Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/tinymux-2.10.1.14/src/move.cpp
Examining data/tinymux-2.10.1.14/src/muxcli.h
Examining data/tinymux-2.10.1.14/src/vattr.h
Examining data/tinymux-2.10.1.14/src/alloc.h
Examining data/tinymux-2.10.1.14/src/powers.h
Examining data/tinymux-2.10.1.14/src/slave.cpp
Examining data/tinymux-2.10.1.14/src/unparse.cpp
Examining data/tinymux-2.10.1.14/src/stringutil.cpp
Examining data/tinymux-2.10.1.14/src/timeutil.cpp
Examining data/tinymux-2.10.1.14/src/match.cpp
Examining data/tinymux-2.10.1.14/src/libmux.cpp
Examining data/tinymux-2.10.1.14/src/predicates.cpp
Examining data/tinymux-2.10.1.14/src/look.cpp
Examining data/tinymux-2.10.1.14/src/conf.cpp
Examining data/tinymux-2.10.1.14/src/set.cpp
Examining data/tinymux-2.10.1.14/src/alarm.cpp
Examining data/tinymux-2.10.1.14/src/wild.cpp
Examining data/tinymux-2.10.1.14/src/svdrand.h
Examining data/tinymux-2.10.1.14/src/modules.cpp
Examining data/tinymux-2.10.1.14/src/comsys.cpp
Examining data/tinymux-2.10.1.14/src/vattr.cpp
Examining data/tinymux-2.10.1.14/src/help.cpp
Examining data/tinymux-2.10.1.14/src/game.cpp
Examining data/tinymux-2.10.1.14/src/externs.h
Examining data/tinymux-2.10.1.14/src/speech.cpp
Examining data/tinymux-2.10.1.14/src/mail.h
Examining data/tinymux-2.10.1.14/src/log.cpp
Examining data/tinymux-2.10.1.14/src/htab.cpp
Examining data/tinymux-2.10.1.14/src/modules.h
Examining data/tinymux-2.10.1.14/src/pcre.cpp
Examining data/tinymux-2.10.1.14/src/sha1.h
Examining data/tinymux-2.10.1.14/src/db_rw.cpp
Examining data/tinymux-2.10.1.14/src/mathutil.cpp
Examining data/tinymux-2.10.1.14/src/db.cpp
Examining data/tinymux-2.10.1.14/src/mguests.h
Examining data/tinymux-2.10.1.14/src/bsd.cpp
Examining data/tinymux-2.10.1.14/src/player.cpp
Examining data/tinymux-2.10.1.14/src/htab.h
Examining data/tinymux-2.10.1.14/src/plusemail.cpp
Examining data/tinymux-2.10.1.14/src/misc.h
Examining data/tinymux-2.10.1.14/src/copyright.h
Examining data/tinymux-2.10.1.14/src/svdrand.cpp
Examining data/tinymux-2.10.1.14/src/help.h
Examining data/tinymux-2.10.1.14/src/slave.h
Examining data/tinymux-2.10.1.14/src/utf8tables.h
Examining data/tinymux-2.10.1.14/src/command.cpp
Examining data/tinymux-2.10.1.14/src/flags.cpp
Examining data/tinymux-2.10.1.14/src/quota.cpp
Examining data/tinymux-2.10.1.14/src/_build.cpp
Examining data/tinymux-2.10.1.14/src/cque.cpp
Examining data/tinymux-2.10.1.14/src/powers.cpp
Examining data/tinymux-2.10.1.14/src/muxcli.cpp
Examining data/tinymux-2.10.1.14/src/sha1.cpp
Examining data/tinymux-2.10.1.14/src/walkdb.cpp
Examining data/tinymux-2.10.1.14/src/rob.cpp
Examining data/tinymux-2.10.1.14/src/levels.h
Examining data/tinymux-2.10.1.14/src/object.cpp
Examining data/tinymux-2.10.1.14/src/levels.cpp
Examining data/tinymux-2.10.1.14/src/timedelta.cpp
Examining data/tinymux-2.10.1.14/src/mudconf.h
Examining data/tinymux-2.10.1.14/src/timeabsolute.cpp
Examining data/tinymux-2.10.1.14/src/comsys.h
Examining data/tinymux-2.10.1.14/src/funceval.cpp
Examining data/tinymux-2.10.1.14/src/netcommon.cpp
Examining data/tinymux-2.10.1.14/src/attrcache.cpp
Examining data/tinymux-2.10.1.14/src/eval.cpp
Examining data/tinymux-2.10.1.14/src/stubslave.cpp
Examining data/tinymux-2.10.1.14/src/mail.cpp
Examining data/tinymux-2.10.1.14/src/funceval2.cpp
Examining data/tinymux-2.10.1.14/src/boolexp.cpp
Examining data/tinymux-2.10.1.14/src/strtod.cpp
Examining data/tinymux-2.10.1.14/src/file_c.h
Examining data/tinymux-2.10.1.14/src/tools/announce.c
Examining data/tinymux-2.10.1.14/src/ansi.h
Examining data/tinymux-2.10.1.14/src/libmux.h
Examining data/tinymux-2.10.1.14/src/timeutil.h
Examining data/tinymux-2.10.1.14/src/funmath.h
Examining data/tinymux-2.10.1.14/src/utf8tables.cpp
Examining data/tinymux-2.10.1.14/src/functions.h
Examining data/tinymux-2.10.1.14/src/stringutil.h
Examining data/tinymux-2.10.1.14/src/version.cpp
Examining data/tinymux-2.10.1.14/src/unsplit.cpp
Examining data/tinymux-2.10.1.14/src/db.h
Examining data/tinymux-2.10.1.14/src/interface.h
Examining data/tinymux-2.10.1.14/src/timezone.cpp
Examining data/tinymux-2.10.1.14/src/funmath.cpp
Examining data/tinymux-2.10.1.14/src/alloc.cpp
Examining data/tinymux-2.10.1.14/src/timer.cpp
Examining data/tinymux-2.10.1.14/src/attrcache.h
Examining data/tinymux-2.10.1.14/src/player_c.cpp
Examining data/tinymux-2.10.1.14/src/mathutil.h
Examining data/tinymux-2.10.1.14/src/match.h
Examining data/tinymux-2.10.1.14/src/command.h
Examining data/tinymux-2.10.1.14/src/mguests.cpp
Examining data/tinymux-2.10.1.14/src/config.h
Examining data/tinymux-2.10.1.14/src/local.cpp
Examining data/tinymux-2.10.1.14/src/timeparser.cpp
Examining data/tinymux-2.10.1.14/src/flags.h
Examining data/tinymux-2.10.1.14/src/svdhash.cpp
Examining data/tinymux-2.10.1.14/src/modules/sqlslave.cpp
Examining data/tinymux-2.10.1.14/src/modules/sample.cpp
Examining data/tinymux-2.10.1.14/src/modules/sum.h
Examining data/tinymux-2.10.1.14/src/modules/sql.h
Examining data/tinymux-2.10.1.14/src/modules/sqlproxy.cpp
Examining data/tinymux-2.10.1.14/src/modules/sample.h
Examining data/tinymux-2.10.1.14/src/modules/sum.cpp
Examining data/tinymux-2.10.1.14/src/wiz.cpp
Examining data/tinymux-2.10.1.14/src/_build.h
Examining data/tinymux-2.10.1.14/src/create.cpp
Examining data/tinymux-2.10.1.14/src/svdhash.h
Examining data/tinymux-2.10.1.14/src/functions.cpp
Examining data/tinymux-2.10.1.14/src/file_c.cpp
Examining data/tinymux-2.10.1.14/src/attrs.h
Examining data/tinymux-2.10.1.14/src/pcre.h
FINAL RESULTS:
data/tinymux-2.10.1.14/src/bsd.cpp:503:9: [4] (shell) execlp:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execlp("bin/stubslave", "stubslave", (char *)NULL);
data/tinymux-2.10.1.14/src/bsd.cpp:717:9: [4] (shell) execlp:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execlp("bin/slave", "slave", (char *)NULL);
data/tinymux-2.10.1.14/src/bsd.cpp:792:9: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (sscanf((char *)buf, "%s %s", host_address, host_name) != 2)
data/tinymux-2.10.1.14/src/bsd.cpp:4814:13: [4] (shell) execl:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execl("bin/netmux", mudconf.mud_name, "-c", mudconf.config_file, "-p", mudconf.pid_file, "-e", mudconf.log_dir, (char *)NULL);
data/tinymux-2.10.1.14/src/bsd.cpp:4816:13: [4] (shell) execl:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execl("bin/netmux", "netmux", "-c", mudconf.config_file, "-p", mudconf.pid_file, "-e", mudconf.log_dir, (char *)NULL);
data/tinymux-2.10.1.14/src/comsys.cpp:3137:17: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access)
data/tinymux-2.10.1.14/src/comsys.cpp:3141:33: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
ch->type |= access;
data/tinymux-2.10.1.14/src/comsys.cpp:3146:34: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
ch->type &= ~access;
data/tinymux-2.10.1.14/src/comsys.cpp:3173:17: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access)
data/tinymux-2.10.1.14/src/comsys.cpp:3177:33: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
ch->type |= access;
data/tinymux-2.10.1.14/src/comsys.cpp:3182:34: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
ch->type &= ~access;
data/tinymux-2.10.1.14/src/comsys.cpp:3198:9: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
int access;
data/tinymux-2.10.1.14/src/comsys.cpp:3207:29: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
return ( (chan->type & access) != 0
data/tinymux-2.10.1.14/src/comsys.cpp:3218:9: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
int access;
data/tinymux-2.10.1.14/src/comsys.cpp:3227:29: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
return ( (chan->type & access) != 0
data/tinymux-2.10.1.14/src/comsys.cpp:3239:9: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
int access;
data/tinymux-2.10.1.14/src/comsys.cpp:3248:29: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
return ( (chan->type & access) != 0
data/tinymux-2.10.1.14/src/config.h:266:15: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
extern int fprintf(FILE *, const char *, ...);
data/tinymux-2.10.1.14/src/config.h:267:15: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
extern int printf(const char *, ...);
data/tinymux-2.10.1.14/src/config.h:268:15: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
extern int sscanf(const char *, const char *, ...);
data/tinymux-2.10.1.14/src/config.h:425:9: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
#define popen _popen
data/tinymux-2.10.1.14/src/externs.h:105:18: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
extern "C" char *crypt(const char *inptr, const char *inkey);
data/tinymux-2.10.1.14/src/functions.cpp:5161:17: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat((char *)levelbuff, (char *)mudconf.reality_level[i].name);
data/tinymux-2.10.1.14/src/functions.cpp:5194:17: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat((char *)levelbuff, (char *)mudconf.reality_level[i].name);
data/tinymux-2.10.1.14/src/game.cpp:1484:13: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
f = popen((char *)tprintf(T("%s > %s"), mudconf.compress, tmpfile), POPEN_WRITE_OP);
data/tinymux-2.10.1.14/src/game.cpp:1838:17: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
f = popen((char *)tprintf(T(" %s < %s"), mudconf.uncompress, infile), POPEN_READ_OP);
data/tinymux-2.10.1.14/src/player.cpp:621:24: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
return (UTF8 *)crypt((char *)szPassword, (char *)szSetting);
data/tinymux-2.10.1.14/src/predicates.cpp:1631:5: [4] (shell) execl:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execl("bin/netmux", mudconf.mud_name, "-c", mudconf.config_file, "-p",
data/tinymux-2.10.1.14/src/predicates.cpp:1634:5: [4] (shell) execl:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execl("bin/netmux", "netmux", "-c", mudconf.config_file, "-p",
data/tinymux-2.10.1.14/src/predicates.cpp:1686:5: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system((char *)tprintf(T("./_backupflat.sh %s.FLAT 1>&2"), mudconf.indb));
data/tinymux-2.10.1.14/src/predicates.cpp:1692:5: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system((char *)tprintf(T("./_backupflat.sh 1>&2")));
data/tinymux-2.10.1.14/src/sha1.cpp:232:17: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf("Failed. Expected 0x%02X. Found 0x%02X" ENDLINE, vectors[i].md[j], md[j]);
data/tinymux-2.10.1.14/src/svdhash.cpp:2836:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(file, idr->filename);
data/tinymux-2.10.1.14/src/svdhash.cpp:2878:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(idr->filename, file);
data/tinymux-2.10.1.14/src/bsd.cpp:1202:9: [3] (misc) InitializeCriticalSection:
Exceptions can be thrown in low-memory situations. Use
InitializeCriticalSectionAndSpinCount instead.
InitializeCriticalSection(&csDescriptorList);
data/tinymux-2.10.1.14/src/bsd.cpp:2156:13: [3] (misc) EnterCriticalSection:
On some versions of Windows, exceptions can be thrown in low-memory
situations. Use InitializeCriticalSectionAndSpinCount instead.
EnterCriticalSection(&csDescriptorList);
data/tinymux-2.10.1.14/src/bsd.cpp:2246:5: [3] (misc) EnterCriticalSection:
On some versions of Windows, exceptions can be thrown in low-memory
situations. Use InitializeCriticalSectionAndSpinCount instead.
EnterCriticalSection(&csDescriptorList);
data/tinymux-2.10.1.14/src/bsd.cpp:2344:5: [3] (misc) EnterCriticalSection:
On some versions of Windows, exceptions can be thrown in low-memory
situations. Use InitializeCriticalSectionAndSpinCount instead.
EnterCriticalSection(&csDescriptorList);
data/tinymux-2.10.1.14/src/bsd.cpp:2412:5: [3] (misc) EnterCriticalSection:
On some versions of Windows, exceptions can be thrown in low-memory
situations. Use InitializeCriticalSectionAndSpinCount instead.
EnterCriticalSection (&csDescriptorList);
data/tinymux-2.10.1.14/src/bsd.cpp:5089:9: [3] (misc) EnterCriticalSection:
On some versions of Windows, exceptions can be thrown in low-memory
situations. Use InitializeCriticalSectionAndSpinCount instead.
EnterCriticalSection(&csDescriptorList);
data/tinymux-2.10.1.14/src/game.cpp:3112:29: [3] (misc) LoadLibrary:
Ensure that the full path to the library is specified, or current directory
may be used (CWE-829, CWE-20). Use registry entry or GetWindowsDirectory to
find library path, if you aren't already.
HINSTANCE hInstWs2_32 = LoadLibrary(L"ws2_32");
data/tinymux-2.10.1.14/src/game.cpp:3137:33: [3] (misc) LoadLibrary:
Ensure that the full path to the library is specified, or current directory
may be used (CWE-829, CWE-20). Use registry entry or GetWindowsDirectory to
find library path, if you aren't already.
HINSTANCE hInstWship6 = LoadLibrary(L"wship6");
data/tinymux-2.10.1.14/src/libmux.cpp:27:22: [3] (misc) LoadLibrary:
Ensure that the full path to the library is specified, or current directory
may be used (CWE-829, CWE-20). Use registry entry or GetWindowsDirectory to
find library path, if you aren't already.
#define MOD_OPEN(m) LoadLibrary(m)
data/tinymux-2.10.1.14/src/log.cpp:383:5: [3] (misc) EnterCriticalSection:
On some versions of Windows, exceptions can be thrown in low-memory
situations. Use InitializeCriticalSectionAndSpinCount instead.
EnterCriticalSection(&csLog);
data/tinymux-2.10.1.14/src/log.cpp:636:5: [3] (misc) InitializeCriticalSection:
Exceptions can be thrown in low-memory situations. Use
InitializeCriticalSectionAndSpinCount instead.
InitializeCriticalSection(&csLog);
data/tinymux-2.10.1.14/src/attrcache.cpp:299:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)(pCacheEntry+1), TempRecord.attrText, nLength);
data/tinymux-2.10.1.14/src/attrcache.cpp:369:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(TempRecord.attrText, value, len);
data/tinymux-2.10.1.14/src/attrcache.cpp:394:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(TempRecord.attrText, value, len);
data/tinymux-2.10.1.14/src/attrcache.cpp:431:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)(pCacheEntry+1), TempRecord.attrText, len);
data/tinymux-2.10.1.14/src/boolexp.cpp:294:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char parsestore[LBUF_SIZE];
data/tinymux-2.10.1.14/src/boolexp.cpp:711:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(parsestore, buf, n+1);
data/tinymux-2.10.1.14/src/bsd.cpp:562:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[LBUF_SIZE];
data/tinymux-2.10.1.14/src/bsd.cpp:593:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[LBUF_SIZE];
data/tinymux-2.10.1.14/src/bsd.cpp:2674:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char nvt_input_xlat_table[256] =
data/tinymux-2.10.1.14/src/bsd.cpp:2771:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[100];
data/tinymux-2.10.1.14/src/bsd.cpp:2860:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char aWont[3] = { NVT_IAC, NVT_WONT, 0 };
data/tinymux-2.10.1.14/src/bsd.cpp:2947:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char aEnvReq[2] = { TELNETSB_VAR, TELNETSB_USERVAR };
data/tinymux-2.10.1.14/src/bsd.cpp:3754:29: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(d->ttype, pTermType, nTermType);
data/tinymux-2.10.1.14/src/bsd.cpp:3836:37: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(varname, pVarnameStart, nVarname);
data/tinymux-2.10.1.14/src/bsd.cpp:3838:37: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(varval, pVarvalStart, nVarval);
data/tinymux-2.10.1.14/src/bsd.cpp:3879:41: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(d->username, varval, nVarval + 1);
data/tinymux-2.10.1.14/src/bsd.cpp:4113:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[LBUF_SIZE];
data/tinymux-2.10.1.14/src/bsd.cpp:4443:56: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
&& strcmp((char *)tsn->pShortName, (char *)SysSigNames[sig]) != 0)
data/tinymux-2.10.1.14/src/command.cpp:1936:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(check2, pCommand, nPrefix);
data/tinymux-2.10.1.14/src/command.cpp:3656:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(field, value, n);
data/tinymux-2.10.1.14/src/command.cpp:3677:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(field, buffer, n);
data/tinymux-2.10.1.14/src/comsys.cpp:134:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Buffer, pAlias, n);
data/tinymux-2.10.1.14/src/comsys.cpp:524:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ch->name, temp, nChannel);
data/tinymux-2.10.1.14/src/comsys.cpp:536:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ch->header, temp, nHeader);
data/tinymux-2.10.1.14/src/comsys.cpp:625:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(user, &t_user, sizeof(struct comuser));
data/tinymux-2.10.1.14/src/comsys.cpp:715:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ch->name, pBufferUnicode, nChannel);
data/tinymux-2.10.1.14/src/comsys.cpp:740:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ch->header, pBufferUnicode, nHeader);
data/tinymux-2.10.1.14/src/comsys.cpp:891:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(user, &t_user, sizeof(struct comuser));
data/tinymux-2.10.1.14/src/comsys.cpp:980:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[LBUF_SIZE];
data/tinymux-2.10.1.14/src/comsys.cpp:1044:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[200];
data/tinymux-2.10.1.14/src/comsys.cpp:1070:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[200];
data/tinymux-2.10.1.14/src/comsys.cpp:2182:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(c->alias + where * ALIAS_SIZE, pValidAlias, nValidAlias);
data/tinymux-2.10.1.14/src/comsys.cpp:2375:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newchannel->header, Buffer, fldChannel.m_byte + 1);
data/tinymux-2.10.1.14/src/comsys.cpp:2386:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newchannel->name, pNameNoANSI, nNameNoANSI);
data/tinymux-2.10.1.14/src/comsys.cpp:3268:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(alias, cmd, t - cmd);
data/tinymux-2.10.1.14/src/comsys.cpp:3596:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ch->header, NewHeader_ANSI, nLen.m_byte + 1);
data/tinymux-2.10.1.14/src/comsys.cpp:3911:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
if (!strcmp((char *)fargs[1], (char *)cc->channels[i]))
data/tinymux-2.10.1.14/src/conf.cpp:494:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy((char *)mc->reality_level[mc->no_levels].attr, "DESC");
data/tinymux-2.10.1.14/src/conf.cpp:736:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pc, str, nStr+1);
data/tinymux-2.10.1.14/src/conf.cpp:1385:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(q, mudstate.aHelpDesc, sizeof(HELP_DESC)*mudstate.mHelpDesc);
data/tinymux-2.10.1.14/src/conf.cpp:2245:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buff, mudconf.indb, nInDB);
data/tinymux-2.10.1.14/src/conf.cpp:2246:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buff + nInDB, pSuffix, nSuffix+1);
data/tinymux-2.10.1.14/src/config.h:117:9: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define bcopy(s,d,n) memmove(d,s,n)
data/tinymux-2.10.1.14/src/cque.cpp:784:34: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
nLenEnv[a] = strlen((char *)args[a]) + 1;
data/tinymux-2.10.1.14/src/cque.cpp:799:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tptr, command, nCommand);
data/tinymux-2.10.1.14/src/cque.cpp:808:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tptr, args[a], nLenEnv[a]);
data/tinymux-2.10.1.14/src/db.cpp:634:33: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
nName = strlen((char *)db[thing].name);
data/tinymux-2.10.1.14/src/db.cpp:706:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tbuff, pMoniker, nMoniker+1);
data/tinymux-2.10.1.14/src/db.cpp:1755:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tbuff, *buffer, *bufsiz);
data/tinymux-2.10.1.14/src/db.cpp:1802:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mudstate.mod_alist, astr, len+1);
data/tinymux-2.10.1.14/src/db.cpp:2023:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(oattr, cp, (*pLen) + 1);
data/tinymux-2.10.1.14/src/db.cpp:2226:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(list, db[thing].pALHead, lo * sizeof(ATRLIST));
data/tinymux-2.10.1.14/src/db.cpp:2233:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( list + lo + 1,
data/tinymux-2.10.1.14/src/db.cpp:2810:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mudstate.iter_alist.data, astr, alen+1);
data/tinymux-2.10.1.14/src/db.cpp:3012:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newdb, db, (mudstate.db_top + SIZE_HACK) * sizeof(OBJ));
data/tinymux-2.10.1.14/src/db.cpp:3039:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newmarkbuf, mudstate.markbits, marksize);
data/tinymux-2.10.1.14/src/db.cpp:3162:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char decode_table[256] =
data/tinymux-2.10.1.14/src/db.cpp:3386:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char encode_table[256] =
data/tinymux-2.10.1.14/src/db.cpp:3685:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[8];
data/tinymux-2.10.1.14/src/db.cpp:3749:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mudstate.doing_hdr, pBuffer, nBuffer+1);
data/tinymux-2.10.1.14/src/db.cpp:3810:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(d->ttype, temp, nBuffer + 1);
data/tinymux-2.10.1.14/src/db.cpp:3845:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(d->output_prefix, pBufferUnicode, nBufferUnicode+1);
data/tinymux-2.10.1.14/src/db.cpp:3858:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(d->output_suffix, pBufferUnicode, nBufferUnicode+1);
data/tinymux-2.10.1.14/src/db.cpp:3868:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(d->addr, pBufferUnicode, nBufferUnicode+1);
data/tinymux-2.10.1.14/src/db.cpp:3873:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(d->doing, pBufferUnicode, nBufferUnicode+1);
data/tinymux-2.10.1.14/src/db.cpp:3878:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(d->username, pBufferUnicode, nBufferUnicode+1);
data/tinymux-2.10.1.14/src/db.cpp:3892:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(d->output_prefix, pBufferUnicode, nBufferUnicode+1);
data/tinymux-2.10.1.14/src/db.cpp:3906:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(d->output_suffix, pBufferUnicode, nBufferUnicode+1);
data/tinymux-2.10.1.14/src/db.cpp:3917:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(d->addr, pBufferUnicode, nBufferUnicode+1);
data/tinymux-2.10.1.14/src/db.cpp:3923:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(d->doing, pBufferUnicode, nBufferUnicode+1);
data/tinymux-2.10.1.14/src/db.cpp:3929:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(d->username, pBufferUnicode, nBufferUnicode+1);
data/tinymux-2.10.1.14/src/db.cpp:4015:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, pNewName, n);
data/tinymux-2.10.1.14/src/db_rw.cpp:912:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pBuffer, vp->name, nNameLength);
data/tinymux-2.10.1.14/src/eval.cpp:121:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char isSpecial_L4[256] =
data/tinymux-2.10.1.14/src/eval.cpp:144:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const signed char mux_RegisterSet[256] =
data/tinymux-2.10.1.14/src/eval.cpp:1053:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char isSpecial_L2[256] =
data/tinymux-2.10.1.14/src/eval.cpp:1364:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*bufc, pStr + iStr, n);
data/tinymux-2.10.1.14/src/eval.cpp:2120:37: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mux_scratch, pStr + iStr, n);
data/tinymux-2.10.1.14/src/eval.cpp:2430:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buff, mux_scratch, nPos + 1);
data/tinymux-2.10.1.14/src/eval.cpp:2544:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(last_ptr, ptr, nSize);
data/tinymux-2.10.1.14/src/externs.h:172:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const signed char mux_RegisterSet[256];
data/tinymux-2.10.1.14/src/flags.cpp:1345:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pAlias, pCheckedAlias, nAlias+1);
data/tinymux-2.10.1.14/src/flags.cpp:1356:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pNewName, pCheckedNewName, nNewName+1);
data/tinymux-2.10.1.14/src/funceval2.cpp:1074:38: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
|| 0 != strcmp((char *)result,
data/tinymux-2.10.1.14/src/funceval2.cpp:1075:38: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(char *)(fargs[1] +
data/tinymux-2.10.1.14/src/funceval2.cpp:1092:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&htab[nHashSlot], &htab[htab[nHashSlot].iNext],
data/tinymux-2.10.1.14/src/funceval2.cpp:1656:68: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
UTF8 *tp = grep_util(executor, it, fargs[1], fargs[2], strlen((char *)fargs[2]), bCaseInsens);
data/tinymux-2.10.1.14/src/funceval2.cpp:1699:33: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
if (fargs[i] && strcmp((char *)amax, (char *)fargs[i]) < 0)
data/tinymux-2.10.1.14/src/funceval2.cpp:1699:47: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
if (fargs[i] && strcmp((char *)amax, (char *)fargs[i]) < 0)
data/tinymux-2.10.1.14/src/funceval2.cpp:1721:33: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
if (fargs[i] && strcmp((char *)amin, (char *)fargs[i]) > 0)
data/tinymux-2.10.1.14/src/funceval2.cpp:1721:47: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
if (fargs[i] && strcmp((char *)amin, (char *)fargs[i]) > 0)
data/tinymux-2.10.1.14/src/funceval2.cpp:2294:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sep.str, " ", 2);
data/tinymux-2.10.1.14/src/funceval2.cpp:2538:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pNewMasks, pMasks, (nInts+nBitsPer)*sizeof(UINT32));
data/tinymux-2.10.1.14/src/functions.cpp:377:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sep->str, tstr, tlen+1);
data/tinymux-2.10.1.14/src/functions.cpp:382:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sep->str, " ", 2);
data/tinymux-2.10.1.14/src/functions.cpp:396:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sep->str, "\r\n", 3);
data/tinymux-2.10.1.14/src/functions.cpp:403:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sep->str, tstr, tlen);
data/tinymux-2.10.1.14/src/functions.cpp:428:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sep->str, " ", 2);
data/tinymux-2.10.1.14/src/functions.cpp:1756:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
if (!strcmp((char *)mybuffer, (char *)fargs[0]))
data/tinymux-2.10.1.14/src/functions.cpp:1756:40: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
if (!strcmp((char *)mybuffer, (char *)fargs[0]))
data/tinymux-2.10.1.14/src/functions.cpp:1784:55: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
if (!mux_stricmp(fargs[1]+strspn((char *)fargs[1], " "), mybuffer+2))
data/tinymux-2.10.1.14/src/functions.cpp:3463:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
n = strlen((char *)fargs[0]);
data/tinymux-2.10.1.14/src/functions.cpp:3572:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
x = strcmp((char *)fargs[0], (char *)fargs[1]);
data/tinymux-2.10.1.14/src/functions.cpp:3572:35: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
x = strcmp((char *)fargs[0], (char *)fargs[1]);
data/tinymux-2.10.1.14/src/functions.cpp:4679:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
if (!strcmp((char *)fargs[1], (char *)r))
data/tinymux-2.10.1.14/src/functions.cpp:6001:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pBuffer, pANSI, nANSI);
data/tinymux-2.10.1.14/src/functions.cpp:6025:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pBuffer, pANSI, nANSI);
data/tinymux-2.10.1.14/src/functions.cpp:6048:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest, src, nLen);
data/tinymux-2.10.1.14/src/functions.cpp:6524:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
if (strcmp((char *)p2, (char *)fargs[2]) == 0)
data/tinymux-2.10.1.14/src/functions.cpp:6524:33: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
if (strcmp((char *)p2, (char *)fargs[2]) == 0)
data/tinymux-2.10.1.14/src/functions.cpp:6565:30: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
size_t len = strlen((char *)fargs[0]);
data/tinymux-2.10.1.14/src/functions.cpp:6593:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*bufc, fargs[0], len);
data/tinymux-2.10.1.14/src/functions.cpp:6600:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*bufc, fargs[0], nPartial);
data/tinymux-2.10.1.14/src/functions.cpp:9011:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
size_t n = strlen((char *)fargs[1]);
data/tinymux-2.10.1.14/src/functions.cpp:9035:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
size_t n = strlen((char *)fargs[1]);
data/tinymux-2.10.1.14/src/functions.cpp:9707:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
if (!strcmp((char *)fargs[6], "@@"))
data/tinymux-2.10.1.14/src/functions.cpp:9820:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, reTable[i].pName, reTable[i].nName);
data/tinymux-2.10.1.14/src/functions.cpp:10687:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char AccentCombo1[128] =
data/tinymux-2.10.1.14/src/functions.cpp:10703:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char AccentCombo2[128] =
data/tinymux-2.10.1.14/src/functions.cpp:11458:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Buffer, pCased, nLen);
data/tinymux-2.10.1.14/src/funmath.cpp:369:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
if (strcmp((char *)fargs[0], (char *)fargs[1]) != 0)
data/tinymux-2.10.1.14/src/funmath.cpp:369:39: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
if (strcmp((char *)fargs[0], (char *)fargs[1]) != 0)
data/tinymux-2.10.1.14/src/funmath.cpp:402:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
if (strcmp((char *)fargs[0], (char *)fargs[1]) != 0)
data/tinymux-2.10.1.14/src/funmath.cpp:402:39: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
if (strcmp((char *)fargs[0], (char *)fargs[1]) != 0)
data/tinymux-2.10.1.14/src/funmath.cpp:2788:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
size_t n = strlen((char *)fargs[i]);
data/tinymux-2.10.1.14/src/funmath.cpp:2830:52: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
SHA1_Update(&shac, fargs[i], strlen((const char *)fargs[i]));
data/tinymux-2.10.1.14/src/funmath.cpp:2861:52: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const EVP_MD *mp = EVP_get_digestbyname((const char *)fargs[0]);
data/tinymux-2.10.1.14/src/funmath.cpp:2873:56: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
EVP_DigestUpdate(&ctx, fargs[i], strlen((const char *)fargs[i]));
data/tinymux-2.10.1.14/src/game.cpp:149:34: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
if (pcre_copy_substring((char *)str, ovec, matches, i,
data/tinymux-2.10.1.14/src/game.cpp:150:34: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(char *)args[i], LBUF_SIZE) < 0)
data/tinymux-2.10.1.14/src/game.cpp:1375:10: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
UTF8 tmpfile[SIZEOF_PATHNAME+32];
data/tinymux-2.10.1.14/src/game.cpp:1422:25: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
mux_sprintf(tmpfile, sizeof(tmpfile), T("%s.#%d#"), outfn, mudstate.epoch);
data/tinymux-2.10.1.14/src/game.cpp:1422:41: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
mux_sprintf(tmpfile, sizeof(tmpfile), T("%s.#%d#"), outfn, mudstate.epoch);
data/tinymux-2.10.1.14/src/game.cpp:1423:24: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
RemoveFile(tmpfile);
data/tinymux-2.10.1.14/src/game.cpp:1424:35: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
bOpen = mux_fopen(&f, tmpfile, T("wb"));
data/tinymux-2.10.1.14/src/game.cpp:1444:29: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
ReplaceFile(tmpfile, outfn);
data/tinymux-2.10.1.14/src/game.cpp:1479:21: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
mux_sprintf(tmpfile, sizeof(tmpfile), T("%s.#%d#.gz"), mudconf.outdb, mudstate.epoch - 1);
data/tinymux-2.10.1.14/src/game.cpp:1479:37: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
mux_sprintf(tmpfile, sizeof(tmpfile), T("%s.#%d#.gz"), mudconf.outdb, mudstate.epoch - 1);
data/tinymux-2.10.1.14/src/game.cpp:1480:20: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
RemoveFile(tmpfile);
data/tinymux-2.10.1.14/src/game.cpp:1481:21: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
mux_sprintf(tmpfile, sizeof(tmpfile), T("%s.#%d#.gz"), mudconf.outdb, mudstate.epoch);
data/tinymux-2.10.1.14/src/game.cpp:1481:37: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
mux_sprintf(tmpfile, sizeof(tmpfile), T("%s.#%d#.gz"), mudconf.outdb, mudstate.epoch);
data/tinymux-2.10.1.14/src/game.cpp:1484:67: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
f = popen((char *)tprintf(T("%s > %s"), mudconf.compress, tmpfile), POPEN_WRITE_OP);
data/tinymux-2.10.1.14/src/game.cpp:1495:29: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
if (ReplaceFile(tmpfile, outfn) < 0)
data/tinymux-2.10.1.14/src/game.cpp:1497:87: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
log_perror(T("SAV"), T("FAIL"), T("Renaming output file to DB file"), tmpfile);
data/tinymux-2.10.1.14/src/game.cpp:1502:59: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
log_perror(T("SAV"), T("FAIL"), T("Opening"), tmpfile);
data/tinymux-2.10.1.14/src/game.cpp:1508:21: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
mux_sprintf(tmpfile, sizeof(tmpfile), T("%s.#%d#"), mudconf.outdb, mudstate.epoch - 1);
data/tinymux-2.10.1.14/src/game.cpp:1508:37: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
mux_sprintf(tmpfile, sizeof(tmpfile), T("%s.#%d#"), mudconf.outdb, mudstate.epoch - 1);
data/tinymux-2.10.1.14/src/game.cpp:1509:20: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
RemoveFile(tmpfile);
data/tinymux-2.10.1.14/src/game.cpp:1510:21: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
mux_sprintf(tmpfile, sizeof(tmpfile), T("%s.#%d#"), mudconf.outdb, mudstate.epoch);
data/tinymux-2.10.1.14/src/game.cpp:1510:37: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
mux_sprintf(tmpfile, sizeof(tmpfile), T("%s.#%d#"), mudconf.outdb, mudstate.epoch);
data/tinymux-2.10.1.14/src/game.cpp:1512:27: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
if (mux_fopen(&f, tmpfile, T("wb")))
data/tinymux-2.10.1.14/src/game.cpp:1522:29: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
if (ReplaceFile(tmpfile, mudconf.outdb) < 0)
data/tinymux-2.10.1.14/src/game.cpp:1524:87: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
log_perror(T("SAV"), T("FAIL"), T("Renaming output file to DB file"), tmpfile);
data/tinymux-2.10.1.14/src/game.cpp:1529:59: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
log_perror(T("SAV"), T("FAIL"), T("Opening"), tmpfile);
data/tinymux-2.10.1.14/src/game.cpp:3660:22: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
*pFile = fopen((char *)filename, (char *)mode);
data/tinymux-2.10.1.14/src/game.cpp:3686:20: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
*pfh = open((char *)filename, oflag, 0600);
data/tinymux-2.10.1.14/src/help.cpp:260:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Buffer, topic, nTopic+1);
data/tinymux-2.10.1.14/src/htab.cpp:134:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(htab_rec.aKey, pKey, nKey);
data/tinymux-2.10.1.14/src/interface.h:167:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char input_buffer[SIZEOF_OVERLAPPED_BUFFERS]; // buffer for reading
data/tinymux-2.10.1.14/src/interface.h:195:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char aOption[SBUF_SIZE];
data/tinymux-2.10.1.14/src/libmux.cpp:152:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, pString, n+1);
data/tinymux-2.10.1.14/src/libmux.cpp:174:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, pString, (n+1) * sizeof(UTF16));
data/tinymux-2.10.1.14/src/libmux.cpp:1809:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pFree, p, nCopy);
data/tinymux-2.10.1.14/src/libmux.cpp:1933:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pch, pBlock->pBuffer, nCopy);
data/tinymux-2.10.1.14/src/libmux.h:148:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char aBuffer[QUEUE_BLOCK_SIZE];
data/tinymux-2.10.1.14/src/log.cpp:403:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_aBuffer + m_nBuffer, pString, nToMove);
data/tinymux-2.10.1.14/src/look.cpp:905:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&cattr, pattr, sizeof(ATTR));
data/tinymux-2.10.1.14/src/look.cpp:2628:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pShortAndStrippedName, p, len+1);
data/tinymux-2.10.1.14/src/mail.cpp:111:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( newdb,
data/tinymux-2.10.1.14/src/mail.cpp:445:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(q, aNew, nNew);
data/tinymux-2.10.1.14/src/mail.cpp:1458:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, mse->pYes, mse->nYes);
data/tinymux-2.10.1.14/src/mail.cpp:1464:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, mse->pNo, mse->nNo);
data/tinymux-2.10.1.14/src/mail.cpp:3140:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nbuf1[200];
data/tinymux-2.10.1.14/src/mail.cpp:4013:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, head, tail-head);
data/tinymux-2.10.1.14/src/mathutil.cpp:497:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pTmp, p, ATOF_LIMIT);
data/tinymux-2.10.1.14/src/mathutil.cpp:566:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(q, p, nSize);
data/tinymux-2.10.1.14/src/mathutil.cpp:595:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(q, p, nSize-1);
data/tinymux-2.10.1.14/src/mathutil.cpp:609:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(q, p, nSize);
data/tinymux-2.10.1.14/src/mathutil.cpp:627:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(q, p, nSize);
data/tinymux-2.10.1.14/src/mathutil.cpp:641:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(q, p, iDecimalPoint);
data/tinymux-2.10.1.14/src/mathutil.cpp:645:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(q, p, nSize - iDecimalPoint);
data/tinymux-2.10.1.14/src/mguests.cpp:109:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newGuests, Guests, nGuests * sizeof(dbref));
data/tinymux-2.10.1.14/src/modules.cpp:1479:33: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&n, p, sizeof(size_t));
data/tinymux-2.10.1.14/src/modules.cpp:1543:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&n, m_pCurrentField, sizeof(size_t));
data/tinymux-2.10.1.14/src/mudconf.h:264:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char markdata[8]; /* Masks for marking/unmarking */
data/tinymux-2.10.1.14/src/mudconf.h:402:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chunk[5000];
data/tinymux-2.10.1.14/src/muxcli.cpp:21:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char aHHN[3] = "--";
data/tinymux-2.10.1.14/src/netcommon.cpp:356:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tp->hdr.end, b, n);
data/tinymux-2.10.1.14/src/netcommon.cpp:369:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tp->hdr.end, b, left);
data/tinymux-2.10.1.14/src/netcommon.cpp:561:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pBuffer, pString, n);
data/tinymux-2.10.1.14/src/netcommon.cpp:1753:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buff, szName, nLen);
data/tinymux-2.10.1.14/src/netcommon.cpp:2185:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(d->doing, szValidDoing, nValidDoing+1);
data/tinymux-2.10.1.14/src/netcommon.cpp:2217:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dMax->doing, szValidDoing, nValidDoing+1);
data/tinymux-2.10.1.14/src/netcommon.cpp:2243:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mudstate.doing_hdr, szValidDoing, nValidDoing+1);
data/tinymux-2.10.1.14/src/pcre.cpp:890:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer, subject + ovector[stringnumber], yield);
data/tinymux-2.10.1.14/src/pcre.cpp:1409:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(study->start_bits, start_bits, sizeof(start_bits));
data/tinymux-2.10.1.14/src/pcre.cpp:2314:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[4];
data/tinymux-2.10.1.14/src/pcre.cpp:3104:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
strncmp((const char *)ptr, posix_names[yield], len) == 0) return yield;
data/tinymux-2.10.1.14/src/pcre.cpp:3968:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(code, classbits, 32);
data/tinymux-2.10.1.14/src/pcre.cpp:4001:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(code, classbits, 32);
data/tinymux-2.10.1.14/src/pcre.cpp:4106:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(utf8_char, lastchar, c); /* Save the char */
data/tinymux-2.10.1.14/src/pcre.cpp:4221:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(code, utf8_char, c & 7);
data/tinymux-2.10.1.14/src/pcre.cpp:4241:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(code, utf8_char, c & 7);
data/tinymux-2.10.1.14/src/pcre.cpp:4259:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(code, utf8_char, c & 7);
data/tinymux-2.10.1.14/src/pcre.cpp:4408:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(code, previous, len);
data/tinymux-2.10.1.14/src/pcre.cpp:4439:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(code, previous, len);
data/tinymux-2.10.1.14/src/pcre.cpp:4651:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(slot + 2, name, namelen);
data/tinymux-2.10.1.14/src/pcre.cpp:7426:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_recursive.offset_save, md->offset_vector,
data/tinymux-2.10.1.14/src/pcre.cpp:7449:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(md->offset_vector, new_recursive.offset_save,
data/tinymux-2.10.1.14/src/pcre.cpp:7635:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(md->offset_vector, rec->offset_save,
data/tinymux-2.10.1.14/src/pcre.cpp:10057:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(offsets + 2, match_block.offset_vector + 2,
data/tinymux-2.10.1.14/src/player.cpp:643:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf + SHA1_PREFIX_LENGTH, pSaltField, nSaltField);
data/tinymux-2.10.1.14/src/sha1.cpp:117:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p->block + p->nblock, buf, m);
data/tinymux-2.10.1.14/src/sha1.cpp:222:56: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
SHA1_Update(&shac, vectors[i].p, strlen((const char *)vectors[i].p));
data/tinymux-2.10.1.14/src/slave.cpp:82:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char host[MAX_STRING];
data/tinymux-2.10.1.14/src/slave.cpp:118:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_STRING * 2];
data/tinymux-2.10.1.14/src/slave.cpp:177:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char arg[MAX_STRING];
data/tinymux-2.10.1.14/src/stringutil.cpp:345:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char mux_hex2dec[256] =
data/tinymux-2.10.1.14/src/stringutil.cpp:367:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char mux_toupper_ascii[UCHAR_MAX+1] =
data/tinymux-2.10.1.14/src/stringutil.cpp:390:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char mux_tolower_ascii[UCHAR_MAX+1] =
data/tinymux-2.10.1.14/src/stringutil.cpp:429:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char utf8_FirstByte[256] =
data/tinymux-2.10.1.14/src/stringutil.cpp:2132:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Buffer + i, COLOR_RESET, sizeof(COLOR_RESET)-1);
data/tinymux-2.10.1.14/src/stringutil.cpp:2144:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Buffer + i, aColors[iAttr].pUTF, aColors[iAttr].nUTF);
data/tinymux-2.10.1.14/src/stringutil.cpp:2170:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Buffer + i, aColors[COLOR_INDEX_FG + iColor].pUTF, aColors[COLOR_INDEX_FG + iColor].nUTF);
data/tinymux-2.10.1.14/src/stringutil.cpp:2176:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Buffer + i, ConvertToUTF8(rgb.r + 0xF0000), 4);
data/tinymux-2.10.1.14/src/stringutil.cpp:2181:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Buffer + i, ConvertToUTF8(rgb.g + 0xF0100), 4);
data/tinymux-2.10.1.14/src/stringutil.cpp:2186:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Buffer + i, ConvertToUTF8(rgb.b + 0xF0200), 4);
data/tinymux-2.10.1.14/src/stringutil.cpp:2211:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Buffer + i, aColors[COLOR_INDEX_BG + iColor].pUTF, aColors[COLOR_INDEX_BG + iColor].nUTF);
data/tinymux-2.10.1.14/src/stringutil.cpp:2217:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Buffer + i, ConvertToUTF8(rgb.r + 0xF0300), 4);
data/tinymux-2.10.1.14/src/stringutil.cpp:2222:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Buffer + i, ConvertToUTF8(rgb.g + 0xF0400), 4);
data/tinymux-2.10.1.14/src/stringutil.cpp:2227:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Buffer + i, ConvertToUTF8(rgb.b + 0xF0500), 4);
data/tinymux-2.10.1.14/src/stringutil.cpp:2314:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Buffer + i, aColors[COLOR_INDEX_RESET].pEscape, aColors[COLOR_INDEX_RESET].nEscape);
data/tinymux-2.10.1.14/src/stringutil.cpp:2326:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Buffer + i, aColors[iAttr].pEscape, aColors[iAttr].nEscape);
data/tinymux-2.10.1.14/src/stringutil.cpp:2341:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Buffer + i, aColors[iColor].pEscape, aColors[iColor].nEscape);
data/tinymux-2.10.1.14/src/stringutil.cpp:2360:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Buffer + i, aColors[iColor].pEscape, aColors[iColor].nEscape);
data/tinymux-2.10.1.14/src/stringutil.cpp:2535:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Buffer + i, ANSI_NORMAL, sizeof(ANSI_NORMAL)-1);
data/tinymux-2.10.1.14/src/stringutil.cpp:2547:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Buffer + i, aColors[iAttr].pAnsi, aColors[iAttr].nAnsi);
data/tinymux-2.10.1.14/src/stringutil.cpp:2560:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Buffer + i, aColors[iColor].pAnsi, aColors[iColor].nAnsi);
data/tinymux-2.10.1.14/src/stringutil.cpp:2570:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Buffer + i, aColors[iColor].pAnsi, aColors[iColor].nAnsi);
data/tinymux-2.10.1.14/src/stringutil.cpp:3016:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pBuffer, pString + List[iList].iStart, n);
data/tinymux-2.10.1.14/src/stringutil.cpp:3090:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pBuffer, pTransition, nTransition);
data/tinymux-2.10.1.14/src/stringutil.cpp:3100:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pBuffer, pString + iCopy, i - iCopy);
data/tinymux-2.10.1.14/src/stringutil.cpp:3115:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pBuffer, pNormal, nNormal);
data/tinymux-2.10.1.14/src/stringutil.cpp:3189:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char MU_EscapeConvert[256] =
data/tinymux-2.10.1.14/src/stringutil.cpp:3212:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char MU_EscapeNoConvert[256] =
data/tinymux-2.10.1.14/src/stringutil.cpp:3603:41: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const UTF8 *p = (UTF8 *)strchr((char *)s, old[0]);
data/tinymux-2.10.1.14/src/stringutil.cpp:3749:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buff, str, nStr);
data/tinymux-2.10.1.14/src/stringutil.cpp:3775:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buff, pBuffer, nBuffer);
data/tinymux-2.10.1.14/src/stringutil.cpp:3820:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*bufc, src, nLen);
data/tinymux-2.10.1.14/src/stringutil.cpp:3852:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*bufc, src, nLen);
data/tinymux-2.10.1.14/src/stringutil.cpp:4436:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pBuffer + fldOutput.m_byte, pTransition, nTransition);
data/tinymux-2.10.1.14/src/stringutil.cpp:4464:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pBuffer + fldOutput.m_byte, pNormal, nNormalBytes);
data/tinymux-2.10.1.14/src/stringutil.cpp:4607:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pBuffer + nOutput, pTransition, nTransition);
data/tinymux-2.10.1.14/src/stringutil.cpp:4629:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pBuffer + nOutput, pTextRun, nTextRun);
data/tinymux-2.10.1.14/src/stringutil.cpp:4643:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pBuffer + nOutput, pNormal, nNormal);
data/tinymux-2.10.1.14/src/stringutil.cpp:4709:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*(pContext->bufc), smbuf, nLen);
data/tinymux-2.10.1.14/src/stringutil.cpp:4741:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*(pContext->bufc), smbuf, nLen);
data/tinymux-2.10.1.14/src/stringutil.cpp:4778:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, pStr, nStr);
data/tinymux-2.10.1.14/src/stringutil.cpp:5066:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pBuffer + iBuffer, pFmt + iFmtDeferred, dDeferred);
data/tinymux-2.10.1.14/src/stringutil.cpp:5087:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pBuffer + iBuffer, pFmt + iFmtDeferred, dDeferred);
data/tinymux-2.10.1.14/src/stringutil.cpp:5276:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pBuffer + iBuffer, pBuff, cbBuff);
data/tinymux-2.10.1.14/src/stringutil.cpp:5406:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pBuffer + iBuffer, pFmt + iFmtDeferred, dDeferred);
data/tinymux-2.10.1.14/src/stringutil.cpp:5453:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Buffer, "\n", 2);
data/tinymux-2.10.1.14/src/stringutil.cpp:5942:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_autf + m_iLast.m_byte, sStr.m_autf + iStart.m_byte, nBytes);
data/tinymux-2.10.1.14/src/stringutil.cpp:5946:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_pcs + m_iLast.m_point, sStr.m_pcs + iStart.m_point, nPoints * sizeof(m_pcs[0]));
data/tinymux-2.10.1.14/src/stringutil.cpp:6034:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_autf + m_iLast.m_byte, pStr, nLen * sizeof(m_autf[0]));
data/tinymux-2.10.1.14/src/stringutil.cpp:6084:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_autf + m_iLast.m_byte, pStr, nLen * sizeof(m_autf[0]));
data/tinymux-2.10.1.14/src/stringutil.cpp:6471:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pBuffer + nDone, m_autf + iCopy.m_byte, nCopy);
data/tinymux-2.10.1.14/src/stringutil.cpp:6479:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pBuffer + nDone, pTransition, nTransition * sizeof(pTransition[0]));
data/tinymux-2.10.1.14/src/stringutil.cpp:6488:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pBuffer + nDone, m_autf + iCopy.m_byte, nCopy);
data/tinymux-2.10.1.14/src/stringutil.cpp:6494:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pBuffer + nDone, pTransition, nTransition * sizeof(pTransition[0]));
data/tinymux-2.10.1.14/src/stringutil.cpp:6535:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pBuffer + nDone, pTransition, nTransition * sizeof(pTransition[0]));
data/tinymux-2.10.1.14/src/stringutil.cpp:6539:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pBuffer + nDone, m_autf + iPos.m_byte, nChar * sizeof(m_autf[0]));
data/tinymux-2.10.1.14/src/stringutil.cpp:6547:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pBuffer + nDone, pTransition, nTransition * sizeof(pTransition[0]));
data/tinymux-2.10.1.14/src/stringutil.cpp:6611:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Buffer + iOut, m_autf + iCopy.m_byte, nCopy);
data/tinymux-2.10.1.14/src/stringutil.cpp:6619:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Buffer + iOut, pTransition, nTransition);
data/tinymux-2.10.1.14/src/stringutil.cpp:6630:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Buffer + iOut, m_autf + iCopy.m_byte, nCopy);
data/tinymux-2.10.1.14/src/stringutil.cpp:6635:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Buffer + iOut, pNormal, nNormal);
data/tinymux-2.10.1.14/src/stringutil.cpp:6687:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Buffer + iOut, pTransition, nTransition);
data/tinymux-2.10.1.14/src/stringutil.cpp:6691:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Buffer + iOut, m_autf + curIn.m_byte, nChar);
data/tinymux-2.10.1.14/src/stringutil.cpp:6699:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Buffer + iOut, pNormal, nNormal);
data/tinymux-2.10.1.14/src/stringutil.cpp:7075:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pBuffer, &m_autf[curStart.m_byte], n);
data/tinymux-2.10.1.14/src/stringutil.cpp:7124:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pBuffer, m_autf + iStart.m_byte, nBytes);
data/tinymux-2.10.1.14/src/stringutil.cpp:7198:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_autf, sStr.m_autf + iStart.m_byte, m_iLast.m_byte);
data/tinymux-2.10.1.14/src/stringutil.cpp:7208:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_pcs, sStr.m_pcs + iStart.m_point, m_iLast.m_point * sizeof(m_pcs[0]));
data/tinymux-2.10.1.14/src/stringutil.cpp:7296:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_pcs, acsTemp, m_iLast.m_point * sizeof(m_pcs[0]));
data/tinymux-2.10.1.14/src/stringutil.cpp:7410:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_pcs, pcsOld, m_ncs * sizeof(m_pcs[0]));
data/tinymux-2.10.1.14/src/stringutil.cpp:7515:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_autf + iStart.m_byte, sTo.m_autf, nCopy.m_byte * sizeof(m_autf[0]));
data/tinymux-2.10.1.14/src/stringutil.cpp:7521:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_pcs + iStart.m_point, sTo.m_pcs, nCopy.m_point * sizeof(m_pcs[0]));
data/tinymux-2.10.1.14/src/stringutil.cpp:7625:50: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char *p = (const unsigned char *)memchr(pTarget, pPatBuf[0], iEnd.m_byte - iStart.m_byte);
data/tinymux-2.10.1.14/src/stringutil.h:32:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const unsigned char mux_hex2dec[256];
data/tinymux-2.10.1.14/src/stringutil.h:33:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const unsigned char mux_toupper_ascii[256];
data/tinymux-2.10.1.14/src/stringutil.h:34:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const unsigned char mux_tolower_ascii[256];
data/tinymux-2.10.1.14/src/stringutil.h:43:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const unsigned char utf8_FirstByte[256];
data/tinymux-2.10.1.14/src/stringutil.h:1345:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char pAnsi[12];
data/tinymux-2.10.1.14/src/strtod.cpp:472:20: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define Bcopy(x,y) memcpy((char *)&x->sign, (char *)&y->sign, \
data/tinymux-2.10.1.14/src/svdhash.cpp:950:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pNode+1, pRecord, nRecord);
data/tinymux-2.10.1.14/src/svdhash.cpp:1002:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pRecord, pNode+1, pNode->u.s.nRecordSize);
data/tinymux-2.10.1.14/src/svdhash.cpp:1015:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pNode+1, pRecord, nRecord);
data/tinymux-2.10.1.14/src/svdhash.cpp:1317:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pRecord, pNode+1, pNode->u.s.nRecordSize);
data/tinymux-2.10.1.14/src/svdhash.cpp:1332:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pRecord, pNode+1, pNode->u.s.nRecordSize);
data/tinymux-2.10.1.14/src/svdhash.cpp:2788:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[1];
data/tinymux-2.10.1.14/src/svdhash.cpp:2830:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Buffer[1024];
data/tinymux-2.10.1.14/src/svdhash.cpp:2856:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Buffer[1024];
data/tinymux-2.10.1.14/src/svdhash.cpp:2946:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[1024];
data/tinymux-2.10.1.14/src/timeparser.cpp:664:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char LexTable[256] =
data/tinymux-2.10.1.14/src/timeparser.cpp:882:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buff, pSave, nLen);
data/tinymux-2.10.1.14/src/timeparser.cpp:903:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
if ( strlen((char *)PD_TextTable[j].szText) == nLen
data/tinymux-2.10.1.14/src/timer.cpp:368:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, m_pHeap, sizeof(PTASK_RECORD)*m_nCurrent);
data/tinymux-2.10.1.14/src/timer.cpp:402:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, m_pHeap, sizeof(PTASK_RECORD)*m_nCurrent);
data/tinymux-2.10.1.14/src/timeutil.cpp:39:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char daystab[12] =
data/tinymux-2.10.1.14/src/timeutil.cpp:547:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, pIntegerStart, n);
data/tinymux-2.10.1.14/src/timeutil.cpp:561:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, pFractionalStart, n);
data/tinymux-2.10.1.14/src/timeutil.cpp:627:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, buf, m);
data/tinymux-2.10.1.14/src/timeutil.cpp:911:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aBuffer, p, n);
data/tinymux-2.10.1.14/src/timeutil.h:220:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char daystab[12];
data/tinymux-2.10.1.14/src/tools/announce.c:45:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[8192];
data/tinymux-2.10.1.14/src/tools/announce.c:47:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char host_address[1024];
data/tinymux-2.10.1.14/src/utf8tables.cpp:18:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char cl_print_itt[256] =
data/tinymux-2.10.1.14/src/utf8tables.cpp:58:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char cl_print_sbt[3263] =
data/tinymux-2.10.1.14/src/utf8tables.cpp:271:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char cl_attrnameinitial_itt[256] =
data/tinymux-2.10.1.14/src/utf8tables.cpp:293:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char cl_attrnameinitial_sot[6] =
data/tinymux-2.10.1.14/src/utf8tables.cpp:298:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char cl_attrnameinitial_sbt[50] =
data/tinymux-2.10.1.14/src/utf8tables.cpp:311:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char cl_attrname_itt[256] =
data/tinymux-2.10.1.14/src/utf8tables.cpp:333:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char cl_attrname_sot[6] =
data/tinymux-2.10.1.14/src/utf8tables.cpp:338:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char cl_attrname_sbt[50] =
data/tinymux-2.10.1.14/src/utf8tables.cpp:351:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char cl_objectname_itt[256] =
data/tinymux-2.10.1.14/src/utf8tables.cpp:373:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char cl_objectname_sot[8] =
data/tinymux-2.10.1.14/src/utf8tables.cpp:378:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char cl_objectname_sbt[79] =
data/tinymux-2.10.1.14/src/utf8tables.cpp:392:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char cl_playername_itt[256] =
data/tinymux-2.10.1.14/src/utf8tables.cpp:414:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char cl_playername_sot[6] =
data/tinymux-2.10.1.14/src/utf8tables.cpp:419:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char cl_playername_sbt[50] =
data/tinymux-2.10.1.14/src/utf8tables.cpp:432:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char cl_8859_1_itt[256] =
data/tinymux-2.10.1.14/src/utf8tables.cpp:454:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char cl_8859_1_sot[3] =
data/tinymux-2.10.1.14/src/utf8tables.cpp:459:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char cl_8859_1_sbt[20] =
data/tinymux-2.10.1.14/src/utf8tables.cpp:470:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char cl_8859_2_itt[256] =
data/tinymux-2.10.1.14/src/utf8tables.cpp:492:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char cl_8859_2_sot[6] =
data/tinymux-2.10.1.14/src/utf8tables.cpp:497:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char cl_8859_2_sbt[73] =
data/tinymux-2.10.1.14/src/utf8tables.cpp:511:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char tr_ascii_itt[256] =
data/tinymux-2.10.1.14/src/utf8tables.cpp:543:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char tr_ascii_sbt[3295] =
data/tinymux-2.10.1.14/src/utf8tables.cpp:758:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char tr_cp437_itt[256] =
data/tinymux-2.10.1.14/src/utf8tables.cpp:1025:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char tr_latin1_itt[256] =
data/tinymux-2.10.1.14/src/utf8tables.cpp:1277:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char tr_latin2_itt[256] =
data/tinymux-2.10.1.14/src/utf8tables.cpp:1526:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char tr_tolower_itt[256] =
data/tinymux-2.10.1.14/src/utf8tables.cpp:1555:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char tr_tolower_sbt[1365] =
data/tinymux-2.10.1.14/src/utf8tables.cpp:1754:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char tr_toupper_itt[256] =
data/tinymux-2.10.1.14/src/utf8tables.cpp:1784:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char tr_toupper_sbt[1458] =
data/tinymux-2.10.1.14/src/utf8tables.cpp:1994:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char tr_totitle_itt[256] =
data/tinymux-2.10.1.14/src/utf8tables.cpp:2024:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char tr_totitle_sbt[1459] =
data/tinymux-2.10.1.14/src/utf8tables.cpp:2232:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char tr_foldmatch_itt[256] =
data/tinymux-2.10.1.14/src/utf8tables.cpp:2254:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char tr_foldmatch_sot[7] =
data/tinymux-2.10.1.14/src/utf8tables.cpp:2259:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char tr_foldmatch_sbt[47] =
data/tinymux-2.10.1.14/src/utf8tables.cpp:2278:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char tr_color_itt[256] =
data/tinymux-2.10.1.14/src/utf8tables.h:25:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const unsigned char cl_print_itt[256];
data/tinymux-2.10.1.14/src/utf8tables.h:27:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const unsigned char cl_print_sbt[3263];
data/tinymux-2.10.1.14/src/utf8tables.h:36:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const unsigned char cl_attrnameinitial_itt[256];
data/tinymux-2.10.1.14/src/utf8tables.h:37:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const unsigned char cl_attrnameinitial_sot[6];
data/tinymux-2.10.1.14/src/utf8tables.h:38:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const unsigned char cl_attrnameinitial_sbt[50];
data/tinymux-2.10.1.14/src/utf8tables.h:47:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const unsigned char cl_attrname_itt[256];
data/tinymux-2.10.1.14/src/utf8tables.h:48:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const unsigned char cl_attrname_sot[6];
data/tinymux-2.10.1.14/src/utf8tables.h:49:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const unsigned char cl_attrname_sbt[50];
data/tinymux-2.10.1.14/src/utf8tables.h:58:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const unsigned char cl_objectname_itt[256];
data/tinymux-2.10.1.14/src/utf8tables.h:59:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const unsigned char cl_objectname_sot[8];
data/tinymux-2.10.1.14/src/utf8tables.h:60:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const unsigned char cl_objectname_sbt[79];
data/tinymux-2.10.1.14/src/utf8tables.h:69:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const unsigned char cl_playername_itt[256];
data/tinymux-2.10.1.14/src/utf8tables.h:70:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const unsigned char cl_playername_sot[6];
data/tinymux-2.10.1.14/src/utf8tables.h:71:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const unsigned char cl_playername_sbt[50];
data/tinymux-2.10.1.14/src/utf8tables.h:80:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const unsigned char cl_8859_1_itt[256];
data/tinymux-2.10.1.14/src/utf8tables.h:81:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const unsigned char cl_8859_1_sot[3];
data/tinymux-2.10.1.14/src/utf8tables.h:82:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const unsigned char cl_8859_1_sbt[20];
data/tinymux-2.10.1.14/src/utf8tables.h:91:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const unsigned char cl_8859_2_itt[256];
data/tinymux-2.10.1.14/src/utf8tables.h:92:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const unsigned char cl_8859_2_sot[6];
data/tinymux-2.10.1.14/src/utf8tables.h:93:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const unsigned char cl_8859_2_sbt[73];
data/tinymux-2.10.1.14/src/utf8tables.h:102:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const unsigned char tr_ascii_itt[256];
data/tinymux-2.10.1.14/src/utf8tables.h:104:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const unsigned char tr_ascii_sbt[3295];
data/tinymux-2.10.1.14/src/utf8tables.h:113:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const unsigned char tr_cp437_itt[256];
data/tinymux-2.10.1.14/src/utf8tables.h:124:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const unsigned char tr_latin1_itt[256];
data/tinymux-2.10.1.14/src/utf8tables.h:135:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const unsigned char tr_latin2_itt[256];
data/tinymux-2.10.1.14/src/utf8tables.h:146:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const unsigned char tr_tolower_itt[256];
data/tinymux-2.10.1.14/src/utf8tables.h:148:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const unsigned char tr_tolower_sbt[1365];
data/tinymux-2.10.1.14/src/utf8tables.h:162:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const unsigned char tr_toupper_itt[256];
data/tinymux-2.10.1.14/src/utf8tables.h:164:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const unsigned char tr_toupper_sbt[1458];
data/tinymux-2.10.1.14/src/utf8tables.h:178:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const unsigned char tr_totitle_itt[256];
data/tinymux-2.10.1.14/src/utf8tables.h:180:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const unsigned char tr_totitle_sbt[1459];
data/tinymux-2.10.1.14/src/utf8tables.h:194:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const unsigned char tr_foldmatch_itt[256];
data/tinymux-2.10.1.14/src/utf8tables.h:195:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const unsigned char tr_foldmatch_sot[7];
data/tinymux-2.10.1.14/src/utf8tables.h:196:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const unsigned char tr_foldmatch_sbt[47];
data/tinymux-2.10.1.14/src/utf8tables.h:210:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const unsigned char tr_color_itt[256];
data/tinymux-2.10.1.14/src/vattr.cpp:538:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tbuff, p, n);
data/tinymux-2.10.1.14/src/vattr.cpp:650:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
if (strcmp((char *)pName, (char *)anum_table[anum]->name) == 0)
data/tinymux-2.10.1.14/src/vattr.cpp:650:36: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
if (strcmp((char *)pName, (char *)anum_table[anum]->name) == 0)
data/tinymux-2.10.1.14/src/vattr.cpp:741:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret, str, nSize);
data/tinymux-2.10.1.14/src/wild.cpp:186:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(arglist[arg], dstr, t);
data/tinymux-2.10.1.14/src/alarm.cpp:220:9: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(usec);
data/tinymux-2.10.1.14/src/boolexp.cpp:706:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = strlen((char *)buf);
data/tinymux-2.10.1.14/src/bsd.cpp:811:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char *)d->addr, (char *)host_name, 50);
data/tinymux-2.10.1.14/src/bsd.cpp:843:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int passwdLen = strlen(passwd);
data/tinymux-2.10.1.14/src/bsd.cpp:844:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf, passwd, size);
data/tinymux-2.10.1.14/src/bsd.cpp:1839:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen((char *)pBuffL1);
data/tinymux-2.10.1.14/src/bsd.cpp:4144:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mux_socket_write(d, (const char *)message, strlen((const char *)message), 0);
data/tinymux-2.10.1.14/src/bsd.cpp:5648:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen((char *)q);
data/tinymux-2.10.1.14/src/command.cpp:784:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!hashfindLEN(cp0a->cmdname, strlen((char *)cp0a->cmdname),
data/tinymux-2.10.1.14/src/command.cpp:787:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hashaddLEN(cp0a->cmdname, strlen((char *)cp0a->cmdname), cp0a,
data/tinymux-2.10.1.14/src/command.cpp:798:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!hashfindLEN(cp1a->cmdname, strlen((char *)cp1a->cmdname),
data/tinymux-2.10.1.14/src/command.cpp:801:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hashaddLEN(cp1a->cmdname, strlen((char *)cp1a->cmdname), cp1a,
data/tinymux-2.10.1.14/src/command.cpp:812:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!hashfindLEN(cp2a->cmdname, strlen((char *)cp2a->cmdname),
data/tinymux-2.10.1.14/src/command.cpp:815:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hashaddLEN(cp2a->cmdname, strlen((char *)cp2a->cmdname), cp2a,
data/tinymux-2.10.1.14/src/command.cpp:826:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!hashfindLEN(cp2aa->cmdname, strlen((char *)cp2aa->cmdname),
data/tinymux-2.10.1.14/src/command.cpp:829:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hashaddLEN(cp2aa->cmdname, strlen((char *)cp2aa->cmdname), cp2aa,
data/tinymux-2.10.1.14/src/command.cpp:896:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
goto_cmdp = (CMDENT *) hashfindLEN((char *)"goto", strlen("goto"), &mudstate.command_htab);
data/tinymux-2.10.1.14/src/command.cpp:926:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hashaddLEN(cmdp->cmdname, strlen((char *)cmdp->cmdname), cmdp, &ht);
data/tinymux-2.10.1.14/src/command.cpp:1737:62: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncmp((const char *)pt2+1, (const char *)cmd, strlen((const char *)cmd)))
data/tinymux-2.10.1.14/src/command.cpp:2408:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cmdp = (CMDENT *)hashfindLEN("leave", strlen("leave"), &mudstate.command_htab);
data/tinymux-2.10.1.14/src/command.cpp:2499:59: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cmdp = (CMDENT *)hashfindLEN("enter", strlen("enter"), &mudstate.command_htab);
data/tinymux-2.10.1.14/src/command.cpp:3048:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cmdp = (CMDENT *)hashfindLEN(str, strlen((char *)str), &mudstate.command_htab);
data/tinymux-2.10.1.14/src/command.cpp:3179:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cmdp = (CMDENT *) hashfindLEN(orig, strlen((char *)orig), (CHashTable *) vp);
data/tinymux-2.10.1.14/src/command.cpp:3195:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!hashfindLEN(alias, strlen((char *)alias), (CHashTable *)vp))
data/tinymux-2.10.1.14/src/command.cpp:3221:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hashaddLEN(cmd2->cmdname, strlen((char *)cmd2->cmdname), cmd2, (CHashTable *) vp);
data/tinymux-2.10.1.14/src/command.cpp:3228:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
void *hp = hashfindLEN(orig, strlen((char *)orig), (CHashTable *) vp);
data/tinymux-2.10.1.14/src/command.cpp:3234:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hashaddLEN(alias, strlen((char *)alias), hp, (CHashTable *) vp);
data/tinymux-2.10.1.14/src/command.cpp:3651:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = strlen((char *)value);
data/tinymux-2.10.1.14/src/command.cpp:4327:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cmdp = (CMDENT *) hashfindLEN(pt1, strlen((char *)pt1), &mudstate.command_htab);
data/tinymux-2.10.1.14/src/command.cpp:4334:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
aflags = (int)strlen((char *)cmdp->cmdname);
data/tinymux-2.10.1.14/src/command.cpp:4398:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t natrpt = strlen((char *)atrpt);
data/tinymux-2.10.1.14/src/command.cpp:4399:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t npt3 = strlen((char *)pt3);
data/tinymux-2.10.1.14/src/command.cpp:4445:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t natrpt = strlen((char *)atrpt);
data/tinymux-2.10.1.14/src/command.cpp:4658:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cmdp = (CMDENT *)hashfindLEN(name, strlen((char *)name), &mudstate.command_htab);
data/tinymux-2.10.1.14/src/comsys.cpp:1115:18: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int ch = getc(fp);
data/tinymux-2.10.1.14/src/comsys.cpp:1417:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (3500 < strlen((char *)arg2))
data/tinymux-2.10.1.14/src/comsys.cpp:2020:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen((char *)channel), &mudstate.channel_htab);
data/tinymux-2.10.1.14/src/comsys.cpp:2435:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ch = (struct channel *)hashfindLEN(channel, strlen((char *)channel), &mudstate.channel_htab);
data/tinymux-2.10.1.14/src/comsys.cpp:2449:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hashdeleteLEN(channel, strlen((char *)channel), &mudstate.channel_htab);
data/tinymux-2.10.1.14/src/comsys.cpp:2677:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hashdeleteLEN(ch->name, strlen((char *)ch->name), &mudstate.channel_htab);
data/tinymux-2.10.1.14/src/conf.cpp:513:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char *)mc->reality_level[mc->no_levels].attr, (char *)str, 32);
data/tinymux-2.10.1.14/src/conf.cpp:720:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t nStr = strlen((char *)str);
data/tinymux-2.10.1.14/src/conf.cpp:778:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t nStr = strlen((char *)str);
data/tinymux-2.10.1.14/src/conf.cpp:1338:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (SBUF_SIZE <= strlen((char *)pBase))
data/tinymux-2.10.1.14/src/conf.cpp:1427:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hashdeleteLEN(p, strlen((const char *)p), &mudstate.command_htab);
data/tinymux-2.10.1.14/src/conf.cpp:1428:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hashaddLEN(p, strlen((const char *)p), cmdp, &mudstate.command_htab);
data/tinymux-2.10.1.14/src/conf.cpp:1431:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hashdeleteLEN(p, strlen((const char *)p), &mudstate.command_htab);
data/tinymux-2.10.1.14/src/conf.cpp:1432:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hashaddLEN(p, strlen((const char *)p), cmdp, &mudstate.command_htab);
data/tinymux-2.10.1.14/src/conf.cpp:1500:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cmdp = (CMDENT *)hashfindLEN(hookcmd, strlen((char *)hookcmd), &mudstate.command_htab);
data/tinymux-2.10.1.14/src/conf.cpp:2232:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t nInDB = strlen((char *)mudconf.indb);
data/tinymux-2.10.1.14/src/conf.cpp:2242:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t nSuffix = strlen((const char *)pSuffix);
data/tinymux-2.10.1.14/src/config.h:272:15: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
extern int fgetc(FILE *);
data/tinymux-2.10.1.14/src/config.h:465:21: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
#define mux_read read
data/tinymux-2.10.1.14/src/cque.cpp:771:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nCommand = strlen((char *)command) + 1;
data/tinymux-2.10.1.14/src/cque.cpp:784:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nLenEnv[a] = strlen((char *)args[a]) + 1;
data/tinymux-2.10.1.14/src/db.cpp:634:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nName = strlen((char *)db[thing].name);
data/tinymux-2.10.1.14/src/db.cpp:1308:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hashaddLEN((char *)a->name, strlen((char *)a->name), a, &mudstate.attr_name_htab);
data/tinymux-2.10.1.14/src/db.cpp:2309:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
atr_add_raw_LEN(thing, atr, szValue, szValue ? strlen((char *)szValue) : 0);
data/tinymux-2.10.1.14/src/db.cpp:3208:13: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int c = fgetc(f);
data/tinymux-2.10.1.14/src/db.cpp:3352:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t nLine = strlen((char *)p);
data/tinymux-2.10.1.14/src/db_rw.cpp:65:13: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int c = getc(f);
data/tinymux-2.10.1.14/src/db_rw.cpp:81:21: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
switch (c = getc(f))
data/tinymux-2.10.1.14/src/db_rw.cpp:111:30: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ('\n' == (c = getc(f)))
data/tinymux-2.10.1.14/src/db_rw.cpp:113:21: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = getc(f);
data/tinymux-2.10.1.14/src/db_rw.cpp:131:26: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ('\n' == (d = getc(f)))
data/tinymux-2.10.1.14/src/db_rw.cpp:133:17: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
d = getc(f);
data/tinymux-2.10.1.14/src/db_rw.cpp:156:36: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while (mux_isdigit(c = getc(f)))
data/tinymux-2.10.1.14/src/db_rw.cpp:166:35: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( EOF != (c = getc(f))
data/tinymux-2.10.1.14/src/db_rw.cpp:219:35: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( EOF != (c = getc(f))
data/tinymux-2.10.1.14/src/db_rw.cpp:259:13: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int c = getc(f);
data/tinymux-2.10.1.14/src/db_rw.cpp:262:14: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((c = getc(f)) != '\n')
data/tinymux-2.10.1.14/src/db_rw.cpp:283:21: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
switch (c = getc(f))
data/tinymux-2.10.1.14/src/db_rw.cpp:328:17: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = getc(f);
data/tinymux-2.10.1.14/src/db_rw.cpp:402:14: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(f);
data/tinymux-2.10.1.14/src/db_rw.cpp:406:18: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(f);
data/tinymux-2.10.1.14/src/db_rw.cpp:423:18: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(f);
data/tinymux-2.10.1.14/src/db_rw.cpp:911:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t nNameLength = strlen((char *)vp->name);
data/tinymux-2.10.1.14/src/flags.cpp:571:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!hashfindLEN(fp->flagname, strlen((char *)fp->flagname), &mudstate.flags_htab))
data/tinymux-2.10.1.14/src/flags.cpp:573:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hashaddLEN(fp->flagname, strlen((char *)fp->flagname), fp, &mudstate.flags_htab);
data/tinymux-2.10.1.14/src/funceval.cpp:225:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
CMDENT *cmdp = (CMDENT *)hashfindLEN(name, strlen((const char *)name), &mudstate.command_htab);
data/tinymux-2.10.1.14/src/funceval.cpp:1472:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t k = sizeof(struct object) + strlen((char *)Name(thing)) + 1;
data/tinymux-2.10.1.14/src/funceval.cpp:1487:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
k += strlen((char *)str)+1;
data/tinymux-2.10.1.14/src/funceval2.cpp:1656:60: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
UTF8 *tp = grep_util(executor, it, fargs[1], fargs[2], strlen((char *)fargs[2]), bCaseInsens);
data/tinymux-2.10.1.14/src/funceval2.cpp:2263:72: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int matches = pcre_exec(re, NULL, (char *)search, static_cast<int>(strlen((char *)search)), 0, 0,
data/tinymux-2.10.1.14/src/funceval2.cpp:2390:64: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& pcre_exec(re, study, (char *)r, static_cast<int>(strlen((char *)r)), 0, 0, ovec, ovecsize) >= 0)
data/tinymux-2.10.1.14/src/functions.cpp:354:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t tlen = strlen((char *)tstr);
data/tinymux-2.10.1.14/src/functions.cpp:1789:44: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((thischar = fgetc(myfile)) != EOF)
data/tinymux-2.10.1.14/src/functions.cpp:3463:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen((char *)fargs[0]);
data/tinymux-2.10.1.14/src/functions.cpp:4867:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (tp < xp + strlen((char *)xp))
data/tinymux-2.10.1.14/src/functions.cpp:5162:17: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat((char *)levelbuff, " ");
data/tinymux-2.10.1.14/src/functions.cpp:5195:17: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat((char *)levelbuff, " ");
data/tinymux-2.10.1.14/src/functions.cpp:5964:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t nString = strlen((char *)pString);
data/tinymux-2.10.1.14/src/functions.cpp:6565:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen((char *)fargs[0]);
data/tinymux-2.10.1.14/src/functions.cpp:7203:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (mysql_real_query(mush_database, (char *)cp, strlen((char *)cp)))
data/tinymux-2.10.1.14/src/functions.cpp:9011:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = strlen((char *)fargs[1]);
data/tinymux-2.10.1.14/src/functions.cpp:9035:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = strlen((char *)fargs[1]);
data/tinymux-2.10.1.14/src/functions.cpp:9427:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen((char *)p);
data/tinymux-2.10.1.14/src/funmath.cpp:2788:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = strlen((char *)fargs[i]);
data/tinymux-2.10.1.14/src/funmath.cpp:2830:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
SHA1_Update(&shac, fargs[i], strlen((const char *)fargs[i]));
data/tinymux-2.10.1.14/src/funmath.cpp:2873:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EVP_DigestUpdate(&ctx, fargs[i], strlen((const char *)fargs[i]));
data/tinymux-2.10.1.14/src/game.cpp:123:65: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
matches = pcre_exec(re, NULL, (char *)str, static_cast<int>(strlen((char *)str)), 0, 0, ovec, ovecsize);
data/tinymux-2.10.1.14/src/game.cpp:485:81: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int matches = pcre_exec(re, NULL, (char *)msg, static_cast<int>(strlen((char *)msg)), 0, 0,
data/tinymux-2.10.1.14/src/game.cpp:1273:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mux_write(fd, message, static_cast<unsigned int>(strlen((char *)message)));
data/tinymux-2.10.1.14/src/game.cpp:3174:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t nProg = strlen(argv[0]);
data/tinymux-2.10.1.14/src/help.cpp:80:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nLine = strlen((char *)Line);
data/tinymux-2.10.1.14/src/help.cpp:366:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen((char *)line);
data/tinymux-2.10.1.14/src/levels.cpp:26:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| strlen((char *)buff) != 17)
data/tinymux-2.10.1.14/src/levels.cpp:57:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| strlen((char *)buff) != 17)
data/tinymux-2.10.1.14/src/libmux.cpp:138:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = strlen((const char *)pString);
data/tinymux-2.10.1.14/src/libmux.cpp:160:16: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = wcslen(pString);
data/tinymux-2.10.1.14/src/log.cpp:299:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = strlen((char *) pFilename);
data/tinymux-2.10.1.14/src/log.cpp:417:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t nString = strlen((char *) pString);
data/tinymux-2.10.1.14/src/mail.cpp:229:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pm->m_nMessage = strlen((char *)pMessage);
data/tinymux-2.10.1.14/src/mail.cpp:279:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pm->m_nMessage = strlen((char *)pMessage);
data/tinymux-2.10.1.14/src/mail.cpp:293:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen((char *)message) > LBUF_SIZE-1)
data/tinymux-2.10.1.14/src/mail.cpp:367:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t nNew = strlen((char *)aNew);
data/tinymux-2.10.1.14/src/mail.cpp:520:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t nPattern = strlen((char *)aPattern);
data/tinymux-2.10.1.14/src/mail.cpp:1023:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen((char *)newname) > FOLDER_NAME_LEN)
data/tinymux-2.10.1.14/src/mail.cpp:1084:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
? (mp->read | M_ALL)
data/tinymux-2.10.1.14/src/mail.cpp:1085:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
: (mp->read | M_ALL | M_MSUNREAD);
data/tinymux-2.10.1.14/src/mail.cpp:1144:25: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
mp->read &= ~flag;
data/tinymux-2.10.1.14/src/mail.cpp:1148:25: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
mp->read |= flag;
data/tinymux-2.10.1.14/src/mail.cpp:1242:21: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
mp->read &= M_FMASK;
data/tinymux-2.10.1.14/src/mail.cpp:1243:21: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
mp->read |= FolderBit(foldernum);
data/tinymux-2.10.1.14/src/mail.cpp:1455:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (mp->read & mse->nMask)
data/tinymux-2.10.1.14/src/mail.cpp:1554:25: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
mp->read |= M_ISREAD;
data/tinymux-2.10.1.14/src/mail.cpp:3032:32: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
putref(fp, mp->read);
data/tinymux-2.10.1.14/src/mail.h:34:25: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
#define Urgent(m) (m->read & M_URGENT)
data/tinymux-2.10.1.14/src/mail.h:35:25: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
#define Mass(m) (m->read & M_MASS)
data/tinymux-2.10.1.14/src/mail.h:36:25: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
#define M_Safe(m) (m->read & M_SAFE)
data/tinymux-2.10.1.14/src/mail.h:38:25: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
#define Forward(m) (m->read & M_FORWARD)
data/tinymux-2.10.1.14/src/mail.h:39:25: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
#define Tagged(m) (m->read & M_TAG)
data/tinymux-2.10.1.14/src/mail.h:40:26: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
#define Folder(m) ((m->read & ~M_FMASK) >> 8)
data/tinymux-2.10.1.14/src/mail.h:41:25: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
#define Read(m) (m->read & M_ISREAD)
data/tinymux-2.10.1.14/src/mail.h:42:25: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
#define Cleared(m) (m->read & M_CLEARED)
data/tinymux-2.10.1.14/src/mail.h:62:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int read;
data/tinymux-2.10.1.14/src/match.cpp:670:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
md.string = munge_space_for_match(name, strlen((const char *)name));
data/tinymux-2.10.1.14/src/modules.cpp:738:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
CallFrame.nModuleName = strlen((const char *)aModuleName)+1;
data/tinymux-2.10.1.14/src/modules.cpp:740:30: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
CallFrame.nFileName = (wcslen(aFileName)+1)*sizeof(UTF16);
data/tinymux-2.10.1.14/src/modules.cpp:742:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
CallFrame.nFileName = (strlen((const char *)aFileName)+1)*sizeof(UTF8);
data/tinymux-2.10.1.14/src/modules.cpp:789:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
CallFrame.nModuleName = strlen((const char *)aModuleName)+1;
data/tinymux-2.10.1.14/src/modules/sqlproxy.cpp:216:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
CallFrame.nServer = (strlen((char *)pServer)+1)*sizeof(UTF8);
data/tinymux-2.10.1.14/src/modules/sqlproxy.cpp:217:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
CallFrame.nDatabase = (strlen((char *)pDatabase)+1)*sizeof(UTF8);
data/tinymux-2.10.1.14/src/modules/sqlproxy.cpp:218:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
CallFrame.nUser = (strlen((char *)pUser)+1)*sizeof(UTF8);
data/tinymux-2.10.1.14/src/modules/sqlproxy.cpp:219:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
CallFrame.nPassword = (strlen((char *)pPassword)+1)*sizeof(UTF8);
data/tinymux-2.10.1.14/src/modules/sqlproxy.cpp:311:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
CallFrame.nDatabaseName = (strlen((char *)pDatabaseName)+1)*sizeof(UTF8);
data/tinymux-2.10.1.14/src/modules/sqlproxy.cpp:312:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
CallFrame.nQuery = (strlen((char *)pQuery)+1)*sizeof(UTF8);
data/tinymux-2.10.1.14/src/modules/sqlslave.cpp:732:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& mysql_real_query(m_database, (char *)pQuery, strlen((char *)pQuery)) != 0)
data/tinymux-2.10.1.14/src/modules/sqlslave.cpp:772:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = strlen(p)+1;
data/tinymux-2.10.1.14/src/muxcli.cpp:112:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nLen = strlen(p);
data/tinymux-2.10.1.14/src/netcommon.cpp:526:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
queue_write_LEN(d, b, strlen((const char *)b));
data/tinymux-2.10.1.14/src/netcommon.cpp:822:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t nmsg = strlen((char *)msg);
data/tinymux-2.10.1.14/src/netcommon.cpp:1742:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t nLen = strlen((char *)szName);
data/tinymux-2.10.1.14/src/netcommon.cpp:1937:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t vwNameField = strlen((char *)NameField);
data/tinymux-2.10.1.14/src/netcommon.cpp:2281:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hashaddLEN(cp->name, strlen((char *)cp->name), cp, &mudstate.logout_cmd_htab);
data/tinymux-2.10.1.14/src/netcommon.cpp:2337:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
d->input_tot -= (strlen((char *)msg) + 1);
data/tinymux-2.10.1.14/src/netcommon.cpp:2960:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
d->input_size -= strlen((char *)t->cmd);
data/tinymux-2.10.1.14/src/player.cpp:433:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
SHA_Update(&shac, szPassword, strlen((const char *)szPassword));
data/tinymux-2.10.1.14/src/player.cpp:461:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t nSetting = strlen((char *)szSetting);
data/tinymux-2.10.1.14/src/player.cpp:470:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
SHA1_Update(&shac, szPassword, strlen((const char *)szPassword));
data/tinymux-2.10.1.14/src/player.cpp:522:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nSaltField = strlen((char *)pSaltField);
data/tinymux-2.10.1.14/src/player.cpp:580:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t nSetting = strlen((char *)szSetting);
data/tinymux-2.10.1.14/src/player.cpp:633:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
SHA1_Update(&shac, szPassword, strlen((const char *)szPassword));
data/tinymux-2.10.1.14/src/plusemail.cpp:339:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return SOCKET_WRITE(sock, (char *)&mybuf[0], strlen((char *)mybuf), 0);
data/tinymux-2.10.1.14/src/powers.cpp:228:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
POWERENT *pent = (POWERENT *)hashfindLEN(powername, strlen((char *)powername), &mudstate.powers_htab);
data/tinymux-2.10.1.14/src/predicates.cpp:510:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t nName = strlen((char *)pName);
data/tinymux-2.10.1.14/src/predicates.cpp:874:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
CMDENT *old = (CMDENT *)hashfindLEN(pName, strlen((char *)pName),
data/tinymux-2.10.1.14/src/predicates.cpp:912:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hashdeleteLEN(pName, strlen((char *)pName), &mudstate.command_htab);
data/tinymux-2.10.1.14/src/predicates.cpp:947:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hashaddLEN(pName, strlen((char *)pName), cmd, &mudstate.command_htab);
data/tinymux-2.10.1.14/src/predicates.cpp:957:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hashdeleteLEN(p, strlen((char *)p), &mudstate.command_htab);
data/tinymux-2.10.1.14/src/predicates.cpp:959:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hashaddLEN(p, strlen((char *)p), old, &mudstate.command_htab);
data/tinymux-2.10.1.14/src/predicates.cpp:1112:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n__Name = strlen((char *)p__Name);
data/tinymux-2.10.1.14/src/predicates.cpp:1130:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hashaddLEN(cmd->cmdname, strlen((char *)cmd->cmdname), cmd,
data/tinymux-2.10.1.14/src/predicates.cpp:1173:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hashaddLEN(cmd->cmdname, strlen((char *)cmd->cmdname),
data/tinymux-2.10.1.14/src/sha1.cpp:222:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
SHA1_Update(&shac, vectors[i].p, strlen((const char *)vectors[i].p));
data/tinymux-2.10.1.14/src/slave.cpp:111:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& strlen(hp->h_name) < MAX_STRING)
data/tinymux-2.10.1.14/src/slave.cpp:125:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(buf);
data/tinymux-2.10.1.14/src/slave.cpp:196:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
len = read(0, arg, MAX_STRING - 1);
data/tinymux-2.10.1.14/src/stringutil.cpp:2972:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pBuffer += strlen((char *)pBuffer);
data/tinymux-2.10.1.14/src/stringutil.cpp:2980:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pBuffer += strlen((char *)pBuffer);
data/tinymux-2.10.1.14/src/stringutil.cpp:2985:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pBuffer += strlen((char *)pBuffer);
data/tinymux-2.10.1.14/src/stringutil.cpp:2992:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pBuffer += strlen((char *)pBuffer);
data/tinymux-2.10.1.14/src/stringutil.cpp:3596:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t olen = strlen((char *)old);
data/tinymux-2.10.1.14/src/stringutil.cpp:3764:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return StringCloneLen(str, strlen((char *)str));
data/tinymux-2.10.1.14/src/stringutil.cpp:4578:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = strlen((char *)p);
data/tinymux-2.10.1.14/src/stringutil.cpp:4786:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t nStr = strlen((const char *)pStr);
data/tinymux-2.10.1.14/src/stringutil.cpp:5151:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cbBuff = strlen((char *)pBuff);
data/tinymux-2.10.1.14/src/stringutil.cpp:5449:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lenBuffer = strlen((char *)Buffer);
data/tinymux-2.10.1.14/src/stringutil.cpp:5469:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lenTruncBuffer = strlen((char *)TruncBuffer);
data/tinymux-2.10.1.14/src/stringutil.cpp:5976:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t nLen = strlen((char *)pStr);
data/tinymux-2.10.1.14/src/stringutil.cpp:6027:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t nLen = strlen((char *)pStr);
data/tinymux-2.10.1.14/src/stringutil.cpp:7030:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pBuffer += strlen((char *)pBuffer);
data/tinymux-2.10.1.14/src/stringutil.cpp:7038:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pBuffer += strlen((char *)pBuffer);
data/tinymux-2.10.1.14/src/stringutil.cpp:7043:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pBuffer += strlen((char *)pBuffer);
data/tinymux-2.10.1.14/src/stringutil.cpp:7050:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pBuffer += strlen((char *)pBuffer);
data/tinymux-2.10.1.14/src/stringutil.cpp:7232:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t nLen = strlen((char *)pStr);
data/tinymux-2.10.1.14/src/stringutil.cpp:7998:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = strlen((char *)p);
data/tinymux-2.10.1.14/src/stringutil.h:11:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define mux_strlen(x) strlen((const char *)x)
data/tinymux-2.10.1.14/src/stubslave.cpp:46:19: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int len = read(0, arg, sizeof(arg));
data/tinymux-2.10.1.14/src/stubslave.cpp:404:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ReturnFrame.nName = strlen((const char *)ModuleInfo.pName)+1;
data/tinymux-2.10.1.14/src/svdhash.cpp:2808:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nHash1 = HASH_ProcessBuffer(nHash1, fn, strlen(fn)+1);
data/tinymux-2.10.1.14/src/svdhash.cpp:2810:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nHash2 = CRC32_ProcessBuffer(nHash2, fn, strlen(fn)+1);
data/tinymux-2.10.1.14/src/svdhash.cpp:2880:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *p = idr->filename + strlen(idr->filename) + 1;
data/tinymux-2.10.1.14/src/timeparser.cpp:903:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen((char *)PD_TextTable[j].szText) == nLen
data/tinymux-2.10.1.14/src/timeutil.cpp:1025:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen((char *)p);
data/tinymux-2.10.1.14/src/tools/announce.c:116:20: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( (ch = getchar()) != EOF
data/tinymux-2.10.1.14/src/unsplit.cpp:17:17: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((c = getchar()) != EOF)
data/tinymux-2.10.1.14/src/unsplit.cpp:24:21: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = getchar();
data/tinymux-2.10.1.14/src/vattr.cpp:224:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ATTR *vb = vattr_find_LEN(va->name, strlen((char *)va->name));
data/tinymux-2.10.1.14/src/vattr.cpp:290:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
vattr_define_LEN(p, strlen((char *)p), iAttr, 0);
data/tinymux-2.10.1.14/src/vattr.cpp:416:64: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
UINT32 nHash = HASH_ProcessBuffer(0, va->name, strlen((char *)va->name));
data/tinymux-2.10.1.14/src/vattr.cpp:481:60: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
UINT32 nHash = HASH_ProcessBuffer(0, va->name, strlen((char *)va->name));
data/tinymux-2.10.1.14/src/vattr.cpp:725:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t nSize = strlen((char *)str) + 1;
data/tinymux-2.10.1.14/src/walkdb.cpp:57:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (1 < strlen((char *)tempstr))
data/tinymux-2.10.1.14/src/walkdb.cpp:469:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t k = strlen((char *)pname) - 1;
ANALYSIS SUMMARY:
Hits = 653
Lines analyzed = 141662 in approximately 2.83 seconds (50045 lines/second)
Physical Source Lines of Code (SLOC) = 111726
Hits@level = [0] 7 [1] 215 [2] 393 [3] 11 [4] 34 [5] 0
Hits@level+ = [0+] 660 [1+] 653 [2+] 438 [3+] 45 [4+] 34 [5+] 0
Hits/KSLOC@level+ = [0+] 5.90731 [1+] 5.84466 [2+] 3.92031 [3+] 0.402771 [4+] 0.304316 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.