO.c:90:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char numChar[1024]; data/tcl-fitstcl-2.4/fitsIO.c:107:7: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(curFile->extname ,"Image"); data/tcl-fitstcl-2.4/fitsIO.c:143:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(tmpStr, "Unrecognized Extension type: %d", curFile->hduType); data/tcl-fitstcl-2.4/fitsIO.c:192:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(tmpKey,"TZERO%d",i+1); data/tcl-fitstcl-2.4/fitsIO.c:203:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(tmpKey,"TSCAL%d",i+1); data/tcl-fitstcl-2.4/fitsIO.c:214:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(tmpKey,"TDISP%d",i+1); data/tcl-fitstcl-2.4/fitsIO.c:223:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(tmpKey,"TNULL%d",i+1); data/tcl-fitstcl-2.4/fitsIO.c:226:6: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(curFile->CHDUInfo.table.colNull[i], "NULL"); data/tcl-fitstcl-2.4/fitsIO.c:492:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errMsg[80]; data/tcl-fitstcl-2.4/fitsIO.c:522:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(errMsg,"Too many columns in Fits file, MAX is %d", data/tcl-fitstcl-2.4/fitsIO.c:585:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char Comment[FLEN_COMMENT], Name[FLEN_KEYWORD], Value[FLEN_VALUE]; data/tcl-fitstcl-2.4/fitsIO.c:740:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char record[FLEN_CARD]; data/tcl-fitstcl-2.4/fitsIO.c:748:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(record,"Error dumping header: card #%d\n",i); data/tcl-fitstcl-2.4/fitsIO.c:780:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[FLEN_KEYWORD]; data/tcl-fitstcl-2.4/fitsIO.c:781:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char val[FLEN_VALUE]; data/tcl-fitstcl-2.4/fitsIO.c:782:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char com[FLEN_COMMENT]; data/tcl-fitstcl-2.4/fitsIO.c:800:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(key,"Error dumping header: card #%d\n",i); data/tcl-fitstcl-2.4/fitsIO.c:835:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[FLEN_KEYWORD]; data/tcl-fitstcl-2.4/fitsIO.c:836:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char val[FLEN_VALUE]; data/tcl-fitstcl-2.4/fitsIO.c:847:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(val,"Error dumping header: card #%d\n",i); data/tcl-fitstcl-2.4/fitsIO.c:882:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char record[FLEN_CARD+1]; data/tcl-fitstcl-2.4/fitsIO.c:893:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(record,"Error dumping header: card #%d\n",i); data/tcl-fitstcl-2.4/fitsIO.c:1186:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errMsg[80]; data/tcl-fitstcl-2.4/fitsIO.c:1187:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(errMsg,"Unknown HDU Type: %d\n",curFile->hduType); data/tcl-fitstcl-2.4/fitsIO.c:1221:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char result[80]; data/tcl-fitstcl-2.4/fitsIO.c:1385:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char result[80]; data/tcl-fitstcl-2.4/fitsIO.c:1528:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *nullArray, tmpStr[80]; data/tcl-fitstcl-2.4/fitsIO.c:1591:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(tmpStr, "%I64d", ((LONGLONG *)imgData)[i]); data/tcl-fitstcl-2.4/fitsIO.c:1593:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(tmpStr, "%lld", ((LONGLONG *)imgData)[i]); data/tcl-fitstcl-2.4/fitsIO.c:1669:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmpStr[80]; data/tcl-fitstcl-2.4/fitsIO.c:1670:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char varIndex[80]; data/tcl-fitstcl-2.4/fitsIO.c:1677:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char result[80]; data/tcl-fitstcl-2.4/fitsIO.c:1700:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(result,"Image exceeds %d dimensions", FITS_MAXDIMS); data/tcl-fitstcl-2.4/fitsIO.c:1833:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(varIndex,"%I64d,%I64d", fCol+i-1, fRow+j-1); data/tcl-fitstcl-2.4/fitsIO.c:1835:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(varIndex,"%lld,%lld", fCol+i-1, fRow+j-1); data/tcl-fitstcl-2.4/fitsIO.c:1885:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(varIndex,"%I64d,%I64d", fCol+i-1, fRow+j-1); data/tcl-fitstcl-2.4/fitsIO.c:1887:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(varIndex,"%lld,%lld", fCol+i-1, fRow+j-1); data/tcl-fitstcl-2.4/fitsIO.c:1893:19: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(tmpStr, "%I64d", longlongData[tmpIndex]); data/tcl-fitstcl-2.4/fitsIO.c:1895:19: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(tmpStr, "%lld", longlongData[tmpIndex]); data/tcl-fitstcl-2.4/fitsIO.c:1941:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(varIndex,"%I64d,%I64d", fCol+i-1, fRow+j-1); data/tcl-fitstcl-2.4/fitsIO.c:1943:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(varIndex,"%lld,%lld", fCol+i-1, fRow+j-1); data/tcl-fitstcl-2.4/fitsIO.c:1993:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(varIndex,"%I64d,%I64d", fCol+i-1, fRow+j-1); data/tcl-fitstcl-2.4/fitsIO.c:1995:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(varIndex,"%lld,%lld", fCol+i-1, fRow+j-1); data/tcl-fitstcl-2.4/fitsIO.c:2045:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(varIndex,"%I64d,%I64d", fCol+i-1, fRow+j-1); data/tcl-fitstcl-2.4/fitsIO.c:2047:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(varIndex,"%lld,%lld", fCol+i-1, fRow+j-1); data/tcl-fitstcl-2.4/fitsIO.c:2097:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(varIndex,"%I64d,%I64d", fCol+i-1, fRow+j-1); data/tcl-fitstcl-2.4/fitsIO.c:2099:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(varIndex,"%lld,%lld", fCol+i-1, fRow+j-1); data/tcl-fitstcl-2.4/fitsIO.c:2148:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char result[80]; data/tcl-fitstcl-2.4/fitsIO.c:2471:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char result[80]; data/tcl-fitstcl-2.4/fitsIO.c:2497:18: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). bytNul = atoi(nulStr); data/tcl-fitstcl-2.4/fitsIO.c:2507:12: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). shtNul = atoi(nulStr); data/tcl-fitstcl-2.4/fitsIO.c:2518:12: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). intNul = atoi(nulStr); data/tcl-fitstcl-2.4/fitsIO.c:2612:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char result[80]; data/tcl-fitstcl-2.4/fitsIO.c:2632:12: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). bytNul = atoi(nulStr); data/tcl-fitstcl-2.4/fitsIO.c:2660:12: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). shtNul = atoi(nulStr); data/tcl-fitstcl-2.4/fitsIO.c:2688:12: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). intNul = atoi(nulStr); data/tcl-fitstcl-2.4/fitsIO.c:2840:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char result[80]; data/tcl-fitstcl-2.4/fitsIO.c:2860:12: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). bytNul = atoi(nulStr); data/tcl-fitstcl-2.4/fitsIO.c:2888:12: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). shtNul = atoi(nulStr); data/tcl-fitstcl-2.4/fitsIO.c:2919:12: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). intNul = atoi(nulStr); data/tcl-fitstcl-2.4/fitsIO.c:3065:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char xValue[1]; data/tcl-fitstcl-2.4/fitsIO.c:3067:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char nullArray[1]; data/tcl-fitstcl-2.4/fitsIO.c:3069:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char lValue[1]; data/tcl-fitstcl-2.4/fitsIO.c:3070:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char colFormat[80]; data/tcl-fitstcl-2.4/fitsIO.c:3071:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cplxFormat[80]; data/tcl-fitstcl-2.4/fitsIO.c:3072:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmpStr[80]; data/tcl-fitstcl-2.4/fitsIO.c:3074:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char varIndex[80]; data/tcl-fitstcl-2.4/fitsIO.c:3077:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errMsg[160]; data/tcl-fitstcl-2.4/fitsIO.c:3110:16: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(varIndex,"%d,%d", fCol-1+k, m-1); data/tcl-fitstcl-2.4/fitsIO.c:3149:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(varIndex,"%d,%d", fCol-1+k, m-1); data/tcl-fitstcl-2.4/fitsIO.c:3153:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ckfree( (char *) cValue[0]); data/tcl-fitstcl-2.4/fitsIO.c:3187:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(varIndex,"%d,%d", fCol-1+k, m-1); data/tcl-fitstcl-2.4/fitsIO.c:3216:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(varIndex,"%d,%d", fCol-1+k, m-1); data/tcl-fitstcl-2.4/fitsIO.c:3253:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(varIndex,"%d,%d", fCol-1+k, m-1); data/tcl-fitstcl-2.4/fitsIO.c:3279:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(tmpStr, "%.0f", dblValue[0]); data/tcl-fitstcl-2.4/fitsIO.c:3280:14: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). tmpInt = atoi(tmpStr); data/tcl-fitstcl-2.4/fitsIO.c:3283:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(tmpStr, "%f", dblValue[0]); data/tcl-fitstcl-2.4/fitsIO.c:3296:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(varIndex,"%d,%d", fCol-1+k, m-1); data/tcl-fitstcl-2.4/fitsIO.c:3321:16: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(tmpStr, "%I64d", longlongValue[0]); data/tcl-fitstcl-2.4/fitsIO.c:3323:16: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(tmpStr, "%lld", longlongValue[0]); data/tcl-fitstcl-2.4/fitsIO.c:3331:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(varIndex,"%d,%d", fCol-1+k, m-1); data/tcl-fitstcl-2.4/fitsIO.c:3375:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(varIndex,"%d,%d", fCol-1+k, m-1); data/tcl-fitstcl-2.4/fitsIO.c:3382:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(errMsg,"Unrecognized colType: %d for column %d", data/tcl-fitstcl-2.4/fitsIO.c:3591:17: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). naxes[i] = atol(cDims[i]); data/tcl-fitstcl-2.4/fitsIO.c:3735:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char card[FLEN_CARD],orig[FLEN_CARD]; data/tcl-fitstcl-2.4/fitsIO.c:3736:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char keyName[FLEN_KEYWORD]; data/tcl-fitstcl-2.4/fitsIO.c:3737:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char keyword[FLEN_KEYWORD]; data/tcl-fitstcl-2.4/fitsIO.c:3738:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char val[FLEN_VALUE]; data/tcl-fitstcl-2.4/fitsIO.c:3739:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char comm[FLEN_COMMENT]; data/tcl-fitstcl-2.4/fitsIO.c:3814:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char card[FLEN_CARD]; data/tcl-fitstcl-2.4/fitsIO.c:3815:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char keyword[FLEN_KEYWORD]; data/tcl-fitstcl-2.4/fitsIO.c:3816:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char val[FLEN_VALUE]; data/tcl-fitstcl-2.4/fitsIO.c:3817:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char comm[FLEN_COMMENT]; data/tcl-fitstcl-2.4/fitsIO.c:3951:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char result[80]; data/tcl-fitstcl-2.4/fitsIO.c:3959:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(result, "%d", newHduType); data/tcl-fitstcl-2.4/fitsIO.c:3982:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char colFormat[80]; data/tcl-fitstcl-2.4/fitsIO.c:3983:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char outputStr[80]; data/tcl-fitstcl-2.4/fitsIO.c:3988:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(sepString,"\",\""); data/tcl-fitstcl-2.4/fitsIO.c:3992:19: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ( ( fPtr = fopen(filename, "w")) == NULL ) { data/tcl-fitstcl-2.4/fitsIO.c:3999:19: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ( ( fPtr = fopen(filename, "a")) == NULL ) { data/tcl-fitstcl-2.4/fitsIO.c:4014:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(outputStr, "%lld", m); data/tcl-fitstcl-2.4/fitsIO.c:4054:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char xValue[1]; data/tcl-fitstcl-2.4/fitsIO.c:4055:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char nullArray[1]; data/tcl-fitstcl-2.4/fitsIO.c:4057:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char lValue[1]; data/tcl-fitstcl-2.4/fitsIO.c:4058:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char outputStr[80]; data/tcl-fitstcl-2.4/fitsIO.c:4061:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errMsg[160]; data/tcl-fitstcl-2.4/fitsIO.c:4087:11: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(outputStr,"NULL"); data/tcl-fitstcl-2.4/fitsIO.c:4091:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ckfree( (char *) cValue[0]); data/tcl-fitstcl-2.4/fitsIO.c:4111:11: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(outputStr,"NULL"); data/tcl-fitstcl-2.4/fitsIO.c:4156:4: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(outputStr,"NULL"); data/tcl-fitstcl-2.4/fitsIO.c:4179:11: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(outputStr,"NULL"); data/tcl-fitstcl-2.4/fitsIO.c:4182:6: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(outputStr, "%.0f", dblValue[0]); data/tcl-fitstcl-2.4/fitsIO.c:4183:15: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). tmpInt = atoi(outputStr); data/tcl-fitstcl-2.4/fitsIO.c:4186:6: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(outputStr, "%f", dblValue[0]); data/tcl-fitstcl-2.4/fitsIO.c:4209:11: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(outputStr,"NULL"); data/tcl-fitstcl-2.4/fitsIO.c:4217:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(errMsg,"ERROR"); data/tcl-fitstcl-2.4/fitsIO.c:4262:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char rowFormatStr[10]; data/tcl-fitstcl-2.4/fitsIO.c:4275:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char nullArray[1]; data/tcl-fitstcl-2.4/fitsIO.c:4277:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char binValue[1]; data/tcl-fitstcl-2.4/fitsIO.c:4278:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char lValue[1]; data/tcl-fitstcl-2.4/fitsIO.c:4280:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errMsg[80]; data/tcl-fitstcl-2.4/fitsIO.c:4292:6: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(sepString,"\",\""); data/tcl-fitstcl-2.4/fitsIO.c:4301:8: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(outFStr[k]," %%%ds", strSize[k]); data/tcl-fitstcl-2.4/fitsIO.c:4302:8: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(rowFormatStr," %%%ds", 8); data/tcl-fitstcl-2.4/fitsIO.c:4304:8: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(outFStr[k],"%s"); data/tcl-fitstcl-2.4/fitsIO.c:4305:8: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(rowFormatStr,"%s"); data/tcl-fitstcl-2.4/fitsIO.c:4314:21: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ( ( fPtr = fopen(filename, "w")) == NULL ) { data/tcl-fitstcl-2.4/fitsIO.c:4323:4: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(outputStr,"Row"); data/tcl-fitstcl-2.4/fitsIO.c:4330:17: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(outFStr[k]," %%%ds", strSize[k] * tmpInt - (tmpInt - 1)); data/tcl-fitstcl-2.4/fitsIO.c:4338:4: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(outputStr," "); data/tcl-fitstcl-2.4/fitsIO.c:4345:17: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(outFStr[k]," %%%ds", strSize[k] * tmpInt - (tmpInt - 1)); data/tcl-fitstcl-2.4/fitsIO.c:4353:4: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(outputStr," "); data/tcl-fitstcl-2.4/fitsIO.c:4360:17: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(outFStr[k]," %%%ds", strSize[k] * tmpInt - (tmpInt - 1)); data/tcl-fitstcl-2.4/fitsIO.c:4370:21: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ( ( fPtr = fopen(filename, "a")) == NULL ) { data/tcl-fitstcl-2.4/fitsIO.c:4382:16: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(outFStr[k]," %%%ds", strSize[k] * tmpInt - (tmpInt - 1)); data/tcl-fitstcl-2.4/fitsIO.c:4393:16: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(outFStr[k]," %%%ds", strSize[k] * tmpInt - (tmpInt - 1)); data/tcl-fitstcl-2.4/fitsIO.c:4404:16: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(outFStr[k]," %%%ds", strSize[k] * tmpInt - (tmpInt - 1)); data/tcl-fitstcl-2.4/fitsIO.c:4413:21: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ( ( fPtr = fopen(filename, "a")) == NULL ) { data/tcl-fitstcl-2.4/fitsIO.c:4427:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(outputStr, "%d", rowNum); data/tcl-fitstcl-2.4/fitsIO.c:4477:22: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ckfree( (char *) cValue[0]); data/tcl-fitstcl-2.4/fitsIO.c:4521:12: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(outputStr,"NULL"); data/tcl-fitstcl-2.4/fitsIO.c:4542:12: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(outputStr,"NULL"); data/tcl-fitstcl-2.4/fitsIO.c:4563:12: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(outputStr,"NULL"); data/tcl-fitstcl-2.4/fitsIO.c:4584:12: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(outputStr,"NULL"); data/tcl-fitstcl-2.4/fitsIO.c:4605:12: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(outputStr,"NULL"); data/tcl-fitstcl-2.4/fitsIO.c:4626:12: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(outputStr,"NULL"); data/tcl-fitstcl-2.4/fitsIO.c:4647:12: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(outputStr,"NULL"); data/tcl-fitstcl-2.4/fitsIO.c:4650:8: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(outputStr, "%.0f", dblValue[0]); data/tcl-fitstcl-2.4/fitsIO.c:4651:17: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). tmpInt = atoi(outputStr); data/tcl-fitstcl-2.4/fitsIO.c:4674:12: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(outputStr,"NULL"); data/tcl-fitstcl-2.4/fitsIO.c:4677:19: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(outputStr,"%I64d",longlongValue[0]); data/tcl-fitstcl-2.4/fitsIO.c:4679:19: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(outputStr,"%lld",longlongValue[0]); data/tcl-fitstcl-2.4/fitsIO.c:4700:12: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(outputStr,"NULL, NULL"); data/tcl-fitstcl-2.4/fitsIO.c:4702:12: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(outputStr,"%.5f, %.5f",fltComplex[0],fltComplex[1]); data/tcl-fitstcl-2.4/fitsIO.c:4721:12: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(outputStr,"NULL, NULL"); data/tcl-fitstcl-2.4/fitsIO.c:4723:12: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(outputStr,"%.8f, %.8f",dblComplex[0], data/tcl-fitstcl-2.4/fitsIO.c:4729:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(errMsg,"Unrecognized colType: %d for column %d\n", data/tcl-fitstcl-2.4/fitsIO.c:4732:18: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ckfree( (char *) outFStr[0]); data/tcl-fitstcl-2.4/fitsIO.c:4733:18: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ckfree( (char *) colFStr[0]); data/tcl-fitstcl-2.4/fitsIO.c:4755:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ckfree( (char *) outFStr[0]); data/tcl-fitstcl-2.4/fitsIO.c:4757:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ckfree( (char *) colFStr[0]); data/tcl-fitstcl-2.4/fitsIO.c:4779:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char outFStr[80]; data/tcl-fitstcl-2.4/fitsIO.c:4789:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char outputStr[1024]; data/tcl-fitstcl-2.4/fitsIO.c:4794:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char result[80]; data/tcl-fitstcl-2.4/fitsIO.c:4812:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(result,"Image exceeds %d dimensions", FITS_MAXDIMS); data/tcl-fitstcl-2.4/fitsIO.c:4876:21: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ( ( fPtr = fopen(filename, "w")) == NULL ) { data/tcl-fitstcl-2.4/fitsIO.c:4882:21: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ( ( fPtr = fopen(filename, "a")) == NULL ) { data/tcl-fitstcl-2.4/fitsIO.c:4890:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(outFStr, "%%%ds", cellSize); data/tcl-fitstcl-2.4/fitsIO.c:4896:6: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(sepString,"\",\""); data/tcl-fitstcl-2.4/fitsIO.c:4935:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(outputStr, "%d", rowNum); data/tcl-fitstcl-2.4/fitsIO.c:4942:6: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(outputStr, "NULL"); data/tcl-fitstcl-2.4/fitsIO.c:4945:6: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(outputStr,"%g", dblData[tmpIndex]); data/tcl-fitstcl-2.4/fitsIO.c:4990:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(outputStr, "%d", rowNum); data/tcl-fitstcl-2.4/fitsIO.c:4997:6: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(outputStr, "NULL"); data/tcl-fitstcl-2.4/fitsIO.c:5000:6: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(outputStr,"%I64d", longlongData[tmpIndex]); data/tcl-fitstcl-2.4/fitsIO.c:5002:6: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(outputStr,"%lld", longlongData[tmpIndex]); data/tcl-fitstcl-2.4/fitsIO.c:5046:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(outputStr, "%d", rowNum); data/tcl-fitstcl-2.4/fitsIO.c:5053:6: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(outputStr, "NULL"); data/tcl-fitstcl-2.4/fitsIO.c:5056:6: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(outputStr,"%g", floatData[tmpIndex]); data/tcl-fitstcl-2.4/fitsIO.c:5100:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(outputStr, "%d", rowNum); data/tcl-fitstcl-2.4/fitsIO.c:5107:6: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(outputStr, "NULL"); data/tcl-fitstcl-2.4/fitsIO.c:5109:6: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(outputStr,"%d", intData[tmpIndex]); data/tcl-fitstcl-2.4/fitsIO.c:5153:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(outputStr, "%d", rowNum); data/tcl-fitstcl-2.4/fitsIO.c:5160:6: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(outputStr, "NULL"); data/tcl-fitstcl-2.4/fitsIO.c:5162:6: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(outputStr,"%d", shortData[tmpIndex]); data/tcl-fitstcl-2.4/fitsIO.c:5206:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(outputStr, "%d", rowNum); data/tcl-fitstcl-2.4/fitsIO.c:5213:6: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(outputStr, "NULL"); data/tcl-fitstcl-2.4/fitsIO.c:5215:6: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(outputStr,"%u", byteData[tmpIndex]); data/tcl-fitstcl-2.4/fitsIO.c:5852:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char keyword[FLEN_VALUE]; data/tcl-fitstcl-2.4/fitsIO.c:5853:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char axisType[FITS_MAXDIMS][FLEN_VALUE]; data/tcl-fitstcl-2.4/fitsIO.c:5855:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char *Keys[2][7] = { data/tcl-fitstcl-2.4/fitsIO.c:6028:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char keyword[FLEN_VALUE]; data/tcl-fitstcl-2.4/fitsIO.c:6029:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char axisType[FITS_MAXDIMS][FLEN_VALUE]; data/tcl-fitstcl-2.4/fitsIO.c:6032:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char *Keys[2][7] = { data/tcl-fitstcl-2.4/fitsIO.c:6210:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char keyword[FLEN_VALUE]; data/tcl-fitstcl-2.4/fitsIO.c:6211:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char axisType[FITS_MAXDIMS][FLEN_VALUE]; data/tcl-fitstcl-2.4/fitsIO.c:6214:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char *Keys[2][7] = { data/tcl-fitstcl-2.4/fitsIO.c:6393:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ctype[FLEN_VALUE], ctemp[FLEN_VALUE]; data/tcl-fitstcl-2.4/fitsIO.c:6394:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char keyword[FLEN_VALUE]; data/tcl-fitstcl-2.4/fitsIO.c:6399:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char *Keys[2][7] = { data/tcl-fitstcl-2.4/fitsIO.c:6546:7: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(ctype,"none"); status = 0; data/tcl-fitstcl-2.4/fitsIO.c:6597:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ctype[FLEN_VALUE], ctemp[FLEN_VALUE]; data/tcl-fitstcl-2.4/fitsIO.c:6598:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char keyword[FLEN_VALUE]; data/tcl-fitstcl-2.4/fitsIO.c:6603:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char *Keys[2][7] = { data/tcl-fitstcl-2.4/fitsIO.c:6750:7: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(ctype,"none"); status = 0; data/tcl-fitstcl-2.4/fitsIO.c:6791:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ctype[5]; data/tcl-fitstcl-2.4/fitsIO.c:6883:15: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ckfree((char *) tmpPtr[0]); data/tcl-fitstcl-2.4/fitsIO.c:7127:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ckfree((char *) columndata[j].strData); data/tcl-fitstcl-2.4/fitsIO.c:7147:10: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(rowlist[i],"%ld",columndata[i].rowindex); data/tcl-fitstcl-2.4/fitsIO.c:7153:10: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(rowlist[uniqueNum],"%ld",columndata[i].rowindex); data/tcl-fitstcl-2.4/fitsIO.c:7303:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmpStr[80]; data/tcl-fitstcl-2.4/fitsIO.c:7313:6: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(tmpStr, "%16.8g", colstat.min); data/tcl-fitstcl-2.4/fitsIO.c:7315:6: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(tmpStr, "%.10f", colstat.min); data/tcl-fitstcl-2.4/fitsIO.c:7319:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(tmpStr, "%ld", colstat.fmin); data/tcl-fitstcl-2.4/fitsIO.c:7323:6: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(tmpStr, "%16.8g", colstat.max); data/tcl-fitstcl-2.4/fitsIO.c:7325:6: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(tmpStr, "%.10f", colstat.max); data/tcl-fitstcl-2.4/fitsIO.c:7329:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(tmpStr, "%ld", colstat.fmax); data/tcl-fitstcl-2.4/fitsIO.c:7333:6: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(tmpStr, "%16.8g", colstat.mean); data/tcl-fitstcl-2.4/fitsIO.c:7335:6: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(tmpStr, "%.10f", colstat.mean); data/tcl-fitstcl-2.4/fitsIO.c:7340:6: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(tmpStr, "%16.8g", colstat.stdiv); data/tcl-fitstcl-2.4/fitsIO.c:7342:6: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(tmpStr, "%.10f", colstat.stdiv); data/tcl-fitstcl-2.4/fitsIO.c:7346:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(tmpStr, "%ld", colstat.numData); data/tcl-fitstcl-2.4/fitsIO.c:7359:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmpStr[80]; data/tcl-fitstcl-2.4/fitsIO.c:7366:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(tmpStr, "%.10f", colstat.min); data/tcl-fitstcl-2.4/fitsIO.c:7369:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(tmpStr, "%.10f", colstat.max); data/tcl-fitstcl-2.4/fitsIO.c:7533:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cValue[1]; data/tcl-fitstcl-2.4/fitsIO.c:7537:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char nullArray[1]; data/tcl-fitstcl-2.4/fitsIO.c:7774:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char result[80]; data/tcl-fitstcl-2.4/fitsIO.c:7804:12: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). bytNul = atoi(nulStr); data/tcl-fitstcl-2.4/fitsIO.c:7829:12: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). intNul = atol(nulStr); data/tcl-fitstcl-2.4/fitsIO.c:7935:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmpStr[32]; data/tcl-fitstcl-2.4/fitsIO.c:7956:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf( tmpStr, "%d %ld {", dataType, nelem ); data/tcl-fitstcl-2.4/fitsIO.c:7959:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf( tmpStr, " %ld ", naxes[i] ); data/tcl-fitstcl-2.4/fitsTcl.c:149:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[32]; data/tcl-fitstcl-2.4/fitsTcl.c:223:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *objName,tmpStr[16], *filename; data/tcl-fitstcl-2.4/fitsTcl.c:263:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(tmpStr,"fitsObj%d",objCounter++); data/tcl-fitstcl-2.4/fitsTcl.c:315:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(tmpStr,"%d", FITS_MAX_OPEN_FILES); data/tcl-fitstcl-2.4/fitsTcl.c:397:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char result[256]; data/tcl-fitstcl-2.4/fitsTcl.c:450:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char strBuff[16]; data/tcl-fitstcl-2.4/fitsTcl.c:476:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(strBuff,"%-d",FitsOpenFiles[i].rwmode); data/tcl-fitstcl-2.4/fitsTcl.c:478:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(strBuff,"%-d",FitsOpenFiles[i].chdu); data/tcl-fitstcl-2.4/fitsTcl.c:480:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(strBuff,"%-d",FitsOpenFiles[i].hduType); data/tcl-fitstcl-2.4/fitsTcl.c:573:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ptrStr[16]; data/tcl-fitstcl-2.4/fitsTcl.c:629:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *rangeStr, errMsg[256], *opt; data/tcl-fitstcl-2.4/fitsTcl.c:719:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *strArg, strBuff[80]; data/tcl-fitstcl-2.4/fitsTcl.c:1105:10: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(thelval->str, "%I64d", ptrs.llong[0]); data/tcl-fitstcl-2.4/fitsTcl.c:1107:10: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(thelval->str, "%lld", ptrs.llong[0]); data/tcl-fitstcl-2.4/fitsTclInt.h:84:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char blank[80]; data/tcl-fitstcl-2.4/fitsTclInt.h:94:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[FLEN_KEYWORD]; data/tcl-fitstcl-2.4/fitsTclInt.h:95:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char value[FLEN_VALUE]; data/tcl-fitstcl-2.4/fitsTclInt.h:96:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char comment[FLEN_COMMENT]; data/tcl-fitstcl-2.4/fitsTclInt.h:102:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char value[FLEN_CARD]; data/tcl-fitstcl-2.4/fitsTclInt.h:115:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char extname[FLEN_VALUE]; data/tcl-fitstcl-2.4/fitsUtils.c:72:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[100]; data/tcl-fitstcl-2.4/fitsUtils.c:79:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buffer, ". (CFITSIO error status was %d)\n", status); data/tcl-fitstcl-2.4/fitsUtils.c:228:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(errMsg,"No tokens found"); data/tcl-fitstcl-2.4/fitsUtils.c:250:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(errMsg,"Null token in range"); data/tcl-fitstcl-2.4/fitsUtils.c:329:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(errMsg,"Too many ranges, maximum is %d",maxInt); data/tcl-fitstcl-2.4/fitsUtils.c:677:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp[80]; data/tcl-fitstcl-2.4/fitsUtils.c:678:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char rtFormat[80]; data/tcl-fitstcl-2.4/fitsUtils.c:708:46: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). curFile->CHDUInfo.table.colWidth[colnum] = atoi(tokenPtr); data/tcl-fitstcl-2.4/fitsUtils.c:720:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if ( !isDisp || atoi(TDispKey) != 0 ) { data/tcl-fitstcl-2.4/fitsUtils.c:727:49: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). curFile->CHDUInfo.table.colWidth[colnum] = atoi(tokenPtr); data/tcl-fitstcl-2.4/fitsUtils.c:739:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(rtFormat,"%%.8G"); data/tcl-fitstcl-2.4/fitsUtils.c:741:19: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if ( !isDisp || atoi(TDispKey) != 0 ) { data/tcl-fitstcl-2.4/fitsUtils.c:742:6: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(rtFormat,"%%u"); data/tcl-fitstcl-2.4/fitsUtils.c:747:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(rtFormat,"%%u"); data/tcl-fitstcl-2.4/fitsUtils.c:750:13: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). w = atoi(tokenPtr); data/tcl-fitstcl-2.4/fitsUtils.c:765:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(rtFormat,"%%.8G"); data/tcl-fitstcl-2.4/fitsUtils.c:767:19: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if ( !isDisp || atoi(TDispKey) != 0 ) { data/tcl-fitstcl-2.4/fitsUtils.c:768:6: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(rtFormat,"%%d"); data/tcl-fitstcl-2.4/fitsUtils.c:773:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(rtFormat,"%%d"); data/tcl-fitstcl-2.4/fitsUtils.c:776:13: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). w = atoi (tokenPtr); data/tcl-fitstcl-2.4/fitsUtils.c:791:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(rtFormat,"%%.8G"); data/tcl-fitstcl-2.4/fitsUtils.c:793:19: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if ( !isDisp || atoi(TDispKey) != 0 ) { data/tcl-fitstcl-2.4/fitsUtils.c:794:6: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(rtFormat,"%%d"); data/tcl-fitstcl-2.4/fitsUtils.c:799:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(rtFormat,"%%d"); data/tcl-fitstcl-2.4/fitsUtils.c:802:13: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). w = atoi (tokenPtr); data/tcl-fitstcl-2.4/fitsUtils.c:817:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(rtFormat,"%%.8G"); data/tcl-fitstcl-2.4/fitsUtils.c:819:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(rtFormat,"%%ld"); data/tcl-fitstcl-2.4/fitsUtils.c:827:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if ( !isDisp || atoi(TDispKey) != 0 ) { data/tcl-fitstcl-2.4/fitsUtils.c:828:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(rtFormat,"%%#.6E"); data/tcl-fitstcl-2.4/fitsUtils.c:833:6: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(rtFormat,"%%#.6E"); data/tcl-fitstcl-2.4/fitsUtils.c:837:10: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). w = atoi(tokenPtr); data/tcl-fitstcl-2.4/fitsUtils.c:850:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if ( !isDisp || atoi(TDispKey) != 0 ) { data/tcl-fitstcl-2.4/fitsUtils.c:851:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(rtFormat,"%%#.6f"); data/tcl-fitstcl-2.4/fitsUtils.c:856:6: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(rtFormat,"%%#.6f"); data/tcl-fitstcl-2.4/fitsUtils.c:859:10: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). w = atoi(tokenPtr); data/tcl-fitstcl-2.4/fitsUtils.c:873:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if ( !isDisp || atoi(TDispKey) != 0 ) { data/tcl-fitstcl-2.4/fitsUtils.c:874:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(rtFormat,"%%.12E"); data/tcl-fitstcl-2.4/fitsUtils.c:879:6: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(rtFormat, "%%.12E"); data/tcl-fitstcl-2.4/fitsUtils.c:883:10: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). w = atoi(tokenPtr); data/tcl-fitstcl-2.4/fitsUtils.c:896:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if ( !isDisp || atoi(TDispKey) != 0 ) { data/tcl-fitstcl-2.4/fitsUtils.c:897:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(rtFormat,"%%.6G"); data/tcl-fitstcl-2.4/fitsUtils.c:902:6: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(rtFormat,"%%.6G"); data/tcl-fitstcl-2.4/fitsUtils.c:906:10: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). w = atoi(tokenPtr); data/tcl-fitstcl-2.4/fitsUtils.c:919:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(rtFormat,"%%#.6G"); data/tcl-fitstcl-2.4/fitsUtils.c:926:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(rtFormat,"%%#.12G"); data/tcl-fitstcl-2.4/fitsUtils.c:933:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if ( !isDisp || atoi(TDispKey) != 0 ) { data/tcl-fitstcl-2.4/fitsUtils.c:934:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(rtFormat,"%%#o"); data/tcl-fitstcl-2.4/fitsUtils.c:939:6: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(rtFormat,"%%#o"); data/tcl-fitstcl-2.4/fitsUtils.c:942:10: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). w = atoi(tokenPtr); data/tcl-fitstcl-2.4/fitsUtils.c:952:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if ( !isDisp || atoi(TDispKey) != 0 ) { data/tcl-fitstcl-2.4/fitsUtils.c:953:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(rtFormat,"%%#x"); data/tcl-fitstcl-2.4/fitsUtils.c:958:6: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(rtFormat,"%%#x"); data/tcl-fitstcl-2.4/fitsUtils.c:961:10: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). w = atoi(tokenPtr); data/tcl-fitstcl-2.4/fitsUtils.c:971:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if ( !isDisp || atoi(TDispKey) != 0 ) { data/tcl-fitstcl-2.4/fitsUtils.c:972:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(rtFormat,"%%#u"); data/tcl-fitstcl-2.4/fitsUtils.c:977:6: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(rtFormat,"%%#u"); data/tcl-fitstcl-2.4/fitsUtils.c:980:6: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(rtFormat,"%%#u"); data/tcl-fitstcl-2.4/fitsUtils.c:981:49: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). curFile->CHDUInfo.table.colWidth[colnum] = atoi(tokenPtr); data/tcl-fitstcl-2.4/fitsUtils.c:1409:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmpStr[126]; data/tcl-fitstcl-2.4/fitsUtils.c:1423:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(tmpStr, "%I64d", *ptrs.llong); data/tcl-fitstcl-2.4/fitsUtils.c:1425:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(tmpStr, "%lld", *ptrs.llong); data/tcl-fitstcl-2.4/fitsUtils.c:1532:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(tmpStr, "%f", ptrs.dbl[i]); data/tcl-fitstcl-2.4/fvTcl.c:26:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char simple[10]; data/tcl-fitstcl-2.4/fvTcl.c:55:19: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if( (fitsPtr = fopen(argv[1], "r")) == NULL ) { data/tcl-fitstcl-2.4/fvTcl.c:108:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char theMaxStr[40]; data/tcl-fitstcl-2.4/fvTcl.c:162:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char theMinStr[40]; data/tcl-fitstcl-2.4/fvTcl.c:214:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char idxStr[80]; data/tcl-fitstcl-2.4/fvTcl.c:232:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(idxStr, "%d", i); data/tcl-fitstcl-2.4/fvTcl.c:255:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char idxStr[80]; data/tcl-fitstcl-2.4/fvTcl.c:274:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(idxStr, "%d", i); data/tcl-fitstcl-2.4/fvTcl.c:298:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char varIndex[80]; data/tcl-fitstcl-2.4/fvTcl.c:300:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char stateVar[20]; data/tcl-fitstcl-2.4/fvTcl.c:310:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(stateVar,"_rowState"); data/tcl-fitstcl-2.4/fvTcl.c:312:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(stateVar,"_colNotchedState"); data/tcl-fitstcl-2.4/fvTcl.c:328:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(varIndex, "%d", i); data/tcl-fitstcl-2.4/fvTcl.c:342:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(varIndex, "%d", i); data/tcl-fitstcl-2.4/fvTcl.c:356:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(varIndex, "%d", newfirst); data/tcl-fitstcl-2.4/fvTcl.c:369:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char index[40], valStr[40]; data/tcl-fitstcl-2.4/fvTcl.c:383:17: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). dc_lmar = atoi(tmpStr); data/tcl-fitstcl-2.4/fvTcl.c:391:18: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). dc_width = atoi(tmpStr); data/tcl-fitstcl-2.4/fvTcl.c:399:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). dc_rightspace = atoi(tmpStr); data/tcl-fitstcl-2.4/fvTcl.c:407:17: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). charPix = atoi(tmpStr); data/tcl-fitstcl-2.4/fvTcl.c:415:15: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). nCols = atoi(tmpStr); data/tcl-fitstcl-2.4/fvTcl.c:419:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(valStr, "%d", absXPos); data/tcl-fitstcl-2.4/fvTcl.c:428:30: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). cellPixWidth = charPix*atoi(tmpStr)+8; data/tcl-fitstcl-2.4/fvTcl.c:430:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(valStr, "%d", cellPixWidth); data/tcl-fitstcl-2.4/fvTcl.c:434:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(index, "%d", i+1); data/tcl-fitstcl-2.4/fvTcl.c:435:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(valStr, "%d", absXPos); data/tcl-fitstcl-2.4/fvTcl.c:451:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char index1[80]; data/tcl-fitstcl-2.4/fvTcl.c:452:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char index2[80]; data/tcl-fitstcl-2.4/fvTcl.c:453:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char index3[80]; data/tcl-fitstcl-2.4/fvTcl.c:510:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(index2, "%d", (firstCol+i-1)); data/tcl-fitstcl-2.4/fvTcl.c:516:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(index3,"%d,%d", (firstCol+i-1), (firstRow+j-1)); data/tcl-fitstcl-2.4/fvTcl.c:526:6: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(index1, "%d_%d", i, showRows-j-1); data/tcl-fitstcl-2.4/fvTcl.c:528:6: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(index1, "%d_%d", i, j); data/tcl-fitstcl-2.4/fitsCmds.c:3502:10: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy( colname[i], opt, j ); data/tcl-fitstcl-2.4/fitsCmds.c:3516:16: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy( minname[i], opt, j ); data/tcl-fitstcl-2.4/fitsCmds.c:3532:16: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy( maxname[i], opt, j ); data/tcl-fitstcl-2.4/fitsCmds.c:3548:16: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy( binname[i], opt, j ); data/tcl-fitstcl-2.4/fitsCmds.c:3834:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(opt); data/tcl-fitstcl-2.4/fitsIO.c:182:3: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(curFile->CHDUInfo.image.blank, " "); data/tcl-fitstcl-2.4/fitsIO.c:217:6: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(curFile->CHDUInfo.table.colDisp[i], " "); data/tcl-fitstcl-2.4/fitsIO.c:296:19: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(numChar, n, len); data/tcl-fitstcl-2.4/fitsIO.c:416:22: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(numChar, n, len); data/tcl-fitstcl-2.4/fitsIO.c:900:7: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(record, "\n"); data/tcl-fitstcl-2.4/fitsIO.c:3751:7: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(keyword, inCard, 8); data/tcl-fitstcl-2.4/fitsIO.c:3754:7: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(card, inCard, 80); data/tcl-fitstcl-2.4/fitsIO.c:3831:7: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(keyword, inCard, 8); data/tcl-fitstcl-2.4/fitsIO.c:4083:4: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(outputStr," "); data/tcl-fitstcl-2.4/fitsIO.c:4107:4: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(outputStr," "); data/tcl-fitstcl-2.4/fitsIO.c:4152:4: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(outputStr," "); data/tcl-fitstcl-2.4/fitsIO.c:4174:4: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(outputStr," "); data/tcl-fitstcl-2.4/fitsIO.c:4205:4: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(outputStr," "); data/tcl-fitstcl-2.4/fitsIO.c:4471:12: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(outputStr," "); data/tcl-fitstcl-2.4/fitsIO.c:4492:12: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(outputStr," "); data/tcl-fitstcl-2.4/fitsIO.c:4517:12: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(outputStr," "); data/tcl-fitstcl-2.4/fitsIO.c:4538:12: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(outputStr," "); data/tcl-fitstcl-2.4/fitsIO.c:4559:12: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(outputStr," "); data/tcl-fitstcl-2.4/fitsIO.c:4580:12: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(outputStr," "); data/tcl-fitstcl-2.4/fitsIO.c:4601:12: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(outputStr," "); data/tcl-fitstcl-2.4/fitsIO.c:4622:12: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(outputStr," "); data/tcl-fitstcl-2.4/fitsIO.c:4643:12: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(outputStr," "); data/tcl-fitstcl-2.4/fitsIO.c:4670:12: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(outputStr," "); data/tcl-fitstcl-2.4/fitsIO.c:4696:12: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(outputStr," "); data/tcl-fitstcl-2.4/fitsIO.c:4717:12: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(outputStr," "); data/tcl-fitstcl-2.4/fitsIO.c:5894:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for ( i=0; i< strlen(axisType[row]); i++) { data/tcl-fitstcl-2.4/fitsIO.c:5985:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for ( i=0; i< strlen(axisType[row]); i++) { data/tcl-fitstcl-2.4/fitsIO.c:6075:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for ( i=0; i< strlen(axisType[row]); i++) { data/tcl-fitstcl-2.4/fitsIO.c:6165:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for ( i=0; i< strlen(axisType[row]); i++) { data/tcl-fitstcl-2.4/fitsIO.c:6257:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for ( i=0; i< strlen(axisType[row]); i++) { data/tcl-fitstcl-2.4/fitsIO.c:6347:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for ( i=0; i< strlen(axisType[row]); i++) { data/tcl-fitstcl-2.4/fitsIO.c:6544:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if( status || strlen(ctype)<5 || strlen(ctemp)<5 data/tcl-fitstcl-2.4/fitsIO.c:6544:37: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if( status || strlen(ctype)<5 || strlen(ctemp)<5 data/tcl-fitstcl-2.4/fitsIO.c:6553:7: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(ctype, &ctype[4], 4); data/tcl-fitstcl-2.4/fitsIO.c:6748:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if( status || strlen(ctype)<5 || strlen(ctemp)<5 data/tcl-fitstcl-2.4/fitsIO.c:6748:37: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if( status || strlen(ctype)<5 || strlen(ctemp)<5 data/tcl-fitstcl-2.4/fitsIO.c:6757:7: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(ctype, &ctype[4], 4); data/tcl-fitstcl-2.4/fitsIO.c:6875:6: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(tmpPtr[0], ""); data/tcl-fitstcl-2.4/fitsIO.c:7113:16: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(columndata[k].strData, "\0"); data/tcl-fitstcl-2.4/fitsIO.c:7726:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). negExpr = (char*)ckalloc((strlen(expr)+15)*sizeof(char)); data/tcl-fitstcl-2.4/fitsTcl.c:324:41: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). newFile->fileName = (char *) ckalloc(strlen(filename)+1); data/tcl-fitstcl-2.4/fitsTcl.c:331:44: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). newFile->handleName = (char *) ckalloc( strlen(objName) + 1 ); data/tcl-fitstcl-2.4/fitsTcl.c:983:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). lexpr = strlen(gParse.expr); data/tcl-fitstcl-2.4/fitsTcl.c:985:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). lexpr = strlen(expr); data/tcl-fitstcl-2.4/fitsTcl.c:989:4: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(gParse.expr + lexpr,"\n"); data/tcl-fitstcl-2.4/fitsTcl.c:1168:7: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy( variable->name, dataName, MAXVARNAME ); data/tcl-fitstcl-2.4/fitsUtils.c:51:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen( res ); data/tcl-fitstcl-2.4/fitsUtils.c:84:7: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(buffer, "\n"); data/tcl-fitstcl-2.4/fitsUtils.c:224:33: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). rangeCpy = (char *)ckalloc( (strlen(rangeStr)+1) * sizeof(char) ); data/tcl-fitstcl-2.4/fitsUtils.c:575:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). colTotSize += strlen(curFile->CHDUInfo.table.colName[i])+1; data/tcl-fitstcl-2.4/fitsUtils.c:583:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). colArray[i] = colArray[i-1] + strlen(colArray[i-1]) + 1; data/tcl-fitstcl-2.4/fitsUtils.c:659:33: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). *outStr = (char *) ckalloc ( strlen(inStr) +1 ); data/tcl-fitstcl-2.4/fitsUtils.c:988:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(TDispKey) == 0) { data/tcl-fitstcl-2.4/fitsUtils.c:991:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (i=0; i<strlen(TDispKey); i++) data/tcl-fitstcl-2.4/fvTcl.c:64:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if( strlen(simple) <= 0 ) { data/tcl-fitstcl-2.4/fvTcl.c:69:9: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if ( (fgetc(fitsPtr) == '\n') || (fgetc(fitsPtr) == '\r') ) { data/tcl-fitstcl-2.4/fvTcl.c:69:37: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if ( (fgetc(fitsPtr) == '\n') || (fgetc(fitsPtr) == '\r') ) { data/tcl-fitstcl-2.4/fvTcl.c:125:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(theMaxStr, arrayPtr[0], 39); data/tcl-fitstcl-2.4/fvTcl.c:132:6: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(theMaxStr, arrayPtr[j], 39); data/tcl-fitstcl-2.4/fvTcl.c:179:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(theMinStr, arrayPtr[0], 39); data/tcl-fitstcl-2.4/fvTcl.c:186:6: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(theMinStr, arrayPtr[j], 39); data/tcl-fitstcl-2.4/fvTcl.c:425:4: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(index, "0"); ANALYSIS SUMMARY: Hits = 662 Lines analyzed = 16732 in approximately 0.45 seconds (37093 lines/second) Physical Source Lines of Code (SLOC) = 12993 Hits@level = [0] 71 [1] 67 [2] 414 [3] 2 [4] 179 [5] 0 Hits@level+ = [0+] 733 [1+] 662 [2+] 595 [3+] 181 [4+] 179 [5+] 0 Hits/KSLOC@level+ = [0+] 56.415 [1+] 50.9505 [2+] 45.7939 [3+] 13.9306 [4+] 13.7766 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.