Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/therion-5.5.1ds1/extern/catch2/catch.hpp
Examining data/therion-5.5.1ds1/extern/dbfopen.c
Examining data/therion-5.5.1ds1/extern/getline.c
Examining data/therion-5.5.1ds1/extern/getline.h
Examining data/therion-5.5.1ds1/extern/getopt.c
Examining data/therion-5.5.1ds1/extern/getopt.h
Examining data/therion-5.5.1ds1/extern/getopt1.c
Examining data/therion-5.5.1ds1/extern/img.c
Examining data/therion-5.5.1ds1/extern/img.h
Examining data/therion-5.5.1ds1/extern/poly2tri/common/shapes.cc
Examining data/therion-5.5.1ds1/extern/poly2tri/common/shapes.h
Examining data/therion-5.5.1ds1/extern/poly2tri/common/utils.h
Examining data/therion-5.5.1ds1/extern/poly2tri/poly2tri.h
Examining data/therion-5.5.1ds1/extern/poly2tri/sweep/advancing_front.cc
Examining data/therion-5.5.1ds1/extern/poly2tri/sweep/advancing_front.h
Examining data/therion-5.5.1ds1/extern/poly2tri/sweep/cdt.cc
Examining data/therion-5.5.1ds1/extern/poly2tri/sweep/cdt.h
Examining data/therion-5.5.1ds1/extern/poly2tri/sweep/sweep.cc
Examining data/therion-5.5.1ds1/extern/poly2tri/sweep/sweep.h
Examining data/therion-5.5.1ds1/extern/poly2tri/sweep/sweep_context.cc
Examining data/therion-5.5.1ds1/extern/poly2tri/sweep/sweep_context.h
Examining data/therion-5.5.1ds1/extern/quickhull/ConvexHull.hpp
Examining data/therion-5.5.1ds1/extern/quickhull/HalfEdgeMesh.hpp
Examining data/therion-5.5.1ds1/extern/quickhull/MathUtils.hpp
Examining data/therion-5.5.1ds1/extern/quickhull/QuickHull.cpp
Examining data/therion-5.5.1ds1/extern/quickhull/QuickHull.hpp
Examining data/therion-5.5.1ds1/extern/quickhull/Structs/Mesh.hpp
Examining data/therion-5.5.1ds1/extern/quickhull/Structs/Plane.hpp
Examining data/therion-5.5.1ds1/extern/quickhull/Structs/Pool.hpp
Examining data/therion-5.5.1ds1/extern/quickhull/Structs/Ray.hpp
Examining data/therion-5.5.1ds1/extern/quickhull/Structs/Vector3.hpp
Examining data/therion-5.5.1ds1/extern/quickhull/Structs/VertexDataSource.hpp
Examining data/therion-5.5.1ds1/extern/quickhull/Tests/QuickHullTests.cpp
Examining data/therion-5.5.1ds1/extern/quickhull/Tests/QuickHullTests.hpp
Examining data/therion-5.5.1ds1/extern/quickhull/Types.hpp
Examining data/therion-5.5.1ds1/extern/shapefil.h
Examining data/therion-5.5.1ds1/extern/shpopen.c
Examining data/therion-5.5.1ds1/loch/getline.c
Examining data/therion-5.5.1ds1/loch/getline.h
Examining data/therion-5.5.1ds1/loch/img.c
Examining data/therion-5.5.1ds1/loch/img.h
Examining data/therion-5.5.1ds1/loch/lxAboutDlg.cxx
Examining data/therion-5.5.1ds1/loch/lxAboutDlg.h
Examining data/therion-5.5.1ds1/loch/lxData.cxx
Examining data/therion-5.5.1ds1/loch/lxData.h
Examining data/therion-5.5.1ds1/loch/lxFNT10x20_bdf.h
Examining data/therion-5.5.1ds1/loch/lxFNT6x13_bdf.h
Examining data/therion-5.5.1ds1/loch/lxFNTFreeSans_ttf.h
Examining data/therion-5.5.1ds1/loch/lxFile.cxx
Examining data/therion-5.5.1ds1/loch/lxFile.h
Examining data/therion-5.5.1ds1/loch/lxGLC.cxx
Examining data/therion-5.5.1ds1/loch/lxGLC.h
Examining data/therion-5.5.1ds1/loch/lxGUI.cxx
Examining data/therion-5.5.1ds1/loch/lxGUI.h
Examining data/therion-5.5.1ds1/loch/lxImgIO.cxx
Examining data/therion-5.5.1ds1/loch/lxImgIO.h
Examining data/therion-5.5.1ds1/loch/lxLRUD.cxx
Examining data/therion-5.5.1ds1/loch/lxLRUD.h
Examining data/therion-5.5.1ds1/loch/lxMath.cxx
Examining data/therion-5.5.1ds1/loch/lxMath.h
Examining data/therion-5.5.1ds1/loch/lxOGLFT.cxx
Examining data/therion-5.5.1ds1/loch/lxOGLFT.h
Examining data/therion-5.5.1ds1/loch/lxOptDlg.cxx
Examining data/therion-5.5.1ds1/loch/lxOptDlg.h
Examining data/therion-5.5.1ds1/loch/lxPres.cxx
Examining data/therion-5.5.1ds1/loch/lxPres.h
Examining data/therion-5.5.1ds1/loch/lxR2D.c
Examining data/therion-5.5.1ds1/loch/lxR2D.h
Examining data/therion-5.5.1ds1/loch/lxR2P.h
Examining data/therion-5.5.1ds1/loch/lxRender.cxx
Examining data/therion-5.5.1ds1/loch/lxRender.h
Examining data/therion-5.5.1ds1/loch/lxSScene.cxx
Examining data/therion-5.5.1ds1/loch/lxSScene.h
Examining data/therion-5.5.1ds1/loch/lxSTree.cxx
Examining data/therion-5.5.1ds1/loch/lxSTree.h
Examining data/therion-5.5.1ds1/loch/lxSView.cxx
Examining data/therion-5.5.1ds1/loch/lxSView.h
Examining data/therion-5.5.1ds1/loch/lxSetup.cxx
Examining data/therion-5.5.1ds1/loch/lxSetup.h
Examining data/therion-5.5.1ds1/loch/lxTR.c
Examining data/therion-5.5.1ds1/loch/lxTR.h
Examining data/therion-5.5.1ds1/loch/lxWX.cxx
Examining data/therion-5.5.1ds1/loch/lxWX.h
Examining data/therion-5.5.1ds1/loch/lxR2P.c
Examining data/therion-5.5.1ds1/th2ddataobject.cxx
Examining data/therion-5.5.1ds1/th2ddataobject.h
Examining data/therion-5.5.1ds1/tharea.cxx
Examining data/therion-5.5.1ds1/tharea.h
Examining data/therion-5.5.1ds1/thattr.cxx
Examining data/therion-5.5.1ds1/thattr.h
Examining data/therion-5.5.1ds1/thbezier.cxx
Examining data/therion-5.5.1ds1/thbezier.h
Examining data/therion-5.5.1ds1/thbuffer.cxx
Examining data/therion-5.5.1ds1/thbuffer.h
Examining data/therion-5.5.1ds1/thchenc.cxx
Examining data/therion-5.5.1ds1/thchenc.h
Examining data/therion-5.5.1ds1/thcmdline.cxx
Examining data/therion-5.5.1ds1/thcmdline.h
Examining data/therion-5.5.1ds1/thcomment.cxx
Examining data/therion-5.5.1ds1/thcomment.h
Examining data/therion-5.5.1ds1/thconfig.cxx
Examining data/therion-5.5.1ds1/thconfig.h
Examining data/therion-5.5.1ds1/thconvert.cxx
Examining data/therion-5.5.1ds1/thconvert.h
Examining data/therion-5.5.1ds1/thcs.cxx
Examining data/therion-5.5.1ds1/thcs.h
Examining data/therion-5.5.1ds1/thdata.cxx
Examining data/therion-5.5.1ds1/thdata.h
Examining data/therion-5.5.1ds1/thdatabase.cxx
Examining data/therion-5.5.1ds1/thdatabase.h
Examining data/therion-5.5.1ds1/thdataleg.cxx
Examining data/therion-5.5.1ds1/thdataleg.h
Examining data/therion-5.5.1ds1/thdataobject.cxx
Examining data/therion-5.5.1ds1/thdataobject.h
Examining data/therion-5.5.1ds1/thdatareader.cxx
Examining data/therion-5.5.1ds1/thdatareader.h
Examining data/therion-5.5.1ds1/thdatastation.cxx
Examining data/therion-5.5.1ds1/thdatastation.h
Examining data/therion-5.5.1ds1/thdate.cxx
Examining data/therion-5.5.1ds1/thdate.h
Examining data/therion-5.5.1ds1/thdb1d.cxx
Examining data/therion-5.5.1ds1/thdb1d.h
Examining data/therion-5.5.1ds1/thdb2d.cxx
Examining data/therion-5.5.1ds1/thdb2d.h
Examining data/therion-5.5.1ds1/thdb2d00.cxx
Examining data/therion-5.5.1ds1/thdb2dab.cxx
Examining data/therion-5.5.1ds1/thdb2dab.h
Examining data/therion-5.5.1ds1/thdb2dcp.cxx
Examining data/therion-5.5.1ds1/thdb2dcp.h
Examining data/therion-5.5.1ds1/thdb2dji.cxx
Examining data/therion-5.5.1ds1/thdb2dji.h
Examining data/therion-5.5.1ds1/thdb2dlp.cxx
Examining data/therion-5.5.1ds1/thdb2dlp.h
Examining data/therion-5.5.1ds1/thdb2dmi.cxx
Examining data/therion-5.5.1ds1/thdb2dmi.h
Examining data/therion-5.5.1ds1/thdb2dprj.cxx
Examining data/therion-5.5.1ds1/thdb2dprj.h
Examining data/therion-5.5.1ds1/thdb2dpt.cxx
Examining data/therion-5.5.1ds1/thdb2dpt.h
Examining data/therion-5.5.1ds1/thdb2dxm.cxx
Examining data/therion-5.5.1ds1/thdb2dxm.h
Examining data/therion-5.5.1ds1/thdb2dxs.cxx
Examining data/therion-5.5.1ds1/thdb2dxs.h
Examining data/therion-5.5.1ds1/thdb3d.cxx
Examining data/therion-5.5.1ds1/thdb3d.h
Examining data/therion-5.5.1ds1/thendscrap.cxx
Examining data/therion-5.5.1ds1/thendscrap.h
Examining data/therion-5.5.1ds1/thendsurvey.cxx
Examining data/therion-5.5.1ds1/thendsurvey.h
Examining data/therion-5.5.1ds1/thepsparse.cxx
Examining data/therion-5.5.1ds1/thepsparse.h
Examining data/therion-5.5.1ds1/therion-main.cxx
Examining data/therion-5.5.1ds1/therion.cxx
Examining data/therion-5.5.1ds1/therion.h
Examining data/therion-5.5.1ds1/thexception.cxx
Examining data/therion-5.5.1ds1/thexception.h
Examining data/therion-5.5.1ds1/thexpdb.cxx
Examining data/therion-5.5.1ds1/thexpdb.h
Examining data/therion-5.5.1ds1/thexpmap.cxx
Examining data/therion-5.5.1ds1/thexpmap.h
Examining data/therion-5.5.1ds1/thexpmodel.cxx
Examining data/therion-5.5.1ds1/thexpmodel.h
Examining data/therion-5.5.1ds1/thexport.cxx
Examining data/therion-5.5.1ds1/thexport.h
Examining data/therion-5.5.1ds1/thexporter.cxx
Examining data/therion-5.5.1ds1/thexporter.h
Examining data/therion-5.5.1ds1/thexpshp.cxx
Examining data/therion-5.5.1ds1/thexpshp.h
Examining data/therion-5.5.1ds1/thexpsys.cxx
Examining data/therion-5.5.1ds1/thexpsys.h
Examining data/therion-5.5.1ds1/thexptable.cxx
Examining data/therion-5.5.1ds1/thexptable.h
Examining data/therion-5.5.1ds1/thexpuni.cxx
Examining data/therion-5.5.1ds1/thexpuni.h
Examining data/therion-5.5.1ds1/thgeomag.cxx
Examining data/therion-5.5.1ds1/thgeomag.h
Examining data/therion-5.5.1ds1/thgeomagdata.h
Examining data/therion-5.5.1ds1/thgrade.cxx
Examining data/therion-5.5.1ds1/thgrade.h
Examining data/therion-5.5.1ds1/thimport.cxx
Examining data/therion-5.5.1ds1/thimport.h
Examining data/therion-5.5.1ds1/thinfnan.cxx
Examining data/therion-5.5.1ds1/thinfnan.h
Examining data/therion-5.5.1ds1/thinit.cxx
Examining data/therion-5.5.1ds1/thinit.h
Examining data/therion-5.5.1ds1/thinput.cxx
Examining data/therion-5.5.1ds1/thinput.h
Examining data/therion-5.5.1ds1/thjoin.cxx
Examining data/therion-5.5.1ds1/thjoin.h
Examining data/therion-5.5.1ds1/thlang.cxx
Examining data/therion-5.5.1ds1/thlang.h
Examining data/therion-5.5.1ds1/thlayout.cxx
Examining data/therion-5.5.1ds1/thlayout.h
Examining data/therion-5.5.1ds1/thlayoutclr.cxx
Examining data/therion-5.5.1ds1/thlayoutclr.h
Examining data/therion-5.5.1ds1/thlayoutln.cxx
Examining data/therion-5.5.1ds1/thlayoutln.h
Examining data/therion-5.5.1ds1/thlegenddata.cxx
Examining data/therion-5.5.1ds1/thlegenddata.h
Examining data/therion-5.5.1ds1/thlibrary.cxx
Examining data/therion-5.5.1ds1/thlibrary.h
Examining data/therion-5.5.1ds1/thline.cxx
Examining data/therion-5.5.1ds1/thline.h
Examining data/therion-5.5.1ds1/thlocale.cxx
Examining data/therion-5.5.1ds1/thlocale.h
Examining data/therion-5.5.1ds1/thlogfile.cxx
Examining data/therion-5.5.1ds1/thlogfile.h
Examining data/therion-5.5.1ds1/thlookup.cxx
Examining data/therion-5.5.1ds1/thlookup.h
Examining data/therion-5.5.1ds1/thmap.cxx
Examining data/therion-5.5.1ds1/thmap.h
Examining data/therion-5.5.1ds1/thmapstat.cxx
Examining data/therion-5.5.1ds1/thmapstat.h
Examining data/therion-5.5.1ds1/thmbuffer.cxx
Examining data/therion-5.5.1ds1/thmbuffer.h
Examining data/therion-5.5.1ds1/thobjectid.cxx
Examining data/therion-5.5.1ds1/thobjectid.h
Examining data/therion-5.5.1ds1/thobjectname.cxx
Examining data/therion-5.5.1ds1/thobjectname.h
Examining data/therion-5.5.1ds1/thobjectsrc.cxx
Examining data/therion-5.5.1ds1/thobjectsrc.h
Examining data/therion-5.5.1ds1/thparse.cxx
Examining data/therion-5.5.1ds1/thparse.h
Examining data/therion-5.5.1ds1/thpdf.cxx
Examining data/therion-5.5.1ds1/thpdf.h
Examining data/therion-5.5.1ds1/thpdfdata.cxx
Examining data/therion-5.5.1ds1/thpdfdata.h
Examining data/therion-5.5.1ds1/thpdfdbg.cxx
Examining data/therion-5.5.1ds1/thpdfdbg.h
Examining data/therion-5.5.1ds1/thperson.cxx
Examining data/therion-5.5.1ds1/thperson.h
Examining data/therion-5.5.1ds1/thpic.cxx
Examining data/therion-5.5.1ds1/thpic.h
Examining data/therion-5.5.1ds1/thpoint.cxx
Examining data/therion-5.5.1ds1/thpoint.h
Examining data/therion-5.5.1ds1/thproj.cxx
Examining data/therion-5.5.1ds1/thproj.h
Examining data/therion-5.5.1ds1/thscrap.cxx
Examining data/therion-5.5.1ds1/thscrap.h
Examining data/therion-5.5.1ds1/thscrapen.cxx
Examining data/therion-5.5.1ds1/thscrapen.h
Examining data/therion-5.5.1ds1/thscrapis.cxx
Examining data/therion-5.5.1ds1/thscrapis.h
Examining data/therion-5.5.1ds1/thscraplo.cxx
Examining data/therion-5.5.1ds1/thscraplo.h
Examining data/therion-5.5.1ds1/thscraplp.cxx
Examining data/therion-5.5.1ds1/thscraplp.h
Examining data/therion-5.5.1ds1/thselector.cxx
Examining data/therion-5.5.1ds1/thselector.h
Examining data/therion-5.5.1ds1/thsketch.cxx
Examining data/therion-5.5.1ds1/thsketch.h
Examining data/therion-5.5.1ds1/thsurface.cxx
Examining data/therion-5.5.1ds1/thsurface.h
Examining data/therion-5.5.1ds1/thsurvey.cxx
Examining data/therion-5.5.1ds1/thsurvey.h
Examining data/therion-5.5.1ds1/thsvg.cxx
Examining data/therion-5.5.1ds1/thsvg.h
Examining data/therion-5.5.1ds1/thsvxctrl.cxx
Examining data/therion-5.5.1ds1/thsvxctrl.h
Examining data/therion-5.5.1ds1/thsymbolset.cxx
Examining data/therion-5.5.1ds1/thsymbolset.h
Examining data/therion-5.5.1ds1/thtexenc.cxx
Examining data/therion-5.5.1ds1/thtexfonts.cxx
Examining data/therion-5.5.1ds1/thtexfonts.h
Examining data/therion-5.5.1ds1/thtf.cxx
Examining data/therion-5.5.1ds1/thtf.h
Examining data/therion-5.5.1ds1/thtfangle.cxx
Examining data/therion-5.5.1ds1/thtfangle.h
Examining data/therion-5.5.1ds1/thtflength.cxx
Examining data/therion-5.5.1ds1/thtflength.h
Examining data/therion-5.5.1ds1/thtfpwf.cxx
Examining data/therion-5.5.1ds1/thtfpwf.h
Examining data/therion-5.5.1ds1/thtmpdir.cxx
Examining data/therion-5.5.1ds1/thtmpdir.h
Examining data/therion-5.5.1ds1/thtrans.cxx
Examining data/therion-5.5.1ds1/thtrans.h
Examining data/therion-5.5.1ds1/thwarp.cxx
Examining data/therion-5.5.1ds1/thwarp.h
Examining data/therion-5.5.1ds1/thwarpp.cxx
Examining data/therion-5.5.1ds1/thwarpp.h
Examining data/therion-5.5.1ds1/thwarppdef.h
Examining data/therion-5.5.1ds1/thwarppme.cxx
Examining data/therion-5.5.1ds1/thwarppme.h
Examining data/therion-5.5.1ds1/thwarppt.cxx
Examining data/therion-5.5.1ds1/thwarppt.h
Examining data/therion-5.5.1ds1/utest-proj.cxx
Examining data/therion-5.5.1ds1/utest-main.cxx
FINAL RESULTS:
data/therion-5.5.1ds1/extern/dbfopen.c:334:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( pszBasename, pszFilename );
data/therion-5.5.1ds1/extern/dbfopen.c:344:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( pszFullname, "%s.dbf", pszBasename );
data/therion-5.5.1ds1/extern/dbfopen.c:351:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( pszFullname, "%s.DBF", pszBasename );
data/therion-5.5.1ds1/extern/dbfopen.c:524:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( pszBasename, pszFilename );
data/therion-5.5.1ds1/extern/dbfopen.c:534:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( pszFullname, "%s.dbf", pszBasename );
data/therion-5.5.1ds1/extern/dbfopen.c:1077:6: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(szSField, szFormat, (int) *((double *) pValue) );
data/therion-5.5.1ds1/extern/dbfopen.c:1096:6: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(szSField, szFormat, *((double *) pValue) );
data/therion-5.5.1ds1/extern/img.c:200:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p + 3, tz);
data/therion-5.5.1ds1/extern/img.c:2206:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pimg->label, new_);
data/therion-5.5.1ds1/extern/img.c:2214:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pimg->label, new_);
data/therion-5.5.1ds1/extern/img.c:2221:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pimg->label, new_);
data/therion-5.5.1ds1/extern/shpopen.c:384:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( pszBasename, pszLayer );
data/therion-5.5.1ds1/extern/shpopen.c:398:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( pszFullname, "%s.shp", pszBasename );
data/therion-5.5.1ds1/extern/shpopen.c:402:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( pszFullname, "%s.SHP", pszBasename );
data/therion-5.5.1ds1/extern/shpopen.c:414:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( pszFullname, "%s.shx", pszBasename );
data/therion-5.5.1ds1/extern/shpopen.c:418:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( pszFullname, "%s.SHX", pszBasename );
data/therion-5.5.1ds1/extern/shpopen.c:642:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( pszBasename, pszLayer );
data/therion-5.5.1ds1/extern/shpopen.c:655:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( pszFullname, "%s.shp", pszBasename );
data/therion-5.5.1ds1/extern/shpopen.c:660:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( pszFullname, "%s.shx", pszBasename );
data/therion-5.5.1ds1/loch/lxRender.cxx:67:21: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define pngerr(err) printf(err)
data/therion-5.5.1ds1/tharea.cxx:169:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(outf,cbl->name);
data/therion-5.5.1ds1/thattr.cxx:38:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/therion-5.5.1ds1/thattr.cxx:38:18: [4] (format) _snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/therion-5.5.1ds1/thattr.cxx:756:11: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(valb.get_buffer(), 127, cf->m_double_format.c_str(), ca->m_val_double);
data/therion-5.5.1ds1/thbuffer.cxx:69:18: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
char * thbuffer::strcpy(const char * src)
data/therion-5.5.1ds1/thbuffer.cxx:74:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
return ::strcpy(this->buff, src);
data/therion-5.5.1ds1/thbuffer.cxx:78:18: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
char * thbuffer::strcat(const char * src)
data/therion-5.5.1ds1/thbuffer.cxx:83:12: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
return ::strcat(this->buff, src);
data/therion-5.5.1ds1/thbuffer.cxx:116:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
this->strcpy(src);
data/therion-5.5.1ds1/thbuffer.cxx:123:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
this->strcpy(srcbf.buff);
data/therion-5.5.1ds1/thbuffer.cxx:130:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
this->strcat(src);
data/therion-5.5.1ds1/thbuffer.h:76:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
char * strcpy(const char * src);
data/therion-5.5.1ds1/thbuffer.h:95:10: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
char * strcat(const char * src);
data/therion-5.5.1ds1/thchenc.cxx:39:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
dest->strcpy(src);
data/therion-5.5.1ds1/thchenc.cxx:99:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
dest->strcpy(src);
data/therion-5.5.1ds1/thconfig.cxx:124:22: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
this->install_path.strcpy("");
data/therion-5.5.1ds1/thconfig.cxx:175:14: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
tmpbf->strcpy("");
data/therion-5.5.1ds1/thconfig.cxx:454:33: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
this->search_path.strcat(";");
data/therion-5.5.1ds1/thconfig.cxx:456:33: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
this->search_path.strcat(":");
data/therion-5.5.1ds1/thconfig.cxx:458:33: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
this->search_path.strcat(this->cfg_file.get_cif_path());
data/therion-5.5.1ds1/thcs.cxx:123:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(prjname, thcs_get_name(cs));
data/therion-5.5.1ds1/thdata.cxx:454:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(outf,li->from);
data/therion-5.5.1ds1/thdata.cxx:456:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(outf,li->to);
data/therion-5.5.1ds1/thdata.cxx:513:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(outf,fxi->station);
data/therion-5.5.1ds1/thdata.cxx:534:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(outf,ei->station);
data/therion-5.5.1ds1/thdata.cxx:545:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(outf,si->station);
data/therion-5.5.1ds1/thdata.cxx:554:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(outf,di->station);
data/therion-5.5.1ds1/thdatabase.cxx:333:28: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
this->buff_tmp.strcpy(survey_optr->name);
data/therion-5.5.1ds1/thdatabase.cxx:334:28: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
this->buff_tmp.strcat(".");
data/therion-5.5.1ds1/thdatabase.cxx:335:28: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
this->buff_tmp.strcat(this->csurveyptr->full_name);
data/therion-5.5.1ds1/thdatabase.cxx:384:20: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
this->buff_tmp.strcpy(sn);
data/therion-5.5.1ds1/thdatabase.cxx:386:22: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
this->buff_tmp.strcat(".");
data/therion-5.5.1ds1/thdatabase.cxx:387:22: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
this->buff_tmp.strcat(ps->full_name);
data/therion-5.5.1ds1/thdatabase.cxx:410:20: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
this->buff_tmp.strcpy(sn);
data/therion-5.5.1ds1/thdatabase.cxx:412:22: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
this->buff_tmp.strcat(".");
data/therion-5.5.1ds1/thdatabase.cxx:413:22: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
this->buff_tmp.strcat(ps->full_name);
data/therion-5.5.1ds1/thdatabase.cxx:619:20: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
this->buff_tmp.strcpy(divname[1]);
data/therion-5.5.1ds1/thdatabase.cxx:621:22: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
this->buff_tmp.strcat(".");
data/therion-5.5.1ds1/thdatabase.cxx:622:22: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
this->buff_tmp.strcat(fathersptr->full_name);
data/therion-5.5.1ds1/thdate.cxx:41:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/therion-5.5.1ds1/thdate.cxx:41:18: [4] (format) _snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/therion-5.5.1ds1/thdb2d.cxx:3618:13: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
retcode = system(com.get_buffer());
data/therion-5.5.1ds1/therion.cxx:69:9: [4] (format) vprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
thlog.vprintf(format, &args);
data/therion-5.5.1ds1/therion.cxx:73:5: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stdout, format, args);
data/therion-5.5.1ds1/therion.cxx:83:9: [4] (format) vprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
thlog.vprintf(format, &args);
data/therion-5.5.1ds1/therion.cxx:86:3: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, format, args);
data/therion-5.5.1ds1/therion.h:91:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
thexc.strcpy("unknown exception");\
data/therion-5.5.1ds1/therion.h:96:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
thexc.strcpy("");\
data/therion-5.5.1ds1/therion.h:101:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
thexc.strcpy("unknown exception");\
data/therion-5.5.1ds1/therion.h:105:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
thexc.strcpy("");\
data/therion-5.5.1ds1/therion.h:119:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
thexc.strcpy("unknown exception");\
data/therion-5.5.1ds1/therion.h:124:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
thexc.strcpy("");\
data/therion-5.5.1ds1/therion.h:129:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
thexc.strcpy("unknown exception");\
data/therion-5.5.1ds1/therion.h:133:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
thexc.strcpy("");\
data/therion-5.5.1ds1/thexception.cxx:34:9: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define vsnprintf _vsnprintf
data/therion-5.5.1ds1/thexception.cxx:43:3: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(desc, 8192, format, args);
data/therion-5.5.1ds1/thexception.cxx:44:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
this->strcat(desc);
data/therion-5.5.1ds1/thexception.cxx:54:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
::strcpy(orig, this->buff);
data/therion-5.5.1ds1/thexception.cxx:57:3: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(desc, 8192, format, args);
data/therion-5.5.1ds1/thexception.cxx:58:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
this->strcpy(desc);
data/therion-5.5.1ds1/thexception.cxx:59:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
this->strcat(orig);
data/therion-5.5.1ds1/thexception.h:44:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
thexc.strcpy("");\
data/therion-5.5.1ds1/thexception.h:51:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
thexc.strcpy("");\
data/therion-5.5.1ds1/thexception.h:65:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
thexc.strcpy("unknown exception");\
data/therion-5.5.1ds1/thexception.h:74:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
thexc.strcpy("unknown exception");\
data/therion-5.5.1ds1/thexception.h:89:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
thexc.strcpy("unknown exception");\
data/therion-5.5.1ds1/thexception.h:98:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
thexc.strcpy("unknown exception");\
data/therion-5.5.1ds1/thexpmap.cxx:82:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/therion-5.5.1ds1/thexpmap.cxx:82:18: [4] (format) _snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/therion-5.5.1ds1/thexpmap.cxx:908:25: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
retcode = system(com.get_buffer());
data/therion-5.5.1ds1/thexpmap.cxx:2089:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
tit.strcpy(thdb.db2d.get_projection_title(prj));
data/therion-5.5.1ds1/thexpmap.cxx:2227:15: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
retcode = system(com.get_buffer());
data/therion-5.5.1ds1/thexpmap.cxx:2271:17: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
retcode = system(com.get_buffer());
data/therion-5.5.1ds1/thexpmap.cxx:2304:17: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
retcode = system(com.get_buffer());
data/therion-5.5.1ds1/thexpmodel.cxx:224:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
bnb.strcpy(this->outpt);
data/therion-5.5.1ds1/thexpmodel.cxx:229:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
fnmb.strcpy(title); // VG 290316: Set the filename as a cave name instead of "cave". The top-level survey name will be even better
data/therion-5.5.1ds1/thexpmodel.cxx:342:14: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
stnbuf.strcpy(dbp->db1d.station_vec[i].survey->get_reverse_full_name());
data/therion-5.5.1ds1/thexpmodel.cxx:343:51: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
if (strlen(stnbuf.get_buffer()) > 0) stnbuf.strcat(".");
data/therion-5.5.1ds1/thexpmodel.cxx:344:14: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
stnbuf.strcat(dbp->db1d.station_vec[i].name);
data/therion-5.5.1ds1/thexpmodel.cxx:766:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(tifn.get_buffer(), "%s.img%d.%s", fnm, imgn++, srfc->pict_type == TT_IMG_TYPE_JPEG ? "jpg" : "png");
data/therion-5.5.1ds1/thexpshp.cxx:74:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/therion-5.5.1ds1/thexpshp.cxx:74:18: [4] (format) _snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/therion-5.5.1ds1/thexpsys.cxx:40:17: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
int retcode = system(this->cmd);
data/therion-5.5.1ds1/thexptable.cxx:402:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
bnb.strcpy(this->outpt);
data/therion-5.5.1ds1/thexpuni.cxx:45:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/therion-5.5.1ds1/thexpuni.cxx:45:18: [4] (format) _snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/therion-5.5.1ds1/thexpuni.cxx:752:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(out,DXFpre,limits.minx, limits.miny, limits.maxx, limits.maxy);
data/therion-5.5.1ds1/thinit.cxx:46:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/therion-5.5.1ds1/thinit.cxx:46:18: [4] (format) _snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/therion-5.5.1ds1/thinit.cxx:192:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
bf->strcpy(short_path_buffer.get_buffer());
data/therion-5.5.1ds1/thinit.cxx:236:15: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
retcode = system(tmpb.get_buffer());
data/therion-5.5.1ds1/thinit.cxx:264:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
pshort.strcpy("");
data/therion-5.5.1ds1/thinit.cxx:265:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
pfull.strcpy("");
data/therion-5.5.1ds1/thinit.cxx:275:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
pshort.strcpy(&(buff[i+1]));
data/therion-5.5.1ds1/thinit.cxx:289:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
pfull.strcpy(buff);
data/therion-5.5.1ds1/thinit.cxx:292:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
pfull.strcpy(this->ini_file.get_cif_path());
data/therion-5.5.1ds1/thinit.cxx:357:25: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
this->path_cavern.strcat("cavern.exe");
data/therion-5.5.1ds1/thinit.cxx:373:8: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (system(svxcom.get_buffer()) == EXIT_SUCCESS) {
data/therion-5.5.1ds1/thinit.cxx:496:29: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
this->path_cavern.strcpy(args[1]);
data/therion-5.5.1ds1/thinit.cxx:502:30: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
this->path_convert.strcpy(args[1]);
data/therion-5.5.1ds1/thinit.cxx:508:31: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
this->path_identify.strcpy(args[1]);
data/therion-5.5.1ds1/thinit.cxx:512:26: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
this->tmp_path.strcpy(args[1]);
data/therion-5.5.1ds1/thinit.cxx:551:35: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
this->tmp_remove_script.strcpy(args[1]);
data/therion-5.5.1ds1/thinit.cxx:557:28: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
this->path_mpost.strcpy(args[1]);
data/therion-5.5.1ds1/thinit.cxx:561:27: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
this->opt_mpost.strcpy(args[1]);
data/therion-5.5.1ds1/thinit.cxx:567:29: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
this->path_pdftex.strcpy(args[1]);
data/therion-5.5.1ds1/thinit.cxx:706:17: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
retcode = system(com.get_buffer());
data/therion-5.5.1ds1/thjoin.cxx:140:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(outf,cbl->name);
data/therion-5.5.1ds1/thlocale.cxx:8:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/therion-5.5.1ds1/thlocale.cxx:8:18: [4] (format) _snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/therion-5.5.1ds1/thlocale.cxx:60:7: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(lcbuff, LCBUFFLEN, lcfmt1, length);
data/therion-5.5.1ds1/thlocale.cxx:65:7: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(lcbuff, LCBUFFLEN, lcfmt2, length);
data/therion-5.5.1ds1/thlogfile.cxx:85:17: [4] (format) vprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void thlogfile::vprintf(const char *format, va_list *args)
data/therion-5.5.1ds1/thlogfile.cxx:91:11: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
if (vfprintf(this->fileh, format, *args) < 0)
data/therion-5.5.1ds1/thlogfile.cxx:136:17: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void thlogfile::printf(const char * format, ...)
data/therion-5.5.1ds1/thlogfile.cxx:140:8: [4] (format) vprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
this->vprintf(format, &args);
data/therion-5.5.1ds1/thlogfile.h:84:8: [4] (format) vprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void vprintf(const char *format, va_list *args);
data/therion-5.5.1ds1/thlogfile.h:91:8: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void printf(const char * format, ...);
data/therion-5.5.1ds1/thmap.cxx:174:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(outf,cbl->name);
data/therion-5.5.1ds1/thobjectname.cxx:85:6: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void fprintf(FILE * fh, thobjectname & ds)
data/therion-5.5.1ds1/thobjectname.cxx:109:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(rv, "%s@%s", this->name, this->survey);
data/therion-5.5.1ds1/thobjectname.cxx:111:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(rv, "%s", this->name);
data/therion-5.5.1ds1/thobjectname.cxx:113:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(rv, "%s", this->survey);
data/therion-5.5.1ds1/thobjectname.cxx:135:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(rv, "%s@%s", oname, sname);
data/therion-5.5.1ds1/thobjectname.cxx:137:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(rv, "%s", oname);
data/therion-5.5.1ds1/thobjectname.cxx:139:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(rv, "%s", sname);
data/therion-5.5.1ds1/thobjectname.h:96:6: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void fprintf(FILE * fh, thobjectname & ds);
data/therion-5.5.1ds1/thparse.cxx:139:14: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
dword->strcpy("");
data/therion-5.5.1ds1/thparse.cxx:140:14: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
drest->strcpy("");
data/therion-5.5.1ds1/thparse.cxx:143:14: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
dword->strcpy((char *)s1);
data/therion-5.5.1ds1/thparse.cxx:144:14: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
drest->strcpy("");
data/therion-5.5.1ds1/thparse.cxx:147:14: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
drest->strcpy("");
data/therion-5.5.1ds1/thparse.cxx:271:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, buf+1);
data/therion-5.5.1ds1/thparse.cxx:741:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
dest->strcpy(""); // check buffer size
data/therion-5.5.1ds1/thparse.cxx:792:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
dest->strcat((char*) dstp);
data/therion-5.5.1ds1/thparse.cxx:805:15: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
dest->strcat(utf2tex((char*) wsrcp));
data/therion-5.5.1ds1/thparse.cxx:807:15: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
dest->strcat((char*) wsrcp);
data/therion-5.5.1ds1/thparse.cxx:880:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
dest->strcpy(src);
data/therion-5.5.1ds1/thparse.cxx:1215:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
plb.strcpy(src);
data/therion-5.5.1ds1/thpic.cxx:133:13: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
retcode = system(ccom.get_buffer());
data/therion-5.5.1ds1/thpic.cxx:170:3: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
vsprintf(options, optfmt, args);
data/therion-5.5.1ds1/thpic.cxx:172:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(tmpfn, "pic%04ld.%s", thpic__convert_number++, ext);
data/therion-5.5.1ds1/thpic.cxx:196:13: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
retcode = system(ccom.get_buffer());
data/therion-5.5.1ds1/thpic.cxx:280:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(tmpfn, "pic%04ld.%s", thpic__convert_number - 1, ext);
data/therion-5.5.1ds1/thpoint.cxx:283:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(outf,this->station_name);
data/therion-5.5.1ds1/thpoint.cxx:285:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(outf,this->from_name);
data/therion-5.5.1ds1/thpoint.cxx:619:28: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
this->db->buff_enc.strcpy((this->tags & (TT_POINT_TAG_HEIGHT_PQ |
data/therion-5.5.1ds1/thproj.cxx:459:9: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
thlog.printf(cache.log().c_str());
data/therion-5.5.1ds1/thselector.cxx:385:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
projdir.strcpy("");
data/therion-5.5.1ds1/thsvxctrl.cxx:415:13: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
retcode = system(svxcom.get_buffer());
data/therion-5.5.1ds1/thsvxctrl.cxx:659:26: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
tsbuff.strcat("\n");
data/therion-5.5.1ds1/thsvxctrl.cxx:661:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(numbuff,"%2ld> input:%ld -- %s [%ld]\n",lnum,csn,srcmi->second->name,srcmi->second->line);
data/therion-5.5.1ds1/thsvxctrl.cxx:662:24: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
tsbuff.strcat(numbuff);
data/therion-5.5.1ds1/thsvxctrl.cxx:670:26: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
tsbuff.strcat(numbuff);
data/therion-5.5.1ds1/thsvxctrl.cxx:674:26: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
tsbuff.strcat(" -- ");
data/therion-5.5.1ds1/thsvxctrl.cxx:678:24: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
tsbuff.strcat(numbuff);
data/therion-5.5.1ds1/thsvxctrl.cxx:679:24: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
tsbuff.strcat(stp->name);
data/therion-5.5.1ds1/thsvxctrl.cxx:680:24: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
tsbuff.strcat("@");
data/therion-5.5.1ds1/thsvxctrl.cxx:681:24: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
tsbuff.strcat(stp->survey->get_full_name());
data/therion-5.5.1ds1/thsvxctrl.cxx:697:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
tsbuff.strcat("\n");
data/therion-5.5.1ds1/thsymbolset.cxx:1686:13: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
retcode = system(com.get_buffer());
data/therion-5.5.1ds1/thsymbolset.cxx:1725:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fname, "%s/data.%d", thtmp.get_dir_name(),fx);
data/therion-5.5.1ds1/thsymbolset.cxx:1736:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fname, "%s/data.%d", thtmp.get_dir_name(),thsymsets_figure[sx][thsymsets_size]);
data/therion-5.5.1ds1/thtexfonts.cxx:139:11: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (system(("\"" + string(thini.get_path_otftotfm()) + "\" -e " + fname_enc +
data/therion-5.5.1ds1/thtexfonts.cxx:607:18: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
thtexfontsbuff.strcpy(t.c_str());
data/therion-5.5.1ds1/thtmpdir.cxx:48:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/therion-5.5.1ds1/thtmpdir.cxx:48:18: [4] (format) _snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/therion-5.5.1ds1/thtmpdir.cxx:59:14: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
this->name.strcpy(".");
data/therion-5.5.1ds1/thtmpdir.cxx:86:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
dir_path.strcpy(thini.tmp_path.get_buffer());
data/therion-5.5.1ds1/thtmpdir.cxx:177:7: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system(tmpfname.get_buffer());
data/therion-5.5.1ds1/thtmpdir.cxx:193:7: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system(tmpfname.get_buffer());
data/therion-5.5.1ds1/thwarppme.h:39:20: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define thprintf printf
data/therion-5.5.1ds1/extern/catch2/catch.hpp:4609:1: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
random(T a, T b) {
data/therion-5.5.1ds1/extern/catch2/catch.hpp:4618:1: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
random(T a, T b) {
data/therion-5.5.1ds1/extern/catch2/catch.hpp:12949:18: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
std::srand(config.rngSeed());
data/therion-5.5.1ds1/extern/getopt.c:217:7: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char *getenv ();
data/therion-5.5.1ds1/extern/getopt.c:408:21: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
posixly_correct = getenv ("POSIXLY_CORRECT");
data/therion-5.5.1ds1/extern/getopt.c:974:1: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
getopt (argc, argv, optstring)
data/therion-5.5.1ds1/extern/getopt.c:1004:11: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
c = getopt (argc, argv, "abc:d:0123456789");
data/therion-5.5.1ds1/extern/getopt.h:108:12: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
extern int getopt (int argc, char *const *argv, const char *shortopts);
data/therion-5.5.1ds1/extern/getopt.h:110:12: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
extern int getopt ();
data/therion-5.5.1ds1/extern/getopt.h:112:12: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
extern int getopt_long (int argc, char *const *argv, const char *shortopts,
data/therion-5.5.1ds1/extern/getopt.h:124:12: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
extern int getopt ();
data/therion-5.5.1ds1/extern/getopt.h:125:12: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
extern int getopt_long ();
data/therion-5.5.1ds1/extern/getopt1.c:66:1: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
getopt_long (argc, argv, options, long_options, opt_index)
data/therion-5.5.1ds1/extern/getopt1.c:122:11: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
c = getopt_long (argc, argv, "abc:d:0123456789",
data/therion-5.5.1ds1/extern/img.c:162:21: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char * old_tz = getenv("TZ");
data/therion-5.5.1ds1/thcmdline.cxx:94:10: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
oc = getopt_long (argc, argv, "dxs:l:qLvbhp:",
data/therion-5.5.1ds1/thconfig.cxx:207:10: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
sp = getenv("HOME");
data/therion-5.5.1ds1/thconfig.cxx:212:12: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
sp = getenv("HOMEDRIVE");
data/therion-5.5.1ds1/thconfig.cxx:215:14: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
sp = getenv("HOMEPATH");
data/therion-5.5.1ds1/thconfig.cxx:220:12: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
sp = getenv("HOMEDRIVE");
data/therion-5.5.1ds1/thconfig.cxx:251:8: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
sp = getenv("THERION");
data/therion-5.5.1ds1/thconfig.cxx:255:10: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
sp = getenv("HOME");
data/therion-5.5.1ds1/thconfig.cxx:260:12: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
sp = getenv("HOMEDRIVE");
data/therion-5.5.1ds1/thconfig.cxx:263:14: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
sp = getenv("HOMEPATH");
data/therion-5.5.1ds1/thconfig.cxx:268:12: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
sp = getenv("HOMEDRIVE");
data/therion-5.5.1ds1/thtmpdir.cxx:91:16: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
envtmp = getenv("TEMP");
data/therion-5.5.1ds1/thtmpdir.cxx:95:18: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
envtmp = getenv("TMP");
data/therion-5.5.1ds1/extern/catch2/catch.hpp:2142:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char timeStamp[timeStampSize];
data/therion-5.5.1ds1/extern/catch2/catch.hpp:4421:29: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
alignas(alignof(T)) char storage[sizeof(T)];
data/therion-5.5.1ds1/extern/catch2/catch.hpp:5917:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char line[CATCH_CONFIG_CONSOLE_WIDTH] = {0};
data/therion-5.5.1ds1/extern/catch2/catch.hpp:7530:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
void open();
data/therion-5.5.1ds1/extern/catch2/catch.hpp:11364:14: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
std::memcpy(&i, &f, sizeof(f));
data/therion-5.5.1ds1/extern/catch2/catch.hpp:11371:14: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
std::memcpy(&i, &d, sizeof(d));
data/therion-5.5.1ds1/extern/catch2/catch.hpp:11895:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char m_buffer[L_tmpnam] = { 0 };
data/therion-5.5.1ds1/extern/catch2/catch.hpp:11982:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[100];
data/therion-5.5.1ds1/extern/catch2/catch.hpp:11991:23: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
m_file = std::tmpfile();
data/therion-5.5.1ds1/extern/catch2/catch.hpp:12015:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[100] = {};
data/therion-5.5.1ds1/extern/catch2/catch.hpp:12478:30: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
tracker->open();
data/therion-5.5.1ds1/extern/catch2/catch.hpp:13278:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char **utf8Argv = new char *[ argc ];
data/therion-5.5.1ds1/extern/catch2/catch.hpp:13437:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char data[bufferSize];
data/therion-5.5.1ds1/extern/catch2/catch.hpp:13486:23: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
m_ofs.open( filename.c_str() );
data/therion-5.5.1ds1/extern/catch2/catch.hpp:14190:23: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
void TrackerBase::open() {
data/therion-5.5.1ds1/extern/catch2/catch.hpp:14290:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
open();
data/therion-5.5.1ds1/extern/catch2/catch.hpp:15472:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[maxDoubleSize];
data/therion-5.5.1ds1/extern/catch2/catch.hpp:15479:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
std::sprintf(buffer, "%.3f", duration);
data/therion-5.5.1ds1/extern/catch2/catch.hpp:16068:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
void open() {
data/therion-5.5.1ds1/extern/catch2/catch.hpp:16102:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
tp.open();
data/therion-5.5.1ds1/extern/catch2/catch.hpp:16505:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char timeStamp[timeStampSize];
data/therion-5.5.1ds1/extern/dbfopen.c:233:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char abyHeader[XBASE_FLDHDR_SZ];
data/therion-5.5.1ds1/extern/dbfopen.c:347:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
psDBF->fp = fopen( pszFullname, pszAccess );
data/therion-5.5.1ds1/extern/dbfopen.c:352:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
psDBF->fp = fopen(pszFullname, pszAccess );
data/therion-5.5.1ds1/extern/dbfopen.c:460:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char abyFileHeader[32];
data/therion-5.5.1ds1/extern/dbfopen.c:540:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen( pszFullname, "wb" );
data/therion-5.5.1ds1/extern/dbfopen.c:547:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen( pszFullname, "rb+" );
data/therion-5.5.1ds1/extern/dbfopen.c:978:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char szSField[400], szFormat[20];
data/therion-5.5.1ds1/extern/dbfopen.c:1076:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( szFormat, "%%%dd", nWidth );
data/therion-5.5.1ds1/extern/dbfopen.c:1094:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( szFormat, "%%%d.%df",
data/therion-5.5.1ds1/extern/dbfopen.c:1336:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy ( pabyRec, pRawTuple, psDBF->nRecordLength );
data/therion-5.5.1ds1/extern/dbfopen.c:1385:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy ( pReturnTuple, pabyRec, psDBF->nRecordLength );
data/therion-5.5.1ds1/extern/dbfopen.c:1405:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy ( newDBF->pszHeader, psDBF->pszHeader, 32 * psDBF->nFields );
data/therion-5.5.1ds1/extern/dbfopen.c:1412:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy ( newDBF->panFieldOffset, psDBF->panFieldOffset, sizeof(int) * psDBF->nFields );
data/therion-5.5.1ds1/extern/dbfopen.c:1414:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy ( newDBF->panFieldSize, psDBF->panFieldSize, sizeof(int) * psDBF->nFields );
data/therion-5.5.1ds1/extern/dbfopen.c:1416:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy ( newDBF->panFieldDecimals, psDBF->panFieldDecimals, sizeof(int) * psDBF->nFields );
data/therion-5.5.1ds1/extern/dbfopen.c:1418:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy ( newDBF->pachFieldType, psDBF->pachFieldType, sizeof(int) * psDBF->nFields );
data/therion-5.5.1ds1/extern/dbfopen.c:1480:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[12], name1[12], name2[12];
data/therion-5.5.1ds1/extern/getopt.c:336:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (new_str, __getopt_nonoption_flags, nonoption_flags_max_len);
data/therion-5.5.1ds1/extern/getopt.c:448:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (__getopt_nonoption_flags, orig_str, len);
data/therion-5.5.1ds1/extern/img.c:71:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
((*(X) = NULL), fopen(FNM,MODE))
data/therion-5.5.1ds1/extern/img.c:150:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(res, p, len);
data/therion-5.5.1ds1/extern/img.c:190:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, "TZ=", 3);
data/therion-5.5.1ds1/extern/img.c:191:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p + 3, tz, len);
data/therion-5.5.1ds1/extern/img.c:199:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, "TZ=", 3);
data/therion-5.5.1ds1/extern/img.c:306:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if (p) memcpy(p, str, len);
data/therion-5.5.1ds1/extern/img.c:375:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[LITLEN(FILEID) + 9];
data/therion-5.5.1ds1/extern/img.c:446:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pimg->survey, survey, len);
data/therion-5.5.1ds1/extern/img.c:915:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
pimg->fh = fopen(fnm, "wb");
data/therion-5.5.1ds1/extern/img.c:958:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char date[256];
data/therion-5.5.1ds1/extern/img.c:974:30: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char codelengths[32] = {
data/therion-5.5.1ds1/extern/img.c:1010:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char num[12];
data/therion-5.5.1ds1/extern/img.c:1011:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(num, line + 6, 9);
data/therion-5.5.1ds1/extern/img.c:1014:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(num, line + 15, 9);
data/therion-5.5.1ds1/extern/img.c:1016:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(num, line + 24, 8);
data/therion-5.5.1ds1/extern/img.c:1024:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char num[12];
data/therion-5.5.1ds1/extern/img.c:1025:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(num, line + 40, 10);
data/therion-5.5.1ds1/extern/img.c:1028:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(num, line + 50, 10);
data/therion-5.5.1ds1/extern/img.c:1030:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(num, line + 60, 9);
data/therion-5.5.1ds1/extern/img.c:1038:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char num[12];
data/therion-5.5.1ds1/extern/img.c:1039:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(num, line + 15, 9);
data/therion-5.5.1ds1/extern/img.c:1042:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(num, line + 24, 8);
data/therion-5.5.1ds1/extern/img.c:1045:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(num, line + 32, 8);
data/therion-5.5.1ds1/extern/img.c:1840:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[7];
data/therion-5.5.1ds1/extern/img.c:2015:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pimg->label, line, len);
data/therion-5.5.1ds1/extern/img.c:2077:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pimg->label + pimg->label_len + 1, q, len - 1);
data/therion-5.5.1ds1/extern/img.c:2079:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pimg->label, q, len - 1);
data/therion-5.5.1ds1/extern/img.c:2172:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pimg->label, line, 6);
data/therion-5.5.1ds1/extern/img.c:2184:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char old[8], new_[8];
data/therion-5.5.1ds1/extern/img.c:2191:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(old, line, 7);
data/therion-5.5.1ds1/extern/img.c:2196:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_, line + 7, 7);
data/therion-5.5.1ds1/extern/img.c:2222:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pimg->label + 16, line, 70);
data/therion-5.5.1ds1/extern/img.c:2301:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pimg->label_buf + len, s + len, n - len + 1);
data/therion-5.5.1ds1/extern/img.c:2350:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pimg->label_buf + len, s + len, add + 1);
data/therion-5.5.1ds1/extern/quickhull/ConvexHull.hpp:169:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
objFile.open (filename);
data/therion-5.5.1ds1/extern/shpopen.c:186:29: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define ByteCopy( a, b, c ) memcpy( b, a, c )
data/therion-5.5.1ds1/extern/shpopen.c:399:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
psSHP->fpSHP = fopen(pszFullname, pszAccess );
data/therion-5.5.1ds1/extern/shpopen.c:403:24: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
psSHP->fpSHP = fopen(pszFullname, pszAccess );
data/therion-5.5.1ds1/extern/shpopen.c:415:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
psSHP->fpSHX = fopen(pszFullname, pszAccess );
data/therion-5.5.1ds1/extern/shpopen.c:419:24: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
psSHP->fpSHX = fopen(pszFullname, pszAccess );
data/therion-5.5.1ds1/extern/shpopen.c:482:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &dValue, pabyBuf+36, 8 );
data/therion-5.5.1ds1/extern/shpopen.c:486:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &dValue, pabyBuf+44, 8 );
data/therion-5.5.1ds1/extern/shpopen.c:490:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &dValue, pabyBuf+52, 8 );
data/therion-5.5.1ds1/extern/shpopen.c:494:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &dValue, pabyBuf+60, 8 );
data/therion-5.5.1ds1/extern/shpopen.c:498:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &dValue, pabyBuf+68, 8 );
data/therion-5.5.1ds1/extern/shpopen.c:502:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &dValue, pabyBuf+76, 8 );
data/therion-5.5.1ds1/extern/shpopen.c:506:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &dValue, pabyBuf+84, 8 );
data/therion-5.5.1ds1/extern/shpopen.c:510:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &dValue, pabyBuf+92, 8 );
data/therion-5.5.1ds1/extern/shpopen.c:533:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &nOffset, pabyBuf + i * 8, 4 );
data/therion-5.5.1ds1/extern/shpopen.c:536:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &nLength, pabyBuf + i * 8 + 4, 4 );
data/therion-5.5.1ds1/extern/shpopen.c:656:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fpSHP = fopen(pszFullname, "wb" );
data/therion-5.5.1ds1/extern/shpopen.c:661:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fpSHX = fopen(pszFullname, "wb" );
data/therion-5.5.1ds1/extern/shpopen.c:1004:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( pabyRec + nRecordSize, psObject->panPartType,
data/therion-5.5.1ds1/extern/shpopen.c:1309:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &psShape->nSHPType, psSHP->pabyRec + 8, 4 );
data/therion-5.5.1ds1/extern/shpopen.c:1328:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &(psShape->dfXMin), psSHP->pabyRec + 8 + 4, 8 );
data/therion-5.5.1ds1/extern/shpopen.c:1329:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &(psShape->dfYMin), psSHP->pabyRec + 8 + 12, 8 );
data/therion-5.5.1ds1/extern/shpopen.c:1330:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &(psShape->dfXMax), psSHP->pabyRec + 8 + 20, 8 );
data/therion-5.5.1ds1/extern/shpopen.c:1331:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &(psShape->dfYMax), psSHP->pabyRec + 8 + 28, 8 );
data/therion-5.5.1ds1/extern/shpopen.c:1342:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &nPoints, psSHP->pabyRec + 40 + 8, 4 );
data/therion-5.5.1ds1/extern/shpopen.c:1343:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &nParts, psSHP->pabyRec + 36 + 8, 4 );
data/therion-5.5.1ds1/extern/shpopen.c:1364:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( psShape->panPartStart, psSHP->pabyRec + 44 + 8, 4 * nParts );
data/therion-5.5.1ds1/extern/shpopen.c:1377:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( psShape->panPartType, psSHP->pabyRec + nOffset, 4*nParts );
data/therion-5.5.1ds1/extern/shpopen.c:1391:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(psShape->padfX + i,
data/therion-5.5.1ds1/extern/shpopen.c:1395:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(psShape->padfY + i,
data/therion-5.5.1ds1/extern/shpopen.c:1412:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &(psShape->dfZMin), psSHP->pabyRec + nOffset, 8 );
data/therion-5.5.1ds1/extern/shpopen.c:1413:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &(psShape->dfZMax), psSHP->pabyRec + nOffset + 8, 8 );
data/therion-5.5.1ds1/extern/shpopen.c:1420:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( psShape->padfZ + i,
data/therion-5.5.1ds1/extern/shpopen.c:1436:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &(psShape->dfMMin), psSHP->pabyRec + nOffset, 8 );
data/therion-5.5.1ds1/extern/shpopen.c:1437:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &(psShape->dfMMax), psSHP->pabyRec + nOffset + 8, 8 );
data/therion-5.5.1ds1/extern/shpopen.c:1444:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( psShape->padfM + i,
data/therion-5.5.1ds1/extern/shpopen.c:1462:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &nPoints, psSHP->pabyRec + 44, 4 );
data/therion-5.5.1ds1/extern/shpopen.c:1473:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(psShape->padfX+i, psSHP->pabyRec + 48 + 16 * i, 8 );
data/therion-5.5.1ds1/extern/shpopen.c:1474:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(psShape->padfY+i, psSHP->pabyRec + 48 + 16 * i + 8, 8 );
data/therion-5.5.1ds1/extern/shpopen.c:1485:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &(psShape->dfXMin), psSHP->pabyRec + 8 + 4, 8 );
data/therion-5.5.1ds1/extern/shpopen.c:1486:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &(psShape->dfYMin), psSHP->pabyRec + 8 + 12, 8 );
data/therion-5.5.1ds1/extern/shpopen.c:1487:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &(psShape->dfXMax), psSHP->pabyRec + 8 + 20, 8 );
data/therion-5.5.1ds1/extern/shpopen.c:1488:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &(psShape->dfYMax), psSHP->pabyRec + 8 + 28, 8 );
data/therion-5.5.1ds1/extern/shpopen.c:1500:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &(psShape->dfZMin), psSHP->pabyRec + nOffset, 8 );
data/therion-5.5.1ds1/extern/shpopen.c:1501:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &(psShape->dfZMax), psSHP->pabyRec + nOffset + 8, 8 );
data/therion-5.5.1ds1/extern/shpopen.c:1508:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( psShape->padfZ + i,
data/therion-5.5.1ds1/extern/shpopen.c:1524:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &(psShape->dfMMin), psSHP->pabyRec + nOffset, 8 );
data/therion-5.5.1ds1/extern/shpopen.c:1525:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &(psShape->dfMMax), psSHP->pabyRec + nOffset + 8, 8 );
data/therion-5.5.1ds1/extern/shpopen.c:1532:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( psShape->padfM + i,
data/therion-5.5.1ds1/extern/shpopen.c:1554:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( psShape->padfX, psSHP->pabyRec + 12, 8 );
data/therion-5.5.1ds1/extern/shpopen.c:1555:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( psShape->padfY, psSHP->pabyRec + 20, 8 );
data/therion-5.5.1ds1/extern/shpopen.c:1567:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( psShape->padfZ, psSHP->pabyRec + nOffset, 8 );
data/therion-5.5.1ds1/extern/shpopen.c:1582:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( psShape->padfM, psSHP->pabyRec + nOffset, 8 );
data/therion-5.5.1ds1/loch/lxData.cxx:519:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(
data/therion-5.5.1ds1/loch/lxFile.cxx:121:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(this->m_data, src, size);
data/therion-5.5.1ds1/loch/lxFile.cxx:138:8: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
rf = tmpfile();
data/therion-5.5.1ds1/loch/lxFile.cxx:170:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ndata, this->m_data, this->m_size);
data/therion-5.5.1ds1/loch/lxFile.cxx:193:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
xf = fopen(fnm, "rb");
data/therion-5.5.1ds1/loch/lxFile.cxx:220:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(((char *)this->m_data)[this->m_size]), data, size);
data/therion-5.5.1ds1/loch/lxFile.cxx:369:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
this->m_file = fopen(fn,"wb");
data/therion-5.5.1ds1/loch/lxFile.cxx:377:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char * tmpPtr, * chunkHdrPtr, chunkHdrBuffer [sizeof(chunkHdr)];
data/therion-5.5.1ds1/loch/lxFile.cxx:458:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
this->m_file = fopen(fn,"rb");
data/therion-5.5.1ds1/loch/lxFile.cxx:466:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char * tmpPtr, * chunkHdrPtr, * tmpRecsData, chunkHdrBuffer [sizeof(chunkHdr)];
data/therion-5.5.1ds1/loch/lxFile.cxx:714:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ln[1024];
data/therion-5.5.1ds1/loch/lxFile.cxx:718:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char * tok[16];
data/therion-5.5.1ds1/loch/lxFile.cxx:723:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
this->m_file = fopen(fn,"r");
data/therion-5.5.1ds1/loch/lxFile.cxx:729:39: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define tok2num(v, n) v = atof((const char *)tok[n]);
data/therion-5.5.1ds1/loch/lxGLC.cxx:1218:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char strCBar[10];
data/therion-5.5.1ds1/loch/lxGLC.cxx:1250:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(&(strCBar[0]), "%.0f ft", st->pos.z / 0.3048);
data/therion-5.5.1ds1/loch/lxGLC.cxx:1252:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(&(strCBar[0]), "%.0f m", st->pos.z);
data/therion-5.5.1ds1/loch/lxGLC.cxx:1678:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char strCBar[10];
data/therion-5.5.1ds1/loch/lxGLC.cxx:1683:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(&(strCBar[0]), "%.0f ft", (clr[0] + double(t) / 10.0 * (clr[1] - clr[0])) / 0.3048);
data/therion-5.5.1ds1/loch/lxGLC.cxx:1685:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(&(strCBar[0]), "%.0f m", (clr[0] + double(t) / 10.0 * (clr[1] - clr[0])));
data/therion-5.5.1ds1/loch/lxGLC.cxx:1705:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char strLen[32];
data/therion-5.5.1ds1/loch/lxGLC.cxx:1743:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(&(strLen[0]),"%.0f mi", sblen);
data/therion-5.5.1ds1/loch/lxGLC.cxx:1745:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(&(strLen[0]),"%.0f ft", sblen);
data/therion-5.5.1ds1/loch/lxGLC.cxx:1747:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(&(strLen[0]),"%g in", 12.0 * sblen);
data/therion-5.5.1ds1/loch/lxGLC.cxx:1761:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(&(strLen[0]),"%.0f km", sblen / 1000.0);
data/therion-5.5.1ds1/loch/lxGLC.cxx:1763:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(&(strLen[0]),"%.0f m", sblen);
data/therion-5.5.1ds1/loch/lxGLC.cxx:1765:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(&(strLen[0]),"%.0f mm", sblen * 1000.0);
data/therion-5.5.1ds1/loch/lxGLC.cxx:1767:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(&(strLen[0]),"%g mm", sblen * 1000.0);
data/therion-5.5.1ds1/loch/lxImgIO.cxx:105:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((outfile = fopen(filename, "wb")) == NULL) {
data/therion-5.5.1ds1/loch/lxImgIO.cxx:300:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((infile = fopen(filename, "rb")) == NULL) {
data/therion-5.5.1ds1/loch/lxImgIO.cxx:385:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, buffer[0], row_stride); ptr += row_stride;
data/therion-5.5.1ds1/loch/lxRender.cxx:454:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
m_file = fopen(m_pData->m_imgFileName.mb_str(), "w+b");
data/therion-5.5.1ds1/loch/lxRender.cxx:601:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_imgBuffRow + i * bytesPerImageRow + xOffset, // Dest
data/therion-5.5.1ds1/loch/lxRender.cxx:862:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_buff[256];
data/therion-5.5.1ds1/loch/lxRender.cxx:868:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmp_buff, "q\n%.4f 0 0 %.4f 0 0 cm\n/Im1 Do\nQ\n", imw, imh);
data/therion-5.5.1ds1/loch/lxRender.cxx:895:21: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
this->m_fileTMP = tmpfile();
data/therion-5.5.1ds1/loch/lxRender.cxx:921:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char lenbuff[8];
data/therion-5.5.1ds1/thattr.cxx:263:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char x[20];
data/therion-5.5.1ds1/thattr.cxx:267:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(x, "%d", i);
data/therion-5.5.1ds1/thattr.cxx:311:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char b[64];
data/therion-5.5.1ds1/thattr.cxx:324:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(b,"%ld", cvall);
data/therion-5.5.1ds1/thattr.cxx:330:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(b,"%f", cvald);
data/therion-5.5.1ds1/thattr.cxx:543:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(fname, "w");
data/therion-5.5.1ds1/thattr.cxx:607:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(fname, "w");
data/therion-5.5.1ds1/thattr.cxx:681:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(fname, "w");
data/therion-5.5.1ds1/thbezier.cxx:1457:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fin = fopen("therion.bci","r");
data/therion-5.5.1ds1/thbezier.cxx:1477:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fout = fopen("therion.bco","w");
data/therion-5.5.1ds1/thbuffer.cxx:52:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_buff, this->buff, this->size);
data/therion-5.5.1ds1/thconfig.cxx:798:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
cf = fopen(this->fname.get_buffer(),"w");
data/therion-5.5.1ds1/thconfig.cxx:890:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
cf = fopen(".xtherion.dat","w");
data/therion-5.5.1ds1/thconvert.cxx:66:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/therion-5.5.1ds1/thconvert.cxx:132:18: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
I->layer = atol(tmp.c_str());
data/therion-5.5.1ds1/thconvert.cxx:137:18: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
I->level = atol(tmp.c_str());
data/therion-5.5.1ds1/thconvert.cxx:218:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ch[10];
data/therion-5.5.1ds1/thconvert.cxx:225:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ch,"%02x",c);
data/therion-5.5.1ds1/thconvert.cxx:250:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char x[20],y[20];
data/therion-5.5.1ds1/thconvert.cxx:544:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(x, "%.1f", atof(lastmovex.c_str())-llx); // modify this part
data/therion-5.5.1ds1/thconvert.cxx:545:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(y, "%.1f", atof(lastmovey.c_str())-lly);
data/therion-5.5.1ds1/thconvert.cxx:561:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(x, "%.1f", atof(thstack[4].c_str())-llx); // modify this part
data/therion-5.5.1ds1/thconvert.cxx:562:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(y, "%.1f", atof(thstack[5].c_str())-lly);
data/therion-5.5.1ds1/thconvert.cxx:712:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[200];
data/therion-5.5.1ds1/thconvert.cxx:815:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/therion-5.5.1ds1/thcs.cxx:57:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
num = atoi(&(name[5]));
data/therion-5.5.1ds1/thcs.cxx:85:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buff[20];
data/therion-5.5.1ds1/thcs.cxx:117:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char params[200];
data/therion-5.5.1ds1/thcs.cxx:118:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char prjname[20];
data/therion-5.5.1ds1/thdate.h:86:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dstr[thdate__bufflen]; ///< String for given date.
data/therion-5.5.1ds1/thdb1d.cxx:2014:44: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
thprintf("%ld %s %ld: %s@%s", i, dbli->open ? "OPN" : "CLS", dbli->nlegs,
data/therion-5.5.1ds1/thdb1d.cxx:2133:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (li->open) {
data/therion-5.5.1ds1/thdb1d.cxx:2223:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (li->open) {
data/therion-5.5.1ds1/thdb1d.cxx:2568:43: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((ll->next_leg == NULL) && (!li->open)) {
data/therion-5.5.1ds1/thdb1d.h:59:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool open;
data/therion-5.5.1ds1/thdb2d.cxx:3482:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
mpf = fopen(thtmp.get_file_name("data.mp"),"w");
data/therion-5.5.1ds1/thdb2d.cxx:3629:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
af = fopen("data.1","r");
data/therion-5.5.1ds1/thepsparse.cxx:912:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[500];
data/therion-5.5.1ds1/thexpdb.cxx:137:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
sqlf = fopen(fnm,"w");
data/therion-5.5.1ds1/thexpdb.cxx:435:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out = fopen(fnm, "w");
data/therion-5.5.1ds1/thexpdb.cxx:470:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char first_name[MAX_LEN];
data/therion-5.5.1ds1/thexpmap.cxx:376:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char a [8];
data/therion-5.5.1ds1/thexpmap.cxx:428:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
pltf = fopen(fnm,"w");
data/therion-5.5.1ds1/thexpmap.cxx:785:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
pltf = fopen(fnm,"w");
data/therion-5.5.1ds1/thexpmap.cxx:880:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prevbf[11];
data/therion-5.5.1ds1/thexpmap.cxx:1238:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
tf = fopen(thtmp.get_file_name("data.tex"),"w");
data/therion-5.5.1ds1/thexpmap.cxx:1257:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
plf = fopen(thtmp.get_file_name("data.pl"),"w");
data/therion-5.5.1ds1/thexpmap.cxx:1261:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
mpf = fopen(thtmp.get_file_name("data.mp"),"w");
data/therion-5.5.1ds1/thexpmap.cxx:1618:21: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(texb.get_buffer(),"data.%ld",exps.F);
data/therion-5.5.1ds1/thexpmap.cxx:1627:21: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(texb.get_buffer(),"data.%ld",exps.B);
data/therion-5.5.1ds1/thexpmap.cxx:1630:21: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(texb.get_buffer(),"data.%ldbg",exps.B);
data/therion-5.5.1ds1/thexpmap.cxx:1633:21: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(texb.get_buffer(),"data.%ldclip",exps.B);
data/therion-5.5.1ds1/thexpmap.cxx:1645:21: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(texb.get_buffer(),"data.%ld",exps.E);
data/therion-5.5.1ds1/thexpmap.cxx:1653:21: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(texb.get_buffer(),"data.%ld",exps.X);
data/therion-5.5.1ds1/thexpmap.cxx:1656:21: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(texb.get_buffer(),"data.%ldbbox",exps.X);
data/therion-5.5.1ds1/thexpmap.cxx:1691:21: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(texb.get_buffer(),"data.%ld",exps.B);
data/therion-5.5.1ds1/thexpmap.cxx:1694:21: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(texb.get_buffer(),"data.%ldbg",exps.B);
data/therion-5.5.1ds1/thexpmap.cxx:1697:21: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(texb.get_buffer(),"data.%ldclip",exps.B);
data/therion-5.5.1ds1/thexpmap.cxx:1736:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(texb.get_buffer(),"data.%d",sfig);
data/therion-5.5.1ds1/thexpmap.cxx:1740:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(texb.get_buffer(),"data.%d",sfig);
data/therion-5.5.1ds1/thexpmap.cxx:1924:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(texb.get_buffer(),"data.%d",sfig); \
data/therion-5.5.1ds1/thexpmap.cxx:2094:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
tf = fopen(thtmp.get_file_name("th_texts.tex"),"w");
data/therion-5.5.1ds1/thexpmodel.cxx:220:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char title[_MAX_FNAME];
data/therion-5.5.1ds1/thexpmodel.cxx:400:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char station_name[14];
data/therion-5.5.1ds1/thexpmodel.cxx:402:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
pltf = fopen(fnm,"w");
data/therion-5.5.1ds1/thexpmodel.cxx:683:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
pltf = fopen(fnm,"w");
data/therion-5.5.1ds1/thexpmodel.cxx:768:22: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
texf = fopen(tifn.get_buffer(), "wb");
data/therion-5.5.1ds1/thexpmodel.cxx:769:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
xf = fopen(srfc->pict_name, "rb");
data/therion-5.5.1ds1/thexpmodel.cxx:936:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
pltf = fopen(fnm,"w");
data/therion-5.5.1ds1/thexpmodel.cxx:1139:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
pltf = fopen(fnm,"w");
data/therion-5.5.1ds1/thexpmodel.cxx:1880:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out = fopen(fnm, "w");
data/therion-5.5.1ds1/thexpshp.cxx:92:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool thexpshpf::open()
data/therion-5.5.1ds1/thexpshp.cxx:132:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
prjf = fopen(prjname.c_str(), "w");
data/therion-5.5.1ds1/thexpshp.cxx:170:16: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool thexpshp::open(const char * dirname)
data/therion-5.5.1ds1/thexpshp.cxx:229:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!this->open())
data/therion-5.5.1ds1/thexpshp.cxx:515:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char typefc[2];
data/therion-5.5.1ds1/thexpshp.cxx:638:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!xs.open(fnm)) {
data/therion-5.5.1ds1/thexpshp.cxx:688:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!xs.open(fnm)) {
data/therion-5.5.1ds1/thexpshp.h:65:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool open();
data/therion-5.5.1ds1/thexpshp.h:99:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool open(const char * dirname);
data/therion-5.5.1ds1/thexptable.cxx:398:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char title[_MAX_FNAME];
data/therion-5.5.1ds1/thexpuni.cxx:452:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out = fopen(fnm, "w");
data/therion-5.5.1ds1/thexpuni.cxx:638:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out = fopen(fnm, "w");
data/therion-5.5.1ds1/thexpuni.cxx:730:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out = fopen(fnm, "w");
data/therion-5.5.1ds1/thimport.cxx:206:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
tmp = fopen(this->fname,"r");
data/therion-5.5.1ds1/thimport.cxx:460:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char * args [4], * stnm, a0[32], a1[32], a2[32], a3[32];
data/therion-5.5.1ds1/thimport.cxx:513:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xb.get_buffer(), "%.16g", imgpt.x + this->calib_x);
data/therion-5.5.1ds1/thimport.cxx:514:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(yb.get_buffer(), "%.16g", imgpt.y + this->calib_y);
data/therion-5.5.1ds1/thimport.cxx:515:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(zb.get_buffer(), "%.16g", imgpt.z + this->calib_z);
data/therion-5.5.1ds1/thimport.cxx:552:23: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
args[2] = strcpy(a2, "entrance");
data/therion-5.5.1ds1/thimport.cxx:558:23: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
args[2] = strcpy(a2, "not");
data/therion-5.5.1ds1/thimport.cxx:559:23: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
args[3] = strcpy(a3, "fixed");
data/therion-5.5.1ds1/thimport.cxx:665:15: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
args[0] = strcpy(a0, "nosurvey");
data/therion-5.5.1ds1/thimport.cxx:666:15: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
args[1] = strcpy(a1, "from");
data/therion-5.5.1ds1/thimport.cxx:667:15: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
args[2] = strcpy(a2, "to");
data/therion-5.5.1ds1/thinit.cxx:242:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE * f = fopen(thtmp.get_file_name("pltotf.bat"),"w");
data/therion-5.5.1ds1/thinit.cxx:245:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(thtmp.get_file_name("cfftot1.bat"),"w");
data/therion-5.5.1ds1/thinit.cxx:691:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE * ff = fopen(thtmp.get_file_name("fonttest.tex"),"w");
data/therion-5.5.1ds1/thinput.cxx:224:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ifptr->sh.open(ifptr->name); //, ios::in | ios::nocreate
data/therion-5.5.1ds1/thinput.cxx:239:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ifptr->sh.open(ifptr->name); //, ios::in | ios::nocreate
data/therion-5.5.1ds1/thlocale.cxx:13:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lcbuffmain [LCBUFFNUM * LCBUFFLEN];
data/therion-5.5.1ds1/thlogfile.cxx:55:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
this->fileh = fopen(this->get_file_name(), logfilemode);
data/therion-5.5.1ds1/thlookup.cxx:119:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char * tmpa[1];
data/therion-5.5.1ds1/thmbuffer.cxx:89:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_buf, this->buf, this->size * sizeof(char*));
data/therion-5.5.1ds1/thparse.cxx:783:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char single[2];
data/therion-5.5.1ds1/thparse.cxx:962:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE * pictf = fopen(fname, "rb");
data/therion-5.5.1ds1/thparse.cxx:966:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char picth [picths], * scan;
data/therion-5.5.1ds1/thparse.cxx:1007:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
pictf = fopen(fname, "rb");
data/therion-5.5.1ds1/thparse.cxx:1155:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char in_buffer[3];
data/therion-5.5.1ds1/thparse.cxx:1156:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char out_buffer[5];
data/therion-5.5.1ds1/thparse.cxx:1159:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fin = fopen(fname, "rb");
data/therion-5.5.1ds1/thpdf.cxx:119:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[101],ctok[100];
data/therion-5.5.1ds1/thpdf.cxx:244:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[50];
data/therion-5.5.1ds1/thpdf.cxx:245:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"%d.%d.%d",x,y,z);
data/therion-5.5.1ds1/thpdf.cxx:489:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[10];
data/therion-5.5.1ds1/thpdf.cxx:490:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"%d",atoi(s.c_str())+offset);
data/therion-5.5.1ds1/thpdf.cxx:490:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
sprintf(buf,"%d",atoi(s.c_str())+offset);
data/therion-5.5.1ds1/thpdf.cxx:497:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[10];
data/therion-5.5.1ds1/thpdf.cxx:498:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"%c",c+offset);
data/therion-5.5.1ds1/thpdfdbg.cxx:65:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ch[8];
data/therion-5.5.1ds1/thpdfdbg.cxx:66:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ch,"#%02x%02x%02x",int(255*r) % 256,
data/therion-5.5.1ds1/thpic.cxx:136:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
tmp = fopen(thpic__tmp,"r");
data/therion-5.5.1ds1/thpic.cxx:165:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpfn[255];
data/therion-5.5.1ds1/thpic.cxx:167:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char options[1024];
data/therion-5.5.1ds1/thpic.cxx:224:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(this->rgbafn,"rb");
data/therion-5.5.1ds1/thpic.cxx:268:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpfn[255];
data/therion-5.5.1ds1/thpic.cxx:269:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpfn, "pic%04ld.rgba", thpic__convert_number++);
data/therion-5.5.1ds1/thpic.cxx:273:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(tmp.fname,"wb");
data/therion-5.5.1ds1/thpic.cxx:299:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char data[4], * src;
data/therion-5.5.1ds1/thpic.cxx:337:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char data[4];
data/therion-5.5.1ds1/thpic.cxx:365:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char data[4];
data/therion-5.5.1ds1/thselector.cxx:387:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(projdir.get_buffer(), "\\[%.1f\\]", prjli->pp1);
data/therion-5.5.1ds1/thsvg.cxx:126:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char in_buffer[3];
data/therion-5.5.1ds1/thsvg.cxx:127:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char out_buffer[4];
data/therion-5.5.1ds1/thsvxctrl.cxx:322:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
this->svxf = fopen(svxfn,"w");
data/therion-5.5.1ds1/thsvxctrl.cxx:669:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(numbuff,"%2ld> ",lnum);
data/therion-5.5.1ds1/thsvxctrl.cxx:676:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(numbuff,"%ld : ",(csn+1));
data/therion-5.5.1ds1/thsymbolset.cxx:113:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char a [5];
data/therion-5.5.1ds1/thsymbolset.cxx:212:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char types[128],
data/therion-5.5.1ds1/thsymbolset.cxx:931:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(texb.get_buffer(),"data.%d",sfig); \
data/therion-5.5.1ds1/thsymbolset.cxx:1554:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
mpf = fopen(thtmp.get_file_name("data.mp"),"w");
data/therion-5.5.1ds1/thsymbolset.cxx:1709:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[100];
data/therion-5.5.1ds1/thtexfonts.cxx:100:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fc[12];
data/therion-5.5.1ds1/thtexfonts.cxx:110:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fc,"%02d", j);
data/therion-5.5.1ds1/thtexfonts.cxx:258:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ch[10];
data/therion-5.5.1ds1/thtexfonts.cxx:263:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ch,"%o",c);
data/therion-5.5.1ds1/thtexfonts.cxx:266:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ch,"%o",c);
data/therion-5.5.1ds1/thtexfonts.cxx:277:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ch[10];
data/therion-5.5.1ds1/thtexfonts.cxx:281:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ch,"%02x",c);
data/therion-5.5.1ds1/thtexfonts.cxx:284:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ch,"%02x",c);
data/therion-5.5.1ds1/thtexfonts.cxx:594:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
return ENC_NEW.get_uni(atoi(f_ind.c_str()),ch);
data/therion-5.5.1ds1/thtmpdir.cxx:88:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dn[16];
data/therion-5.5.1ds1/thwarpp.cxx:117:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(n2sb.get_buffer(),"%ld",ccp->st->uid);
data/therion-5.5.1ds1/thwarpp.cxx:134:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(n2sb.get_buffer(),"%ld",fuid);
data/therion-5.5.1ds1/thwarpp.cxx:135:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(n2sb2.get_buffer(),"%ld",tuid);
data/therion-5.5.1ds1/thwarpp.cxx:158:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(n2sb2.get_buffer(),"%ld",fuid);
data/therion-5.5.1ds1/thwarpp.cxx:159:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(n2sb.get_buffer(),"%ld_E_%d",fuid, ++n_extra);
data/therion-5.5.1ds1/extern/catch2/catch.hpp:3693:29: [1] (buffer) is_permutation:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
return std::is_permutation(m_target.begin(), m_target.end(), vec.begin());
data/therion-5.5.1ds1/extern/catch2/catch.hpp:13307:36: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
static_cast<void>(std::getchar());
data/therion-5.5.1ds1/extern/catch2/catch.hpp:13312:36: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
static_cast<void>(std::getchar());
data/therion-5.5.1ds1/extern/catch2/catch.hpp:13609:50: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
return s.size() >= prefix.size() && std::equal(prefix.begin(), prefix.end(), s.begin());
data/therion-5.5.1ds1/extern/catch2/catch.hpp:13615:50: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
return s.size() >= suffix.size() && std::equal(suffix.rbegin(), suffix.rend(), s.rbegin());
data/therion-5.5.1ds1/extern/catch2/catch.hpp:13703:67: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
: StringRef( rawChars, static_cast<StringRef::size_type>(std::strlen(rawChars) ) )
data/therion-5.5.1ds1/extern/dbfopen.c:333:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pszBasename = (char *) malloc(strlen(pszFilename)+5);
data/therion-5.5.1ds1/extern/dbfopen.c:335:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for( i = strlen(pszBasename)-1;
data/therion-5.5.1ds1/extern/dbfopen.c:343:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pszFullname = (char *) malloc(strlen(pszBasename) + 5);
data/therion-5.5.1ds1/extern/dbfopen.c:523:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pszBasename = (char *) malloc(strlen(pszFilename)+5);
data/therion-5.5.1ds1/extern/dbfopen.c:525:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for( i = strlen(pszBasename)-1;
data/therion-5.5.1ds1/extern/dbfopen.c:533:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pszFullname = (char *) malloc(strlen(pszBasename) + 5);
data/therion-5.5.1ds1/extern/dbfopen.c:655:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( (int) strlen(pszFieldName) < 10 )
data/therion-5.5.1ds1/extern/dbfopen.c:656:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( pszFInfo, pszFieldName, strlen(pszFieldName));
data/therion-5.5.1ds1/extern/dbfopen.c:656:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy( pszFInfo, pszFieldName, strlen(pszFieldName));
data/therion-5.5.1ds1/extern/dbfopen.c:658:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( pszFInfo, pszFieldName, 10);
data/therion-5.5.1ds1/extern/dbfopen.c:748:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( pszStringField,
data/therion-5.5.1ds1/extern/dbfopen.c:888:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return strlen(pszValue) == 0;
data/therion-5.5.1ds1/extern/dbfopen.c:942:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( pszFieldName, (char *) psDBF->pszHeader+iField*32, 11 );
data/therion-5.5.1ds1/extern/dbfopen.c:1078:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( (int)strlen(szSField) > psDBF->panFieldSize[iField] )
data/therion-5.5.1ds1/extern/dbfopen.c:1084:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char *) (pabyRec+psDBF->panFieldOffset[iField]),
data/therion-5.5.1ds1/extern/dbfopen.c:1085:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
szSField, strlen(szSField) );
data/therion-5.5.1ds1/extern/dbfopen.c:1097:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( (int) strlen(szSField) > psDBF->panFieldSize[iField] )
data/therion-5.5.1ds1/extern/dbfopen.c:1102:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char *) (pabyRec+psDBF->panFieldOffset[iField]),
data/therion-5.5.1ds1/extern/dbfopen.c:1103:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
szSField, strlen(szSField) );
data/therion-5.5.1ds1/extern/dbfopen.c:1114:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( (int) strlen((char *) pValue) > psDBF->panFieldSize[iField] )
data/therion-5.5.1ds1/extern/dbfopen.c:1123:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
j = strlen((char *) pValue);
data/therion-5.5.1ds1/extern/dbfopen.c:1126:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char *) (pabyRec+psDBF->panFieldOffset[iField]),
data/therion-5.5.1ds1/extern/dbfopen.c:1193:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( (int)strlen((char *) pValue) > psDBF->panFieldSize[iField] )
data/therion-5.5.1ds1/extern/dbfopen.c:1199:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
j = strlen((char *) pValue);
data/therion-5.5.1ds1/extern/dbfopen.c:1202:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char *) (pabyRec+psDBF->panFieldOffset[iField]),
data/therion-5.5.1ds1/extern/dbfopen.c:1461:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (string);
data/therion-5.5.1ds1/extern/dbfopen.c:1483:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(name1, pszFieldName,11);
data/therion-5.5.1ds1/extern/dbfopen.c:1490:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(name2,name,11);
data/therion-5.5.1ds1/extern/getline.c:89:24: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
register int c = getc (stream);
data/therion-5.5.1ds1/extern/getopt.c:241:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
extern int strlen (const char *);
data/therion-5.5.1ds1/extern/getopt.c:439:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = nonoption_flags_max_len = strlen (orig_str);
data/therion-5.5.1ds1/extern/getopt.c:663:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
== (unsigned int) strlen (p->name))
data/therion-5.5.1ds1/extern/getopt.c:687:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nextchar += strlen (nextchar);
data/therion-5.5.1ds1/extern/getopt.c:717:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nextchar += strlen (nextchar);
data/therion-5.5.1ds1/extern/getopt.c:733:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nextchar += strlen (nextchar);
data/therion-5.5.1ds1/extern/getopt.c:738:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nextchar += strlen (nextchar);
data/therion-5.5.1ds1/extern/getopt.c:849:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((unsigned int) (nameend - nextchar) == strlen (p->name))
data/therion-5.5.1ds1/extern/getopt.c:872:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nextchar += strlen (nextchar);
data/therion-5.5.1ds1/extern/getopt.c:892:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nextchar += strlen (nextchar);
data/therion-5.5.1ds1/extern/getopt.c:906:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nextchar += strlen (nextchar);
data/therion-5.5.1ds1/extern/getopt.c:910:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nextchar += strlen (nextchar);
data/therion-5.5.1ds1/extern/img.c:76:20: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
# define GETC(FH) getc(FH)
data/therion-5.5.1ds1/extern/img.c:146:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (q) len = (const char *)q - p; else len = strlen(p);
data/therion-5.5.1ds1/extern/img.c:186:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(old_tz) + 1;
data/therion-5.5.1ds1/extern/img.c:194:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = (char *)xosmalloc(strlen(tz) + 4);
data/therion-5.5.1ds1/extern/img.c:304:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(str) + 1;
data/therion-5.5.1ds1/extern/img.c:436:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(survey);
data/therion-5.5.1ds1/extern/img.c:471:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(fnm);
data/therion-5.5.1ds1/extern/img.c:583:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(line);
data/therion-5.5.1ds1/extern/img.c:765:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t real_len = strlen(title);
data/therion-5.5.1ds1/extern/img.c:793:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(pimg->title);
data/therion-5.5.1ds1/extern/img.c:939:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(title);
data/therion-5.5.1ds1/extern/img.c:1700:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(pimg->label);
data/therion-5.5.1ds1/extern/img.c:1765:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
q = pimg->label_buf + strlen(pimg->label_buf) - 1;
data/therion-5.5.1ds1/extern/img.c:1842:7: [1] (buffer) fscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
if (fscanf(pimg->fh, "%6s", cmd) < 1) return img_STOP;
data/therion-5.5.1ds1/extern/img.c:1941:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
off += strlen(pimg->label_buf + off);
data/therion-5.5.1ds1/extern/img.c:2131:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pimg->label = pimg->label_buf + strlen(pimg->label_buf);
data/therion-5.5.1ds1/extern/img.c:2164:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(line);
data/therion-5.5.1ds1/extern/img.c:2284:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(s + len);
data/therion-5.5.1ds1/extern/img.c:2318:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
add = strlen(s + len);
data/therion-5.5.1ds1/extern/img.c:2659:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(s);
data/therion-5.5.1ds1/extern/shpopen.c:383:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pszBasename = (char *) malloc(strlen(pszLayer)+5);
data/therion-5.5.1ds1/extern/shpopen.c:385:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for( i = strlen(pszBasename)-1;
data/therion-5.5.1ds1/extern/shpopen.c:397:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pszFullname = (char *) malloc(strlen(pszBasename) + 5);
data/therion-5.5.1ds1/extern/shpopen.c:641:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pszBasename = (char *) malloc(strlen(pszLayer)+5);
data/therion-5.5.1ds1/extern/shpopen.c:643:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for( i = strlen(pszBasename)-1;
data/therion-5.5.1ds1/extern/shpopen.c:654:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pszFullname = (char *) malloc(strlen(pszBasename) + 5);
data/therion-5.5.1ds1/loch/getline.c:94:24: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
register int c = getc (stream);
data/therion-5.5.1ds1/loch/lxFile.cxx:182:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strln = strlen(str);
data/therion-5.5.1ds1/loch/lxFile.cxx:604:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sl = strlen((char *)str);
data/therion-5.5.1ds1/loch/lxFile.cxx:737:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char * sname = new char [strlen(fn)+1];
data/therion-5.5.1ds1/loch/lxFile.cxx:740:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (x = (strlen(fn) - 1); x >= 0; x--) {
data/therion-5.5.1ds1/loch/lxFile.cxx:746:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (x = xx; (x < int(strlen(fn))) && (strcasecmp(&(fn[x]),".PLT") != 0); x++) {
data/therion-5.5.1ds1/loch/lxFile.cxx:868:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char * sname = new char [strlen(fn)+1];
data/therion-5.5.1ds1/loch/lxFile.cxx:871:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (x = (strlen(fn) - 1); x >= 0; x--) {
data/therion-5.5.1ds1/loch/lxFile.cxx:877:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (x = xx; (x < int(strlen(fn))) && (strcasecmp(&(fn[x]),".PLT") != 0); x++) {
data/therion-5.5.1ds1/loch/lxGLC.cxx:1235:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (this->setup->m_stlabel_name && (strlen(st->m_name) > 0))
data/therion-5.5.1ds1/loch/lxGLC.cxx:1241:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(csurvey) > 0) {
data/therion-5.5.1ds1/loch/lxGLC.cxx:1259:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (this->setup->m_stlabel_comment && (strlen(st->m_comment) > 0)) {
data/therion-5.5.1ds1/loch/lxGLC.cxx:1803:75: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
this->GetFontNumeric()->draw(0.5 * size * this->m_indRes - 0.5 * double(strlen(strLen)) * lxFNTSW, (sbh + sbt + 1.0) * this->m_indRes, strLen);
data/therion-5.5.1ds1/loch/lxRender.cxx:869:95: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fprintf(this->m_file,"4 0 obj <<\n/Length %u\n>>\nstream\n%sendstream\nendobj\n", (unsigned)strlen(tmp_buff), tmp_buff);
data/therion-5.5.1ds1/loch/lxSTree.cxx:110:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(i->m_name) == 0) {
data/therion-5.5.1ds1/loch/lxSTree.cxx:116:146: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
parents.push_back(this->m_treeControl->AppendItem(parents[(i->m_parent + add) < parents.size() ? (i->m_parent + add) : 0], wxConvUTF8.cMB2WX(strlen(i->m_title) > 0 ? i->m_title : i->m_name)));
data/therion-5.5.1ds1/th2ddataobject.cxx:174:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sl = strlen(src);
data/therion-5.5.1ds1/tharea.cxx:120:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(subtype) > 0)
data/therion-5.5.1ds1/thattr.cxx:195:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((value != NULL) && (strlen(value) > 0)) {
data/therion-5.5.1ds1/thattr.cxx:268:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nn = name.substr(0, 10 - strlen(x));
data/therion-5.5.1ds1/thbuffer.cxx:59:18: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
char * thbuffer::strncpy(const char * src, size_t n)
data/therion-5.5.1ds1/thbuffer.cxx:63:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
::strncpy(this->buff, src, n);
data/therion-5.5.1ds1/thbuffer.cxx:71:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t srclen = strlen(src);
data/therion-5.5.1ds1/thbuffer.cxx:80:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t newlen = strlen(src) + strlen(this->buff);
data/therion-5.5.1ds1/thbuffer.cxx:80:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t newlen = strlen(src) + strlen(this->buff);
data/therion-5.5.1ds1/thbuffer.cxx:87:18: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
char * thbuffer::strncat(const char * src, size_t n)
data/therion-5.5.1ds1/thbuffer.cxx:89:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t newlen = n + 1 + strlen(this->buff);
data/therion-5.5.1ds1/thbuffer.cxx:92:12: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
return ::strncat(this->buff, src, n);
data/therion-5.5.1ds1/thbuffer.h:87:10: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
char * strncpy(const char * src, size_t n);
data/therion-5.5.1ds1/thbuffer.h:104:10: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
char * strncat(const char * src, size_t n);
data/therion-5.5.1ds1/thchenc.cxx:43:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t srcln = strlen(src), srcx = 0;
data/therion-5.5.1ds1/thchenc.cxx:103:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t srcln = strlen(src), srcx = 0;
data/therion-5.5.1ds1/thconfig.cxx:226:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(this->install_path.get_buffer()) > 0) {
data/therion-5.5.1ds1/thconfig.cxx:239:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(this->install_path.get_buffer()) > 0) {
data/therion-5.5.1ds1/thconfig.cxx:274:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(this->install_path.get_buffer()) > 0) {
data/therion-5.5.1ds1/thconfig.cxx:287:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(this->install_path.get_buffer()) > 0) {
data/therion-5.5.1ds1/thcs.cxx:51:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(name) > 5) {
data/therion-5.5.1ds1/thcs.cxx:97:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(thtt_cs[ii].s) < 6)
data/therion-5.5.1ds1/thdata.cxx:2353:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(args[1]) > 0) {
data/therion-5.5.1ds1/thdata.cxx:2418:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(args[ai]) == 0) {
data/therion-5.5.1ds1/thdata.cxx:2431:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(args[ai]) == 0)
data/therion-5.5.1ds1/thdata.cxx:2445:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(args[ai]) > 0) {
data/therion-5.5.1ds1/thdatabase.cxx:218:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(optr->name) > 0) &&
data/therion-5.5.1ds1/thdatabase.cxx:235:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(optr->name) > 0) {
data/therion-5.5.1ds1/thdatabase.cxx:264:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(optr->name) > 0) {
data/therion-5.5.1ds1/thdatabase.cxx:443:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((ps != NULL) || ((on.survey != NULL) && (strlen(on.survey) > 0)))
data/therion-5.5.1ds1/thdataobject.cxx:202:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(args[0]) == 0)
data/therion-5.5.1ds1/thdataobject.cxx:206:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(args[1]) == 0)
data/therion-5.5.1ds1/thdataobject.cxx:321:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(thexc.get_buffer()) > 0)
data/therion-5.5.1ds1/thdataobject.cxx:328:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(this->name) > 0)
data/therion-5.5.1ds1/thdataobject.cxx:335:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(this->name) > 0)
data/therion-5.5.1ds1/thdataobject.cxx:538:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((name == NULL) || (strlen(name) == 0))
data/therion-5.5.1ds1/thdatareader.cxx:50:20: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void thdatareader::read(const char * ifname, long lnstart, long lnend, const char * spath, thdatabase * dbptr)
data/therion-5.5.1ds1/thdatareader.h:62:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void read(const char * ifname, long lnstart, long lnend, const char * spath, thdatabase * dbptr);
data/therion-5.5.1ds1/thdate.cxx:632:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tl -= strlen(dst);
data/therion-5.5.1ds1/thdate.cxx:633:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dst += strlen(dst);
data/therion-5.5.1ds1/thdate.cxx:671:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tl -= strlen(dst);
data/therion-5.5.1ds1/thdate.cxx:672:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dst += strlen(dst);
data/therion-5.5.1ds1/thdate.cxx:708:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tl -= strlen(dst);
data/therion-5.5.1ds1/thdate.cxx:709:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dst += strlen(dst);
data/therion-5.5.1ds1/thdate.cxx:745:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((fname == NULL) || (strlen(fname) == 0))
data/therion-5.5.1ds1/thdb1d.cxx:468:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(srv->title) > 0)
data/therion-5.5.1ds1/thdb1d.cxx:2511:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int totlen = 6 - strlen(thdeflocale.format_length_units()) + 1;
data/therion-5.5.1ds1/thdb2d.cxx:1147:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(prj->index) > 0 ? ":" : "",
data/therion-5.5.1ds1/thdb2d.cxx:1148:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(prj->index) > 0 ? prj->index : "");
data/therion-5.5.1ds1/thdb2d.cxx:1173:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(cm->name) > 0)
data/therion-5.5.1ds1/thdb2d.cxx:1185:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((cm->id != bm->id) && (strlen(bm->name) > 0))
data/therion-5.5.1ds1/thdb2d.cxx:1233:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(prj->index) > 0) {
data/therion-5.5.1ds1/thdb2d.cxx:3519:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(sn) > 0) fprintf(mpf,"@%s", sn);
data/therion-5.5.1ds1/thdb2d.cxx:3635:11: [1] (buffer) fscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
while ((fscanf(af,"%32s",buff) > 0) && (ti != todo.end())) {
data/therion-5.5.1ds1/thdb2d00.cxx:623:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(newname) == 0)
data/therion-5.5.1ds1/thdb2d00.cxx:653:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(newname) == 0)
data/therion-5.5.1ds1/thdb2d00.cxx:686:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(((thmap*)(ii->optr))->title) > 0) {
data/therion-5.5.1ds1/therion-main.cxx:172:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
thdbreader.read(srcit->fname, srcit->startln, srcit->endln,
data/therion-5.5.1ds1/therion-main.cxx:255:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(thexc.get_buffer()) == 0) {
data/therion-5.5.1ds1/therion.cxx:155:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (strlen(lngstr) > 0) {
data/therion-5.5.1ds1/therion.cxx:184:5: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
getchar();
data/therion-5.5.1ds1/thexpdb.cxx:172:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define CHECK_STRLEN(var,str) {if (strlen(str) > var) var = strlen(str);}
data/therion-5.5.1ds1/thexpdb.cxx:172:61: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define CHECK_STRLEN(var,str) {if (strlen(str) > var) var = strlen(str);}
data/therion-5.5.1ds1/thexpmap.cxx:621:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fnl = strlen(skit->m_pic.fname);
data/therion-5.5.1ds1/thexpmap.cxx:859:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fnl = strlen(skit->m_pic.fname);
data/therion-5.5.1ds1/thexpmap.cxx:898:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(cpch = 0; cpch < strlen(cpcmd); cpch++) {
data/therion-5.5.1ds1/thexpmap.cxx:911:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(cpch = strlen(fnm); cpch > 0; cpch--) {
data/therion-5.5.1ds1/thexpmap.cxx:927:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define objname(obj) (obj)->get_name(), (strlen((obj)->fsptr->get_full_name()) > 0 ? "." : ""), (obj)->fsptr->get_full_name()
data/therion-5.5.1ds1/thexpmap.cxx:955:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(pt->name) > 0) {
data/therion-5.5.1ds1/thexpmap.cxx:1017:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(ln->name) > 0) {
data/therion-5.5.1ds1/thexpmap.cxx:1059:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(ar->name) > 0) {
data/therion-5.5.1ds1/thexpmap.cxx:1967:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
chtitle = (strlen(cmap->map->title) > 0 ? cmap->map->title : cmap->map->name);
data/therion-5.5.1ds1/thexpmap.cxx:1993:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
thdecode(& texb,TT_ISO8859_2,(strlen(cmap->map->title) > 0 ? cmap->map->title : cmap->map->name));
data/therion-5.5.1ds1/thexpmap.cxx:1996:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
LAYER_ITER->second.N = (strlen(cmap->map->title) > 0 ? cmap->map->title : cmap->map->name);
data/therion-5.5.1ds1/thexpmap.cxx:2125:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((this->layout->m_lookup != NULL) && (strlen(this->layout->m_lookup->m_title) > 0)) {
data/therion-5.5.1ds1/thexpmap.cxx:2136:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(this->layout->doc_comment) > 0) {
data/therion-5.5.1ds1/thexpmap.cxx:2294:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(cpch = 0; cpch < strlen(cpcmd); cpch++) {
data/therion-5.5.1ds1/thexpmap.cxx:2406:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(scrap->fsptr->full_name) > 0) {
data/therion-5.5.1ds1/thexpmap.cxx:2779:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((slp->station->comment != NULL) && (strlen(slp->station->comment) > 0)) {
data/therion-5.5.1ds1/thexpmap.cxx:3001:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (out->layout->is_debug_stationnames() && (strlen(dbg_stnms.get_buffer()) > 0)) {
data/therion-5.5.1ds1/thexpmap.cxx:3175:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(cmap->map->title) > 0) {
data/therion-5.5.1ds1/thexpmap.cxx:3473:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(ccidx) > 0) {
data/therion-5.5.1ds1/thexpmodel.cxx:343:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(stnbuf.get_buffer()) > 0) stnbuf.strcat(".");
data/therion-5.5.1ds1/thexpmodel.cxx:443:1: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(station_name,dbp->db1d.station_vec[stid].name,8); \
data/therion-5.5.1ds1/thexpmodel.cxx:1911:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
std::string cavename = ths2txt((strlen(mainsrv->title) > 0) ? mainsrv->title : mainsrv->name, layout->lang);
data/therion-5.5.1ds1/thexpmodel.cxx:2002:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(surv->name) == 0) || !(surv->is_selected()) || (surv == NULL))
data/therion-5.5.1ds1/thexpmodel.cxx:2011:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(subsurv->name) == 0) || !(subsurv->is_selected()))
data/therion-5.5.1ds1/thexpmodel.cxx:2013:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
std::string surveyname = ths2txt((strlen(subsurv->title) > 0) ? subsurv->title : subsurv->name, layout->lang);
data/therion-5.5.1ds1/thexport.cxx:86:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(args[argx]) > 0) {
data/therion-5.5.1ds1/thexport.h:152:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(this->outpt) > strlen(extension)) { \
data/therion-5.5.1ds1/thexport.h:152:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(this->outpt) > strlen(extension)) { \
data/therion-5.5.1ds1/thexport.h:153:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strcasecmp(&(this->outpt[strlen(this->outpt) - strlen(extension)]), extension) == 0) { \
data/therion-5.5.1ds1/thexport.h:153:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strcasecmp(&(this->outpt[strlen(this->outpt) - strlen(extension)]), extension) == 0) { \
data/therion-5.5.1ds1/thexporter.cxx:63:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(system_cmd) == 0)
data/therion-5.5.1ds1/thexpshp.cxx:128:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((thcfg.outcs != TTCS_LOCAL) && (strlen(thcs_get_data(thcfg.outcs)->prjspec) > 0)) {
data/therion-5.5.1ds1/thexpshp.cxx:552:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((ppt->text != NULL) && (strlen(ppt->text) > 0))
data/therion-5.5.1ds1/thexpshp.cxx:586:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((pln->text != NULL) && (strlen(pln->text) > 0))
data/therion-5.5.1ds1/thexpshp.cxx:715:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((st->comment != NULL) && (strlen(st->comment) > 0))
data/therion-5.5.1ds1/thexptable.cxx:169:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
this->m_table.insert_attribute("Title", ths2txt((strlen(survey->title) > 0) ? survey->title : survey->name, layout->lang).c_str());
data/therion-5.5.1ds1/thexptable.cxx:315:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(srv->get_title()) > 0) {
data/therion-5.5.1ds1/thexptable.cxx:319:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(survey) == 0)
data/therion-5.5.1ds1/thexptable.cxx:340:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(st->survey->get_title()) > 0) {
data/therion-5.5.1ds1/thexptable.cxx:344:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(survey) == 0)
data/therion-5.5.1ds1/thexptable.cxx:366:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (((*oi)->get_class_id() == TT_SURVEY_CMD) && (strlen((*oi)->name) > 0)) {
data/therion-5.5.1ds1/thexptable.cxx:372:62: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
this->m_table.insert_attribute("Title", ths2txt((strlen(srv->title) > 0) ? srv->title : srv->name, layout->lang).c_str());
data/therion-5.5.1ds1/thexptable.cxx:456:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(xlabel) == 0) {
data/therion-5.5.1ds1/thexptable.cxx:476:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(ylabel) == 0) {
data/therion-5.5.1ds1/thexptable.cxx:496:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(zlabel) == 0) {
data/therion-5.5.1ds1/thexpuni.cxx:489:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
std::string cavename = ths2txt((strlen(mainsrv->title) > 0) ? mainsrv->title : mainsrv->name, layout->lang);
data/therion-5.5.1ds1/thexpuni.cxx:533:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
std::string mapname = ths2txt((strlen(cbm->bm->title) > 0) ? cbm->bm->title : cbm->bm->name, layout->lang);
data/therion-5.5.1ds1/thimport.cxx:149:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(args[0]) > 0)
data/therion-5.5.1ds1/thimport.cxx:184:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(fnm) == 0)
data/therion-5.5.1ds1/thimport.cxx:189:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(i = (long)strlen(pp); i >= 0; i--) {
data/therion-5.5.1ds1/thimport.cxx:195:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(pp) == 0)
data/therion-5.5.1ds1/thimport.cxx:199:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(i = (long)strlen(pp); i >= 0; i--) {
data/therion-5.5.1ds1/thimport.cxx:213:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define check_ext(str) (strlen(this->fname) > strlen(str)) && \
data/therion-5.5.1ds1/thimport.cxx:213:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define check_ext(str) (strlen(this->fname) > strlen(str)) && \
data/therion-5.5.1ds1/thimport.cxx:214:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(strcasecmp(&(this->fname[strlen(this->fname) - strlen(str)]), str) == 0)
data/therion-5.5.1ds1/thimport.cxx:214:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(strcasecmp(&(this->fname[strlen(this->fname) - strlen(str)]), str) == 0)
data/therion-5.5.1ds1/thimport.cxx:350:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(prevsurvey.get_buffer()) == 0) {
data/therion-5.5.1ds1/thimport.cxx:375:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(prevsurvey.get_buffer()) > 0) {
data/therion-5.5.1ds1/thimport.cxx:383:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = (long)strlen(bx);
data/therion-5.5.1ds1/thimport.cxx:467:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
filterl = strlen(this->filter);
data/therion-5.5.1ds1/thimport.cxx:510:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(stnm) < 1)
data/therion-5.5.1ds1/thimport.cxx:551:16: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
args[1] = strcpy(a1, "");
data/therion-5.5.1ds1/thimport.cxx:557:23: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
args[1] = strcpy(a1, "");
data/therion-5.5.1ds1/thinit.cxx:186:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sl = strlen(bf->get_buffer());
data/therion-5.5.1ds1/thinit.cxx:226:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(cpch = 0; cpch < strlen(cpcmd); cpch++) {
data/therion-5.5.1ds1/thinit.cxx:269:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = (long) strlen(buff);
data/therion-5.5.1ds1/thinit.cxx:282:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(pshort.get_buffer()) == 0) ththrow(("invalid font name -- %s", fname))
data/therion-5.5.1ds1/thinit.cxx:291:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(this->ini_file.get_cif_path()) > 0) {
data/therion-5.5.1ds1/thinit.cxx:353:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int pathlen = strlen(this->path_cavern.get_buffer());
data/therion-5.5.1ds1/thinit.cxx:354:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int suflen = strlen("aven.exe");
data/therion-5.5.1ds1/thinit.cxx:356:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
this->path_cavern.get_buffer()[pathlen - strlen("aven.exe")] = 0;
data/therion-5.5.1ds1/thinit.cxx:494:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(args[1]) < 1)
data/therion-5.5.1ds1/thinit.cxx:500:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(args[1]) < 1)
data/therion-5.5.1ds1/thinit.cxx:506:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(args[1]) < 1)
data/therion-5.5.1ds1/thinit.cxx:555:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(args[1]) < 1)
data/therion-5.5.1ds1/thinit.cxx:565:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(args[1]) < 1)
data/therion-5.5.1ds1/thinput.cxx:213:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ifptr_psz = strlen(ifptr->path.get_buffer());
data/therion-5.5.1ds1/thinput.cxx:373:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lnlen = (long)strlen(this->lnbuffer.get());
data/therion-5.5.1ds1/thinput.cxx:387:22: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
this->linebf.strncat(this->lnbuffer.get(), lnlen - 1);
data/therion-5.5.1ds1/thinput.cxx:390:22: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
this->linebf.strncpy(this->lnbuffer.get(), lnlen - 1);
data/therion-5.5.1ds1/thinput.cxx:397:22: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
this->linebf.strncat(this->lnbuffer.get(), lnlen);
data/therion-5.5.1ds1/thinput.cxx:399:22: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
this->linebf.strncpy(this->lnbuffer.get(), lnlen);
data/therion-5.5.1ds1/thinput.cxx:449:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lnlen = (long)strlen(idxptr);
data/therion-5.5.1ds1/thlayout.cxx:908:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(args[1]) > 0)
data/therion-5.5.1ds1/thlayout.cxx:933:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(args[0]) > 0) {
data/therion-5.5.1ds1/thlayout.cxx:942:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(args[0]) > 0) {
data/therion-5.5.1ds1/thlayout.cxx:951:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(args[0]) > 0) {
data/therion-5.5.1ds1/thlayout.cxx:960:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(args[0]) > 0) {
data/therion-5.5.1ds1/thlayout.cxx:969:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(args[0]) > 0) {
data/therion-5.5.1ds1/thlayout.cxx:979:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(args[0]) > 0) {
data/therion-5.5.1ds1/thlayout.cxx:985:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(args[1]) > 0) {
data/therion-5.5.1ds1/thlayout.cxx:1572:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pl = strlen(pp);
data/therion-5.5.1ds1/thlayout.cxx:1590:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(i = (long)strlen(pp); i >= 0; i--) {
data/therion-5.5.1ds1/thlayout.cxx:1800:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((this->def_doc_comment > 0) && (strlen(this->doc_comment) > 0) && (srcl->def_doc_comment > 0)) {
data/therion-5.5.1ds1/thlayout.cxx:2083:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(this->doc_title) > 0)
data/therion-5.5.1ds1/thlayout.cxx:2085:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(this->doc_comment) > 0)
data/therion-5.5.1ds1/thlayout.cxx:2087:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(this->doc_author) > 0)
data/therion-5.5.1ds1/thlayout.cxx:2089:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(this->doc_subject) > 0)
data/therion-5.5.1ds1/thlayout.cxx:2091:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(this->doc_keywords) > 0)
data/therion-5.5.1ds1/thlayout.cxx:2138:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return (strlen(this->m_fn) > 0);
data/therion-5.5.1ds1/thlayout.cxx:2163:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(args[3]) == 0)
data/therion-5.5.1ds1/thline.cxx:125:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(subtype) > 0)
data/therion-5.5.1ds1/thline.cxx:1397:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(ss) > 0)
data/therion-5.5.1ds1/thlogfile.cxx:99:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t fnl = strlen(fname);
data/therion-5.5.1ds1/thlookup.cxx:141:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(args[0]) > 0) {
data/therion-5.5.1ds1/thlookup.cxx:179:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((mbf.get_size() > 0) && (strlen(mbf.get_buffer()[0]) > 0)) {
data/therion-5.5.1ds1/thlookup.cxx:224:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((mbf.get_size() > 1) && (strlen(mbf.get_buffer()[1]) > 0)) {
data/therion-5.5.1ds1/thlookup.cxx:228:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((mbf.get_size() > 2) && (strlen(mbf.get_buffer()[2]) > 0)) {
data/therion-5.5.1ds1/thlookup.cxx:248:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((tr->m_ref == NULL) && (strlen(tr->m_valueString) > 0)) {
data/therion-5.5.1ds1/thlookup.cxx:296:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(tli->m_valueString) == 0) {
data/therion-5.5.1ds1/thlookup.cxx:310:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(tli->m_valueString) == 0) {
data/therion-5.5.1ds1/thlookup.cxx:414:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(tli->m_label) > 0) {
data/therion-5.5.1ds1/thlookup.cxx:425:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(title) == 0)
data/therion-5.5.1ds1/thmbuffer.cxx:80:10: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
dest = strncpy(this->free_ptr, src, n);
data/therion-5.5.1ds1/thmbuffer.cxx:101:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return this->appendn(src, strlen(src));
data/therion-5.5.1ds1/thobjectname.cxx:66:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t snl = strlen(src), sni;
data/therion-5.5.1ds1/thobjectname.cxx:103:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
plen = (this->name != NULL ? strlen(this->name) : 0);
data/therion-5.5.1ds1/thobjectname.cxx:104:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
slen = (this->survey != NULL ? strlen(this->survey) : 0);
data/therion-5.5.1ds1/thobjectname.cxx:129:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
plen = (oname != NULL ? strlen(oname) : 0);
data/therion-5.5.1ds1/thobjectname.cxx:130:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
slen = (sname != NULL ? strlen(sname) : 0);
data/therion-5.5.1ds1/thobjectname.cxx:144:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tx = strlen(rv);
data/therion-5.5.1ds1/thobjectsrc.cxx:33:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return (strlen(this->name) > 0);
data/therion-5.5.1ds1/thparse.cxx:106:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
long srcl = strlen(src),
data/therion-5.5.1ds1/thparse.cxx:123:18: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
dword->strncpy((char *)s1, idx - idx0);
data/therion-5.5.1ds1/thparse.cxx:156:14: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
drest->strncpy((char *) s1, idx - idx0 + 1);
data/therion-5.5.1ds1/thparse.cxx:164:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
long srcl = strlen(src),
data/therion-5.5.1ds1/thparse.cxx:197:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
long srcl = strlen(src),
data/therion-5.5.1ds1/thparse.cxx:229:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
long srcl = strlen(src),
data/therion-5.5.1ds1/thparse.cxx:267:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
long bl = strlen(buf),
data/therion-5.5.1ds1/thparse.cxx:282:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
long srcl = strlen(src),
data/therion-5.5.1ds1/thparse.cxx:384:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
long len = strlen(src);
data/therion-5.5.1ds1/thparse.cxx:390:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
dest->strncpy(src, len);
data/therion-5.5.1ds1/thparse.cxx:396:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t sl = strlen(str), i;
data/therion-5.5.1ds1/thparse.cxx:415:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t sl = strlen(str), i;
data/therion-5.5.1ds1/thparse.cxx:433:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t sl = strlen(str), i;
data/therion-5.5.1ds1/thparse.cxx:448:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t sl = strlen(str), i;
data/therion-5.5.1ds1/thparse.cxx:467:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t sl = strlen(str), i;
data/therion-5.5.1ds1/thparse.cxx:567:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t srcln = strlen(src), srcx = 0;
data/therion-5.5.1ds1/thparse.cxx:617:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t srcln = strlen(src), srcx = 0;
data/therion-5.5.1ds1/thparse.cxx:653:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t srcln = strlen(src), srcx = 0;
data/therion-5.5.1ds1/thparse.cxx:693:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t srcln = strlen(src), srcx = 0;
data/therion-5.5.1ds1/thparse.cxx:739:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t srcln = strlen(src), srcx = 0, tmpl;
data/therion-5.5.1ds1/thparse.cxx:822:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t srcln = strlen(src), srcx = 0;
data/therion-5.5.1ds1/thparse.cxx:861:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t srcln = strlen(src), srcx;
data/therion-5.5.1ds1/thparse.cxx:1011:13: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while(getc(pictf) == 255) {
data/therion-5.5.1ds1/thparse.cxx:1012:18: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
marker = getc(pictf);
data/therion-5.5.1ds1/thparse.cxx:1013:30: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
len = 256 * (size_t) getc(pictf) + (size_t) getc(pictf);
data/therion-5.5.1ds1/thparse.cxx:1013:53: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
len = 256 * (size_t) getc(pictf) + (size_t) getc(pictf);
data/therion-5.5.1ds1/thparse.cxx:1015:11: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
getc(pictf);
data/therion-5.5.1ds1/thparse.cxx:1016:35: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
height = thround(double(getc(pictf)) * 256.0 + double(getc(pictf)));
data/therion-5.5.1ds1/thparse.cxx:1016:65: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
height = thround(double(getc(pictf)) * 256.0 + double(getc(pictf)));
data/therion-5.5.1ds1/thparse.cxx:1017:34: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
width = thround(double(getc(pictf)) * 256.0 + double(getc(pictf)));
data/therion-5.5.1ds1/thparse.cxx:1017:64: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
width = thround(double(getc(pictf)) * 256.0 + double(getc(pictf)));
data/therion-5.5.1ds1/thparse.cxx:1129:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t sx, dx, sl = strlen(src);
data/therion-5.5.1ds1/thparse.cxx:1190:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return ((strlen(fname) > 3) && (fname[1] == ':'));
data/therion-5.5.1ds1/thparse.cxx:1192:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return ((strlen(fname) > 2) && (fname[0] == '/'));
data/therion-5.5.1ds1/thparse.cxx:1210:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strl = strlen(src);
data/therion-5.5.1ds1/thperson.cxx:61:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t sln = strlen(str), idx;
data/therion-5.5.1ds1/thpic.cxx:77:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(pfname) == 0)
data/therion-5.5.1ds1/thpic.cxx:84:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(i = (long)strlen(pp); i >= 0; i--) {
data/therion-5.5.1ds1/thpic.cxx:90:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(pp) == 0)
data/therion-5.5.1ds1/thpic.cxx:94:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(i = (long)strlen(pp); i >= 0; i--) {
data/therion-5.5.1ds1/thpic.cxx:107:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
isspc = (strcspn(thini.get_path_identify()," \t") < strlen(thini.get_path_identify()));
data/therion-5.5.1ds1/thpic.cxx:117:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
isspc = (strcspn(this->fname," \t") < strlen(this->fname));
data/therion-5.5.1ds1/thpic.cxx:124:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
isspc = (strcspn(thpic__tmp," \t") < strlen(thpic__tmp));
data/therion-5.5.1ds1/thpic.cxx:173:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
isspc = (strcspn(thini.get_path_convert()," \t") < strlen(thini.get_path_convert()));
data/therion-5.5.1ds1/thpic.cxx:182:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
isspc = (strcspn(this->fname," \t") < strlen(this->fname));
data/therion-5.5.1ds1/thpic.cxx:189:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
isspc = (strcspn(tmpf," \t") < strlen(tmpf));
data/therion-5.5.1ds1/thpic.cxx:200:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(ccom);
data/therion-5.5.1ds1/thpoint.cxx:152:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(subtype) > 0)
data/therion-5.5.1ds1/thpoint.cxx:516:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((pst != NULL) && (pst->comment != NULL) && (strlen(pst->comment) > 0)) {
data/therion-5.5.1ds1/thpoint.cxx:755:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((this->text != NULL) && (strlen(this->text) > 0)) {
data/therion-5.5.1ds1/thpoint.cxx:1005:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(ss) > 0)
data/therion-5.5.1ds1/thpoint.cxx:1035:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(str) > 0) {
data/therion-5.5.1ds1/thpoint.cxx:1050:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t strl = strlen(str);
data/therion-5.5.1ds1/thpoint.cxx:1059:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(str)) {
data/therion-5.5.1ds1/thscrapis.cxx:1203:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(this->m_scrap->fsptr->full_name) > 0) {
data/therion-5.5.1ds1/thscrapis.cxx:1241:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(this->m_scrap->fsptr->full_name) > 0) {
data/therion-5.5.1ds1/thselector.cxx:85:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(*args) == 0)
data/therion-5.5.1ds1/thselector.cxx:186:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l1 = strlen(this->n1);
data/therion-5.5.1ds1/thselector.cxx:187:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l2 = strlen(ii.n1);
data/therion-5.5.1ds1/thselector.cxx:238:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(ss->get_title()) > 0) {
data/therion-5.5.1ds1/thselector.cxx:346:63: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fprintf(cf," %s %s%s%s",optr->get_name(),optr->get_name(), (strlen(optr->fsptr->full_name) > 0 ? "@" : ""), optr->fsptr->full_name);
data/therion-5.5.1ds1/thselector.cxx:347:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(optr->get_title()) > 0) {
data/therion-5.5.1ds1/thselector.cxx:390:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(prjli->index) > 0)
data/therion-5.5.1ds1/thselector.cxx:501:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((nsrv == NULL) && ((strlen(nobj) == 0) || (strcmp(nobj,"*") == 0))) {
data/therion-5.5.1ds1/thsurface.cxx:227:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(args[0]) == 0)
data/therion-5.5.1ds1/thsurface.cxx:232:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(i = (long)strlen(pp); i >= 0; i--) {
data/therion-5.5.1ds1/thsurface.cxx:238:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(pp) == 0)
data/therion-5.5.1ds1/thsurface.cxx:242:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(i = (long)strlen(pp); i >= 0; i--) {
data/therion-5.5.1ds1/thsurvey.cxx:322:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t fnln = strlen(this->full_name), i1, i2, si; //, ei;
data/therion-5.5.1ds1/thsvg.cxx:136:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
fin.read(in_buffer, 3);
data/therion-5.5.1ds1/thsvxctrl.cxx:597:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nchs = strlen(chch);
data/therion-5.5.1ds1/thsymbolset.cxx:204:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define sgroup(MP) if (strlen(subtypes) == 0) { \
data/therion-5.5.1ds1/thsymbolset.cxx:216:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int ci = 0, slen = (int)strlen(symbol);
data/therion-5.5.1ds1/thsymbolset.cxx:219:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(&(types[0]),symbol,ci);
data/therion-5.5.1ds1/thsymbolset.cxx:221:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(&(subtypes[0]),&(symbol[ci+1]),127);
data/therion-5.5.1ds1/thsymbolset.cxx:223:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(&(types[0]),symbol,127);
data/therion-5.5.1ds1/thsymbolset.cxx:230:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(subtypes) > 0)
data/therion-5.5.1ds1/thsymbolset.cxx:237:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(subtypes) > 0)
data/therion-5.5.1ds1/thsymbolset.cxx:244:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(subtypes) > 0)
data/therion-5.5.1ds1/thsymbolset.cxx:353:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((type == TT_POINT_TYPE_UNKNOWN) && (strlen(subtypes) == 0)) {
data/therion-5.5.1ds1/thsymbolset.cxx:359:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((type == TT_POINT_TYPE_UNKNOWN) && (strlen(subtypes) > 0)) {
data/therion-5.5.1ds1/thsymbolset.cxx:927:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (((mid == 0) || (isused(mid))) && (strlen(txt) > 0)) {\
data/therion-5.5.1ds1/thsymbolset.cxx:1522:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(thT(udef_desc.c_str(), layout->lang)) > 0) {
data/therion-5.5.1ds1/thtmpdir.cxx:85:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(thini.tmp_path.get_buffer()) > 0) {
data/therion-5.5.1ds1/thtmpdir.cxx:172:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(this->tmp_remove_script.get_buffer()) > 0) {
data/therion-5.5.1ds1/thwarp.cxx:130:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fnl = strlen(sketch->m_pic.fname);
data/therion-5.5.1ds1/thwarpp.cxx:88:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fnl = strlen(sketch->m_pic.fname);
ANALYSIS SUMMARY:
Hits = 901
Lines analyzed = 239312 in approximately 13.24 seconds (18072 lines/second)
Physical Source Lines of Code (SLOC) = 199486
Hits@level = [0] 1291 [1] 361 [2] 321 [3] 27 [4] 192 [5] 0
Hits@level+ = [0+] 2192 [1+] 901 [2+] 540 [3+] 219 [4+] 192 [5+] 0
Hits/KSLOC@level+ = [0+] 10.9882 [1+] 4.51661 [2+] 2.70696 [3+] 1.09782 [4+] 0.962474 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.