Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/w1retap-1.4.4/contrib/applets/w1temp-gnome2/w1temp.c Examining data/w1retap-1.4.4/contrib/applets/archserv0:/w1temp.c Examining data/w1retap-1.4.4/contrib/applets/w1temp-gnome3/src/w1temp.c Examining data/w1retap-1.4.4/contrib/applets/w1temp-gnome3/w1temp-0.0.5/src/w1temp.c Examining data/w1retap-1.4.4/contrib/applets/w1temp-gnome3/config.h Examining data/w1retap-1.4.4/contrib/sun_moon/sun_moon/sun_moon.c Examining data/w1retap-1.4.4/contrib/sun_moon/sun_moon/lunar.c Examining data/w1retap-1.4.4/contrib/sun_moon/sun_moon/solar.c Examining data/w1retap-1.4.4/src/w1sensors.c Examining data/w1retap-1.4.4/src/sqlite/w1sqlite.c Examining data/w1retap-1.4.4/src/mongo/w1mongo.c Examining data/w1retap-1.4.4/src/w1csv.c Examining data/w1retap-1.4.4/src/w1retap.h Examining data/w1retap-1.4.4/src/odbc/w1odbc.c Examining data/w1retap-1.4.4/src/libusblinux300/mbeprom.c Examining data/w1retap-1.4.4/src/libusblinux300/setds2409.c Examining data/w1retap-1.4.4/src/libusblinux300/ds2480.h Examining data/w1retap-1.4.4/src/libusblinux300/ds2480ut.c Examining data/w1retap-1.4.4/src/libusblinux300/cnt1d.c Examining data/w1retap-1.4.4/src/libusblinux300/mbsha.h Examining data/w1retap-1.4.4/src/libusblinux300/swt1f.h Examining data/w1retap-1.4.4/src/libusblinux300/shadbtvm.c Examining data/w1retap-1.4.4/src/libusblinux300/ds2760.c Examining data/w1retap-1.4.4/src/libusblinux300/rawmem.c Examining data/w1retap-1.4.4/src/libusblinux300/braybaro.c Examining data/w1retap-1.4.4/src/libusblinux300/ownetu.c Examining data/w1retap-1.4.4/src/libusblinux300/tm_init.c Examining data/w1retap-1.4.4/src/libusblinux300/pw77.h Examining data/w1retap-1.4.4/src/libusblinux300/thermo21.c Examining data/w1retap-1.4.4/src/libusblinux300/time04.h Examining data/w1retap-1.4.4/src/libusblinux300/shaib.h Examining data/w1retap-1.4.4/src/libusblinux300/mbnvcrc.c Examining data/w1retap-1.4.4/src/libusblinux300/findtype.h Examining data/w1retap-1.4.4/src/libusblinux300/pressure.c Examining data/w1retap-1.4.4/src/libusblinux300/ownet.h Examining data/w1retap-1.4.4/src/libusblinux300/jibtest.c Examining data/w1retap-1.4.4/src/libusblinux300/humid.c Examining data/w1retap-1.4.4/src/libusblinux300/ibsha33.h Examining data/w1retap-1.4.4/src/libusblinux300/shademo.c Examining data/w1retap-1.4.4/src/libusblinux300/atodtst.c Examining data/w1retap-1.4.4/src/libusblinux300/mbappreg.c Examining data/w1retap-1.4.4/src/libusblinux300/rawmem.h Examining data/w1retap-1.4.4/src/libusblinux300/mbshaee.c Examining data/w1retap-1.4.4/src/libusblinux300/ioutil.c Examining data/w1retap-1.4.4/src/libusblinux300/tstfind.c Examining data/w1retap-1.4.4/src/libusblinux300/ps02.c Examining data/w1retap-1.4.4/src/libusblinux300/mbscrex.h Examining data/w1retap-1.4.4/src/libusblinux300/ds2408lcd.new.c Examining data/w1retap-1.4.4/src/libusblinux300/mbscr.h Examining data/w1retap-1.4.4/src/libusblinux300/ds2408lcd.old.c Examining data/w1retap-1.4.4/src/libusblinux300/ds2760.h Examining data/w1retap-1.4.4/src/libusblinux300/shadebit.c Examining data/w1retap-1.4.4/src/libusblinux300/hbuv.h Examining data/w1retap-1.4.4/src/libusblinux300/libusbnet.c Examining data/w1retap-1.4.4/src/libusblinux300/sht11_humid.c Examining data/w1retap-1.4.4/src/libusblinux300/linuxlnk.c Examining data/w1retap-1.4.4/src/libusblinux300/owpgrw.c Examining data/w1retap-1.4.4/src/libusblinux300/sha_chck.c Examining data/w1retap-1.4.4/src/libusblinux300/ps_init.c Examining data/w1retap-1.4.4/src/libusblinux300/swt05.c Examining data/w1retap-1.4.4/src/libusblinux300/crcutil.c Examining data/w1retap-1.4.4/src/libusblinux300/time04.c Examining data/w1retap-1.4.4/src/libusblinux300/initcopr.c Examining data/w1retap-1.4.4/src/libusblinux300/atod20.c Examining data/w1retap-1.4.4/src/libusblinux300/owfile.c Examining data/w1retap-1.4.4/src/libusblinux300/devlist.h Examining data/w1retap-1.4.4/src/libusblinux300/swt05.h Examining data/w1retap-1.4.4/src/libusblinux300/atod20.h Examining data/w1retap-1.4.4/src/libusblinux300/ds192x.old.c Examining data/w1retap-1.4.4/src/libusblinux300/fish.c Examining data/w1retap-1.4.4/src/libusblinux300/ds2408lcd.xx.c Examining data/w1retap-1.4.4/src/libusblinux300/atod26.h Examining data/w1retap-1.4.4/src/libusblinux300/owsesu.c Examining data/w1retap-1.4.4/src/libusblinux300/tm_check.c Examining data/w1retap-1.4.4/src/libusblinux300/sha18.c Examining data/w1retap-1.4.4/src/libusblinux300/thermo21.h Examining data/w1retap-1.4.4/src/libusblinux300/screenio.c Examining data/w1retap-1.4.4/src/libusblinux300/mbee77.c Examining data/w1retap-1.4.4/src/libusblinux300/ps02.h Examining data/w1retap-1.4.4/src/libusblinux300/ds2408lcd.c Examining data/w1retap-1.4.4/src/libusblinux300/mbscrcrc.h Examining data/w1retap-1.4.4/src/libusblinux300/thermodl.c Examining data/w1retap-1.4.4/src/libusblinux300/swtsngl.c Examining data/w1retap-1.4.4/src/libusblinux300/mbee77.h Examining data/w1retap-1.4.4/src/libusblinux300/acquire.c Examining data/w1retap-1.4.4/src/libusblinux300/weather.c Examining data/w1retap-1.4.4/src/libusblinux300/shaib.c Examining data/w1retap-1.4.4/src/libusblinux300/memutil.c Examining data/w1retap-1.4.4/src/libusblinux300/sht11.h Examining data/w1retap-1.4.4/src/libusblinux300/mbscree.c Examining data/w1retap-1.4.4/src/libusblinux300/swt12.h Examining data/w1retap-1.4.4/src/libusblinux300/findtype.c Examining data/w1retap-1.4.4/src/libusblinux300/atod26.c Examining data/w1retap-1.4.4/src/libusblinux300/mbee.c Examining data/w1retap-1.4.4/src/libusblinux300/mbsha.c Examining data/w1retap-1.4.4/src/libusblinux300/owllu.c Examining data/w1retap-1.4.4/src/libusblinux300/jibload.c Examining data/w1retap-1.4.4/src/libusblinux300/temp.c Examining data/w1retap-1.4.4/src/libusblinux300/mbappreg.h Examining data/w1retap-1.4.4/src/libusblinux300/counter.c Examining data/w1retap-1.4.4/src/libusblinux300/shaapp.c Examining data/w1retap-1.4.4/src/libusblinux300/libusbtran.c Examining data/w1retap-1.4.4/src/libusblinux300/mbnvcrc.h Examining data/w1retap-1.4.4/src/libusblinux300/mbnv.c Examining data/w1retap-1.4.4/src/libusblinux300/ibshaut.c Examining data/w1retap-1.4.4/src/libusblinux300/jib96.c Examining data/w1retap-1.4.4/src/libusblinux300/shacopr.c Examining data/w1retap-1.4.4/src/libusblinux300/libusbds2490.c Examining data/w1retap-1.4.4/src/libusblinux300/owfile.h Examining data/w1retap-1.4.4/src/libusblinux300/libusbllnk.c Examining data/w1retap-1.4.4/src/libusblinux300/humutil.c Examining data/w1retap-1.4.4/src/libusblinux300/initrov.c Examining data/w1retap-1.4.4/src/libusblinux300/lcdtest.c Examining data/w1retap-1.4.4/src/libusblinux300/swt1f.c Examining data/w1retap-1.4.4/src/libusblinux300/cnt1d.h Examining data/w1retap-1.4.4/src/libusblinux300/weather.h Examining data/w1retap-1.4.4/src/libusblinux300/mbscree.h Examining data/w1retap-1.4.4/src/libusblinux300/libusbses.c Examining data/w1retap-1.4.4/src/libusblinux300/mbscrx77.h Examining data/w1retap-1.4.4/src/libusblinux300/owtrnu.c Examining data/w1retap-1.4.4/src/libusblinux300/temptest.c Examining data/w1retap-1.4.4/src/libusblinux300/mbeprom.h Examining data/w1retap-1.4.4/src/libusblinux300/owprgm.c Examining data/w1retap-1.4.4/src/libusblinux300/temp10.h Examining data/w1retap-1.4.4/src/libusblinux300/mbscrx77.c Examining data/w1retap-1.4.4/src/libusblinux300/coupler.c Examining data/w1retap-1.4.4/src/libusblinux300/owcache.c Examining data/w1retap-1.4.4/src/libusblinux300/swt12.c Examining data/w1retap-1.4.4/src/libusblinux300/sharov.c Examining data/w1retap-1.4.4/src/libusblinux300/mbshaee.h Examining data/w1retap-1.4.4/src/libusblinux300/humutil.h Examining data/w1retap-1.4.4/src/libusblinux300/temp10.c Examining data/w1retap-1.4.4/src/libusblinux300/w1find.c Examining data/w1retap-1.4.4/src/libusblinux300/mbscrcrc.c Examining data/w1retap-1.4.4/src/libusblinux300/mbee.h Examining data/w1retap-1.4.4/src/libusblinux300/mweather.c Examining data/w1retap-1.4.4/src/libusblinux300/ps_check.c Examining data/w1retap-1.4.4/src/libusblinux300/jib96.h Examining data/w1retap-1.4.4/src/libusblinux300/tcrc.c Examining data/w1retap-1.4.4/src/libusblinux300/mbscr.c Examining data/w1retap-1.4.4/src/libusblinux300/hbhttest.c Examining data/w1retap-1.4.4/src/libusblinux300/gethumd.c Examining data/w1retap-1.4.4/src/libusblinux300/pw77.c Examining data/w1retap-1.4.4/src/libusblinux300/libusbds2490.h Examining data/w1retap-1.4.4/src/libusblinux300/sha_init.c Examining data/w1retap-1.4.4/src/libusblinux300/hbht.h Examining data/w1retap-1.4.4/src/libusblinux300/hbuvtest.c Examining data/w1retap-1.4.4/src/libusblinux300/mbnv.h Examining data/w1retap-1.4.4/src/libusblinux300/swtloop.c Examining data/w1retap-1.4.4/src/libusblinux300/thermoms.c Examining data/w1retap-1.4.4/src/libusblinux300/jib96o.c Examining data/w1retap-1.4.4/src/libusblinux300/humalog.c Examining data/w1retap-1.4.4/src/libusblinux300/hbuv.c Examining data/w1retap-1.4.4/src/libusblinux300/sha33.c Examining data/w1retap-1.4.4/src/libusblinux300/jibmodpw.c Examining data/w1retap-1.4.4/src/libusblinux300/ds192x.h Examining data/w1retap-1.4.4/src/libusblinux300/mbscrex.c Examining data/w1retap-1.4.4/src/libusblinux300/pressure.h Examining data/w1retap-1.4.4/src/libusblinux300/ibsha33o.c Examining data/w1retap-1.4.4/src/libusblinux300/ds192x.c Examining data/w1retap-1.4.4/src/libusblinux300/hbht.c Examining data/w1retap-1.4.4/src/libusblinux300/owerr.c Examining data/w1retap-1.4.4/src/pgsql/w1pgsql.c Examining data/w1retap-1.4.4/src/mysql/w1mysql.c Examining data/w1retap-1.4.4/src/w1conf.c Examining data/w1retap-1.4.4/src/w1retap.c Examining data/w1retap-1.4.4/src/w1file.c Examining data/w1retap-1.4.4/src/w1util.c Examining data/w1retap-1.4.4/src/w1xml.c FINAL RESULTS: data/w1retap-1.4.4/contrib/applets/w1temp-gnome3/src/w1temp.c:227:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(fbuf, p); data/w1retap-1.4.4/contrib/applets/w1temp-gnome3/w1temp-0.0.5/src/w1temp.c:227:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(fbuf, p); data/w1retap-1.4.4/src/libusblinux300/ds192x.c:23:23: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. #define TRACE(params) printf params data/w1retap-1.4.4/src/libusblinux300/ibshaut.c:63:4: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(msg,"\n%s\n",title); data/w1retap-1.4.4/src/libusblinux300/ibshaut.c:116:10: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(temp,"Service provider name selected: %s\n",sp_name); data/w1retap-1.4.4/src/libusblinux300/ibshaut.c:194:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(temp,"Roving user fixed information: %s\n",rov_information); data/w1retap-1.4.4/src/libusblinux300/initcopr.c:144:4: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf((char*)flname,"%s",ts.copr_file); // first 4 letters, service name data/w1retap-1.4.4/src/libusblinux300/initcopr.c:145:4: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf((char *)buf,"%s",ts.provider); data/w1retap-1.4.4/src/libusblinux300/initcopr.c:218:4: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(msg,"Closing port %s.\n", argv[1]); data/w1retap-1.4.4/src/libusblinux300/initrov.c:192:4: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(msg,"Closing port %s.\n", argv[1]); data/w1retap-1.4.4/src/libusblinux300/ioutil.c:76:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(defbuf,buf); data/w1retap-1.4.4/src/libusblinux300/ioutil.c:120:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf,"%s",defbuf); data/w1retap-1.4.4/src/libusblinux300/ownet.h:68:15: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. extern int sprintf(char *buffer, char *format,...); data/w1retap-1.4.4/src/libusblinux300/ownet.h:69:16: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. extern void fprintf(FILE *fp, char *format,...); data/w1retap-1.4.4/src/libusblinux300/ownet.h:70:16: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. extern void printf(char *format,...); data/w1retap-1.4.4/src/libusblinux300/pressure.c:327:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (Lect, ReadPressureSensor (portnum, (byte) 16)); data/w1retap-1.4.4/src/libusblinux300/pressure.c:353:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (Lect, ReadPressureSensor (portnum, 16)); data/w1retap-1.4.4/src/libusblinux300/pressure.c:417:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (SW11, SW1); data/w1retap-1.4.4/src/libusblinux300/pressure.c:418:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (SW22, SW2); data/w1retap-1.4.4/src/libusblinux300/pressure.c:419:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (SW33, SW3); data/w1retap-1.4.4/src/libusblinux300/pressure.c:420:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (SW44, SW4); data/w1retap-1.4.4/src/libusblinux300/shaapp.c:129:16: [4] (buffer) scanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. scanf("%s %s %s %s %s %s %s %s",&hexstr[0],&hexstr[2],&hexstr[4], data/w1retap-1.4.4/src/libusblinux300/shaapp.c:165:16: [4] (buffer) scanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. scanf("%s %s %s %s %s %s %s %s",&hexstr[0],&hexstr[2],&hexstr[4], data/w1retap-1.4.4/src/libusblinux300/shaapp.c:258:19: [4] (buffer) scanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. scanf("%s %s %s %s %s %s %s %s",&hexstr[0],&hexstr[2],&hexstr[4], data/w1retap-1.4.4/src/libusblinux300/shaapp.c:305:19: [4] (buffer) scanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. scanf("%s %s %s %s %s %s %s %s",&hexstr[0],&hexstr[2],&hexstr[4], data/w1retap-1.4.4/src/libusblinux300/shaapp.c:350:19: [4] (buffer) scanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. scanf("%s %s %s %s %s %s %s %s",&hexstr[0],&hexstr[2],&hexstr[4], data/w1retap-1.4.4/src/libusblinux300/shaapp.c:392:19: [4] (buffer) scanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. scanf("%s %s %s %s %s %s %s %s",&hexstr[0],&hexstr[2],&hexstr[4], data/w1retap-1.4.4/src/libusblinux300/shaapp.c:415:19: [4] (buffer) scanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. scanf("%s %s %s %s %s %s %s %s",&hexstr[0],&hexstr[2],&hexstr[4], data/w1retap-1.4.4/src/libusblinux300/swt12.c:198:10: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. cnt += sprintf(outstr+cnt, "%s", "Channel A and B\n"); data/w1retap-1.4.4/src/libusblinux300/swt12.c:201:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. cnt += sprintf(outstr+cnt, "%s", "Supply\n"); data/w1retap-1.4.4/src/libusblinux300/swt12.c:203:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. cnt += sprintf(outstr+cnt, "%s", "No Supply\n"); data/w1retap-1.4.4/src/libusblinux300/swt12.c:206:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. cnt += sprintf(outstr+cnt, "%s", "Activity on PIO-B\n"); data/w1retap-1.4.4/src/libusblinux300/swt12.c:208:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. cnt += sprintf(outstr+cnt, "%s", "No activity on PIO-B\n"); data/w1retap-1.4.4/src/libusblinux300/swt12.c:211:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. cnt += sprintf(outstr+cnt, "%s", "Activity on PIO-A\n"); data/w1retap-1.4.4/src/libusblinux300/swt12.c:213:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. cnt += sprintf(outstr+cnt, "%s", "No activity on PIO-A\n"); data/w1retap-1.4.4/src/libusblinux300/swt12.c:216:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. cnt += sprintf(outstr+cnt, "%s", "Hi level on PIO B\n"); data/w1retap-1.4.4/src/libusblinux300/swt12.c:218:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. cnt += sprintf(outstr+cnt, "%s", "Lo level on PIO B\n"); data/w1retap-1.4.4/src/libusblinux300/swt12.c:221:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. cnt += sprintf(outstr+cnt, "%s", "Hi level on PIO A\n"); data/w1retap-1.4.4/src/libusblinux300/swt12.c:223:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. cnt += sprintf(outstr+cnt, "%s", "Lo level on PIO A\n"); data/w1retap-1.4.4/src/libusblinux300/swt12.c:226:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. cnt += sprintf(outstr+cnt, "%s", "Channel B off\n"); data/w1retap-1.4.4/src/libusblinux300/swt12.c:228:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. cnt += sprintf(outstr+cnt, "%s", "Channel B on\n"); data/w1retap-1.4.4/src/libusblinux300/swt12.c:231:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. cnt += sprintf(outstr+cnt, "%s", "Channel A off\n"); data/w1retap-1.4.4/src/libusblinux300/swt12.c:233:15: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. cnt += sprintf(outstr+cnt, "%s", "Channel A on\n"); data/w1retap-1.4.4/src/libusblinux300/swt12.c:237:10: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. cnt += sprintf(outstr+cnt, "%s", "Channel A\n"); data/w1retap-1.4.4/src/libusblinux300/swt12.c:240:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. cnt += sprintf(outstr+cnt, "%s", "Supply\n"); data/w1retap-1.4.4/src/libusblinux300/swt12.c:242:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. cnt += sprintf(outstr+cnt, "%s", "No Supply\n"); data/w1retap-1.4.4/src/libusblinux300/swt12.c:245:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. cnt += sprintf(outstr+cnt, "%s", "Activity on PIO-A\n"); data/w1retap-1.4.4/src/libusblinux300/swt12.c:247:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. cnt += sprintf(outstr+cnt, "%s", "No activity on PIO-A\n"); data/w1retap-1.4.4/src/libusblinux300/swt12.c:250:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. cnt += sprintf(outstr+cnt, "%s", "Hi level on PIO A\n"); data/w1retap-1.4.4/src/libusblinux300/swt12.c:252:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. cnt += sprintf(outstr+cnt, "%s", "Lo level on PIO A\n"); data/w1retap-1.4.4/src/libusblinux300/swt12.c:255:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. cnt += sprintf(outstr+cnt, "%s", "Channel A off\n"); data/w1retap-1.4.4/src/libusblinux300/swt12.c:257:15: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. cnt += sprintf(outstr+cnt, "%s", "Channel A on\n"); data/w1retap-1.4.4/src/libusblinux300/swt1f.c:267:14: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. cnt += sprintf(outstr+cnt, "%s", "Manual mode\n"); data/w1retap-1.4.4/src/libusblinux300/swt1f.c:269:17: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. cnt += sprintf(outstr+cnt, "%s", "Output transistor on\n"); data/w1retap-1.4.4/src/libusblinux300/swt1f.c:271:17: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. cnt += sprintf(outstr+cnt, "%s", "Output transistor off\n"); data/w1retap-1.4.4/src/libusblinux300/swt1f.c:275:14: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. cnt += sprintf(outstr+cnt, "%s", "Auto-control mode\n"); data/w1retap-1.4.4/src/libusblinux300/swt1f.c:277:17: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. cnt += sprintf(outstr+cnt, "%s", "Output association with Auxillary\n"); data/w1retap-1.4.4/src/libusblinux300/swt1f.c:279:17: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. cnt += sprintf(outstr+cnt, "%s", "Output association with Main\n"); data/w1retap-1.4.4/src/libusblinux300/swt1f.c:283:14: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. cnt += sprintf(outstr+cnt, "%s", data/w1retap-1.4.4/src/libusblinux300/swt1f.c:286:14: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. cnt += sprintf(outstr+cnt, "%s", "No event on Main\n"); data/w1retap-1.4.4/src/libusblinux300/swt1f.c:289:14: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. cnt += sprintf(outstr+cnt, "%s", data/w1retap-1.4.4/src/libusblinux300/swt1f.c:292:14: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. cnt += sprintf(outstr+cnt, "%s", "No event on Aux.\n"); data/w1retap-1.4.4/src/libusblinux300/swt1f.c:295:14: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. cnt += sprintf(outstr+cnt, "%s", "Voltage High on Aux. output\n"); data/w1retap-1.4.4/src/libusblinux300/swt1f.c:297:14: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. cnt += sprintf(outstr+cnt, "%s", "Voltage Low on Aux. output\n"); data/w1retap-1.4.4/src/libusblinux300/swt1f.c:300:14: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. cnt += sprintf(outstr+cnt, "%s", "Inactive status of Aux. output\n"); data/w1retap-1.4.4/src/libusblinux300/swt1f.c:302:14: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. cnt += sprintf(outstr+cnt, "%s", "Active status of Aux. output\n"); data/w1retap-1.4.4/src/libusblinux300/swt1f.c:305:14: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. cnt += sprintf(outstr+cnt, "%s", "Voltage High on Main output\n"); data/w1retap-1.4.4/src/libusblinux300/swt1f.c:307:14: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. cnt += sprintf(outstr+cnt, "%s", "Voltage Low on Main output\n"); data/w1retap-1.4.4/src/libusblinux300/swt1f.c:310:14: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. cnt += sprintf(outstr+cnt, "%s", "Inactive status on Main output\n"); data/w1retap-1.4.4/src/libusblinux300/swt1f.c:312:14: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. cnt += sprintf(outstr+cnt, "%s", "Active status on Main output\n"); data/w1retap-1.4.4/src/libusblinux300/thermo21.c:221:16: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(LastDescription,"%s",script[StepCount].StepDescription); data/w1retap-1.4.4/src/libusblinux300/thermo21.c:232:16: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(LastMsg,"%s",msg); data/w1retap-1.4.4/src/mongo/w1mongo.c:294:29: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(buff, sizeof(buff), "%"PRId64, i64); data/w1retap-1.4.4/src/mongo/w1mongo.c:427:9: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. if (access("/tmp/.w1retap.lock", F_OK) == 0) data/w1retap-1.4.4/src/mysql/w1mysql.c:251:9: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. if (access("/tmp/.w1retap.lock", F_OK) == 0) data/w1retap-1.4.4/src/pgsql/w1pgsql.c:306:9: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. if (access("/tmp/.w1retap.lock", F_OK) == 0) data/w1retap-1.4.4/src/pgsql/w1pgsql.c:372:33: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. n = sprintf(jptr,"\"%s\":%s,", devs->s[j].abbrv, rval); data/w1retap-1.4.4/src/sqlite/w1sqlite.c:276:9: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. if (access("/tmp/.w1retap.lock", F_OK) == 0) data/w1retap-1.4.4/src/sqlite/w1sqlite.c:341:29: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. n = sprintf(jptr,"\"%s\":%s,", devs->s[j].abbrv, data/w1retap-1.4.4/src/w1conf.c:39:22: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. if(w1->rcfile && access(w1->rcfile,R_OK) != 0) data/w1retap-1.4.4/src/w1csv.c:47:19: [4] (shell) popen: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. lfp = popen(logfile+1,"w"); data/w1retap-1.4.4/src/w1file.c:123:19: [4] (shell) popen: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. lfp = popen(logfile+1,"w"); data/w1retap-1.4.4/src/w1sensors.c:1114:33: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(clist[nc].devid, p2); data/w1retap-1.4.4/src/w1sensors.c:1317:26: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. nc = sprintf(buf,"%s %s\n", d->devtype, d->serial); data/w1retap-1.4.4/src/w1util.c:370:30: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. n += sprintf(line+n, "%s=%.2f %s\n", data/w1retap-1.4.4/src/w1util.c:386:18: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. n += sprintf(line+n,"udate=%s\ndate=%s\n", tbuf1, tbuf2); data/w1retap-1.4.4/src/w1xml.c:57:19: [4] (shell) popen: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. lfp = popen(logfile+1,"w"); data/w1retap-1.4.4/src/w1xml.c:148:19: [4] (shell) popen: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. lfp = popen(logfile+1,"w"); data/w1retap-1.4.4/contrib/applets/w1temp-gnome3/src/w1temp.c:223:13: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. if((p = getenv("HOME"))) data/w1retap-1.4.4/contrib/applets/w1temp-gnome3/w1temp-0.0.5/src/w1temp.c:223:13: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. if((p = getenv("HOME"))) data/w1retap-1.4.4/contrib/sun_moon/sun_moon/lunar.c:61:20: [3] (buffer) getopt: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while((c = getopt(argc, argv, "p:f:t:h?")) != EOF) data/w1retap-1.4.4/contrib/sun_moon/sun_moon/solar.c:58:20: [3] (buffer) getopt: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while((c = getopt(argc, argv, "p:f:t:h?")) != EOF) data/w1retap-1.4.4/contrib/sun_moon/sun_moon/sun_moon.c:62:16: [3] (buffer) getopt: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while((c = getopt(argc, argv, "mMp:f:t:h?")) != EOF) data/w1retap-1.4.4/src/libusblinux300/braybaro.c:86:15: [3] (buffer) getopt: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while((c = getopt(argc, argv, "da:s:v")) != EOF) data/w1retap-1.4.4/src/libusblinux300/ds192x.c:320:16: [3] (buffer) getopt: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while((c = getopt(argc, argv, "1:3:k")) != EOF) data/w1retap-1.4.4/src/libusblinux300/hbhttest.c:91:16: [3] (buffer) getopt: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while((c = getopt(argc, argv, "amc:s:p:h?")) != EOF) data/w1retap-1.4.4/src/libusblinux300/hbuvtest.c:94:16: [3] (buffer) getopt: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while((c = getopt(argc, argv, "amc:s:p:h?")) != EOF) data/w1retap-1.4.4/src/libusblinux300/humid.c:70:8: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. if(getenv("TEST_SHT11")) data/w1retap-1.4.4/src/libusblinux300/jibmodpw.c:82:4: [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. srand((unsigned)time(NULL)); data/w1retap-1.4.4/src/libusblinux300/lcdtest.c:60:15: [3] (buffer) getopt: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while((c = getopt(argc, argv, "amc:s:1:2:")) != EOF) data/w1retap-1.4.4/src/libusblinux300/ps_check.c:54:11: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. int random; data/w1retap-1.4.4/src/libusblinux300/ps_check.c:125:23: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. while((random < 0) || (random > 3)); data/w1retap-1.4.4/src/libusblinux300/ps_check.c:125:39: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. while((random < 0) || (random > 3)); data/w1retap-1.4.4/src/libusblinux300/ps_check.c:127:51: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. if(CheckPS(portnum,&AllSN[0][0],MT,random,data)) data/w1retap-1.4.4/src/libusblinux300/ps_check.c:177:61: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. random = CheckPS(portnum,&AllSN[0][0],falsMT,random,data); data/w1retap-1.4.4/src/libusblinux300/setds2409.c:29:16: [3] (buffer) getopt: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while((c = getopt(argc, argv, "ams:")) != EOF) data/w1retap-1.4.4/src/libusblinux300/shadbtvm.c:974:4: [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. srand( ((unsigned int)time(NULL)) ^ data/w1retap-1.4.4/src/libusblinux300/sht11_humid.c:65:21: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. int verbose = !!getenv("SHT11_VERBOSE"); data/w1retap-1.4.4/src/libusblinux300/temptest.c:61:15: [3] (buffer) getopt: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while((c = getopt(argc, argv, "amc:s:")) != EOF) data/w1retap-1.4.4/src/pgsql/w1pgsql.c:476:13: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. if((p = getenv("W1RCFILE"))) data/w1retap-1.4.4/src/sqlite/w1sqlite.c:436:13: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. if((p = getenv("W1RCFILE"))) data/w1retap-1.4.4/src/w1retap.c:489:13: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. if((p = getenv("W1RCFILE"))) data/w1retap-1.4.4/src/w1util.c:36:34: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. if(NULL != f && NULL != (p = getenv("HOME"))) data/w1retap-1.4.4/contrib/applets/archserv0:/w1temp.c:552:13: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). _tmp25_ = atoi (_tmp24_); data/w1retap-1.4.4/contrib/applets/archserv0:/w1temp.c:851:11: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). _tmp2_ = fopen (_tmp1_, "a"); data/w1retap-1.4.4/contrib/applets/w1temp-gnome2/w1temp.c:552:13: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). _tmp25_ = atoi (_tmp24_); data/w1retap-1.4.4/contrib/applets/w1temp-gnome2/w1temp.c:851:11: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). _tmp2_ = fopen (_tmp1_, "a"); data/w1retap-1.4.4/contrib/applets/w1temp-gnome3/src/w1temp.c:57:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char lbl[256]; data/w1retap-1.4.4/contrib/applets/w1temp-gnome3/src/w1temp.c:225:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fbuf[1024]; data/w1retap-1.4.4/contrib/applets/w1temp-gnome3/src/w1temp.c:226:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/w1retap-1.4.4/contrib/applets/w1temp-gnome3/src/w1temp.c:228:9: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(fbuf,"/.config/w1retap/applet"); data/w1retap-1.4.4/contrib/applets/w1temp-gnome3/src/w1temp.c:229:18: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if((fp = fopen(fbuf, "r"))) data/w1retap-1.4.4/contrib/applets/w1temp-gnome3/w1temp-0.0.5/src/w1temp.c:57:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char lbl[256]; data/w1retap-1.4.4/contrib/applets/w1temp-gnome3/w1temp-0.0.5/src/w1temp.c:225:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fbuf[1024]; data/w1retap-1.4.4/contrib/applets/w1temp-gnome3/w1temp-0.0.5/src/w1temp.c:226:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/w1retap-1.4.4/contrib/applets/w1temp-gnome3/w1temp-0.0.5/src/w1temp.c:228:9: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(fbuf,"/.config/w1retap/applet"); data/w1retap-1.4.4/contrib/applets/w1temp-gnome3/w1temp-0.0.5/src/w1temp.c:229:18: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if((fp = fopen(fbuf, "r"))) data/w1retap-1.4.4/contrib/sun_moon/sun_moon/sun_moon.c:92:17: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = (fn) ? fopen(fn,"w") : stdout; data/w1retap-1.4.4/src/libusblinux300/atod20.c:69:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(msg, "All channels set to 5.12V range at 8 bits"); data/w1retap-1.4.4/src/libusblinux300/atodtst.c:53:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[45]; data/w1retap-1.4.4/src/libusblinux300/braybaro.c:97:22: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). alt = atoi(optarg); data/w1retap-1.4.4/src/libusblinux300/coupler.c:53:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char out[240]; //used for output of the info data data/w1retap-1.4.4/src/libusblinux300/fish.c:92:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[132]; data/w1retap-1.4.4/src/libusblinux300/fish.c:93:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dirname[64]; data/w1retap-1.4.4/src/libusblinux300/fish.c:94:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char answer[4]; data/w1retap-1.4.4/src/libusblinux300/fish.c:95:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char num[4]; data/w1retap-1.4.4/src/libusblinux300/fish.c:105:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(msg,"1-Wire Net name required on command line!\n" data/w1retap-1.4.4/src/libusblinux300/fish.c:216:39: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). file.Ext = atoi(&num[0]); data/w1retap-1.4.4/src/libusblinux300/fish.c:297:39: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). file.Ext = atoi(&num[0]); data/w1retap-1.4.4/src/libusblinux300/fish.c:388:39: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). file.Ext = atoi(&num[0]); data/w1retap-1.4.4/src/libusblinux300/fish.c:493:39: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). file.Ext = atoi(&num[0]); data/w1retap-1.4.4/src/libusblinux300/fish.c:597:39: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). file.Ext = atoi(&num[0]); data/w1retap-1.4.4/src/libusblinux300/fish.c:733:39: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). file.Ext = atoi(&num[0]); data/w1retap-1.4.4/src/libusblinux300/fish.c:836:39: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). file.Ext = atoi(&num[0]); data/w1retap-1.4.4/src/libusblinux300/fish.c:933:39: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). file.Ext = atoi(&num[0]); data/w1retap-1.4.4/src/libusblinux300/fish.c:1029:39: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). file.Ext = atoi(&num[0]); data/w1retap-1.4.4/src/libusblinux300/fish.c:1100:39: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). file.Ext = atoi(&num[0]); data/w1retap-1.4.4/src/libusblinux300/fish.c:1171:39: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). file.Ext = atoi(&num[0]); data/w1retap-1.4.4/src/libusblinux300/fish.c:1308:39: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). file.Ext = atoi(&num[0]); data/w1retap-1.4.4/src/libusblinux300/gethumd.c:46:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[200]; data/w1retap-1.4.4/src/libusblinux300/gethumd.c:57:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(msg,"1-Wire Net name required on command line!\n" data/w1retap-1.4.4/src/libusblinux300/hbht.h:17:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char version[2]; data/w1retap-1.4.4/src/libusblinux300/hbuv.c:144:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tchar[2]; data/w1retap-1.4.4/src/libusblinux300/hbuv.h:23:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char version[2]; data/w1retap-1.4.4/src/libusblinux300/humalog.c:66:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[256]; data/w1retap-1.4.4/src/libusblinux300/humalog.c:75:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(msg,"1-Wire Net name required on command line!\n" data/w1retap-1.4.4/src/libusblinux300/humid.c:20:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char c,buf[33]; data/w1retap-1.4.4/src/libusblinux300/humutil.c:909:17: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fidTemp = fopen("temp.log","a+"); data/w1retap-1.4.4/src/libusblinux300/humutil.c:950:17: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fidData = fopen("data.log","a+"); data/w1retap-1.4.4/src/libusblinux300/ibsha33.h:99:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char file_name[4]; // file name of account data/w1retap-1.4.4/src/libusblinux300/ibsha33.h:105:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char user_data[29]; // fixed user data data/w1retap-1.4.4/src/libusblinux300/ibsha33.h:113:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char StepDescription[50]; data/w1retap-1.4.4/src/libusblinux300/ibsha33.h:129:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char user_data[255]; // user information buffer data/w1retap-1.4.4/src/libusblinux300/ibshaut.c:59:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[512]; data/w1retap-1.4.4/src/libusblinux300/ibshaut.c:96:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char temp[255]; data/w1retap-1.4.4/src/libusblinux300/ibshaut.c:106:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(sp_name,"DLSM"); data/w1retap-1.4.4/src/libusblinux300/ibshaut.c:122:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(temp,"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"); data/w1retap-1.4.4/src/libusblinux300/ibshaut.c:137:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. cnt = sprintf(temp,"Service provider AUTHENTICATE secret entered (hex):\n "); data/w1retap-1.4.4/src/libusblinux300/ibshaut.c:139:17: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. cnt += sprintf(temp + cnt,"%02X",auth_secret[i]); data/w1retap-1.4.4/src/libusblinux300/ibshaut.c:147:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(temp,"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"); data/w1retap-1.4.4/src/libusblinux300/ibshaut.c:162:16: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. cnt = sprintf(temp,"Service provider MONEY secret entered (hex):\n "); data/w1retap-1.4.4/src/libusblinux300/ibshaut.c:164:20: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. cnt += sprintf(temp + cnt,"%02X",money_secret[i]); data/w1retap-1.4.4/src/libusblinux300/ibshaut.c:179:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char temp[255]; data/w1retap-1.4.4/src/libusblinux300/ibshaut.c:210:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(temp,"Starting balance: $%ld US\n",*money); data/w1retap-1.4.4/src/libusblinux300/initcopr.c:62:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[200]; data/w1retap-1.4.4/src/libusblinux300/initcopr.c:118:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen(argv[filenum],"wb"); data/w1retap-1.4.4/src/libusblinux300/initcopr.c:135:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf((char *)(&ts.copr_file[0]),"COPR"); data/w1retap-1.4.4/src/libusblinux300/initcopr.c:165:16: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. cnt = sprintf(msg,"** SHA iButton found: "); data/w1retap-1.4.4/src/libusblinux300/initcopr.c:167:20: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. cnt += sprintf(msg + cnt,"%02X",ts.copr_rom[i]); data/w1retap-1.4.4/src/libusblinux300/initrov.c:73:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[300]; data/w1retap-1.4.4/src/libusblinux300/initrov.c:131:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen(argv[filenum],"wb"); data/w1retap-1.4.4/src/libusblinux300/initrov.c:143:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf((char *)(&ts.copr_file[0]),"COPR"); data/w1retap-1.4.4/src/libusblinux300/initrov.c:147:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. cnt = sprintf(msg,"** Co-processor SHA iButton found: "); data/w1retap-1.4.4/src/libusblinux300/initrov.c:149:17: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. cnt += sprintf(msg + cnt,"%02X",ts.copr_rom[i]); data/w1retap-1.4.4/src/libusblinux300/initrov.c:150:14: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. cnt += sprintf(msg + cnt,"\n** Provider file: "); data/w1retap-1.4.4/src/libusblinux300/initrov.c:152:17: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. cnt += sprintf(msg + cnt,"%c",ts.provider[i]); data/w1retap-1.4.4/src/libusblinux300/initrov.c:153:14: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. cnt += sprintf(msg + cnt,".%d\n",ts.provider[4]); data/w1retap-1.4.4/src/libusblinux300/initrov.c:154:14: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. cnt += sprintf(msg + cnt,"** Money master secret page: %d\n",ts.c_mmaster_scrt); data/w1retap-1.4.4/src/libusblinux300/initrov.c:155:14: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. cnt += sprintf(msg + cnt,"** Auth master secret page: %d\n",ts.c_amaster_scrt); data/w1retap-1.4.4/src/libusblinux300/initrov.c:156:14: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. cnt += sprintf(msg + cnt,"** Unique device (calculated) secret page: %d\n",ts.c_udevice_scrt); data/w1retap-1.4.4/src/libusblinux300/initrov.c:172:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf((char*)rov_information,"no info"); data/w1retap-1.4.4/src/libusblinux300/initrov.c:233:17: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. cnt += sprintf(msg + cnt,"Aborted entering the roving settings, end program\n"); data/w1retap-1.4.4/src/libusblinux300/initrov.c:245:17: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. cnt += sprintf(msg + cnt,"** 1-Wire port for roving selected\n"); data/w1retap-1.4.4/src/libusblinux300/initrov.c:248:17: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. cnt += sprintf(msg + cnt,"ERROR, Could not select co-processor 1-Wire\n"); data/w1retap-1.4.4/src/libusblinux300/initrov.c:258:17: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. cnt += sprintf(msg + cnt,"** SHA iButton found: "); data/w1retap-1.4.4/src/libusblinux300/initrov.c:260:20: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. cnt += sprintf(msg + cnt,"%02X",ts->rov_rom[i]); data/w1retap-1.4.4/src/libusblinux300/initrov.c:269:17: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. cnt += sprintf(msg + cnt,"ERROR, Could not find a SHA iButton\n"); data/w1retap-1.4.4/src/libusblinux300/initrov.c:276:17: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. cnt += sprintf(msg + cnt,"** Uniqued device secret created\n"); data/w1retap-1.4.4/src/libusblinux300/initrov.c:279:17: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. cnt += sprintf(msg + cnt,"ERROR, Could not create authorization secret\n"); data/w1retap-1.4.4/src/libusblinux300/initrov.c:286:17: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. cnt += sprintf(msg + cnt,"** Roving info file created\n"); data/w1retap-1.4.4/src/libusblinux300/initrov.c:289:17: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. cnt += sprintf(msg + cnt,"ERROR, Could not write roving info file\n"); data/w1retap-1.4.4/src/libusblinux300/initrov.c:297:17: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. cnt += sprintf(msg + cnt,"** Money page read to get counter\n"); data/w1retap-1.4.4/src/libusblinux300/initrov.c:314:17: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. cnt += sprintf(msg + cnt,"ERROR, could not read auth money page\n" data/w1retap-1.4.4/src/libusblinux300/initrov.c:322:17: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. cnt += sprintf(msg + cnt,"** Money written\n"); data/w1retap-1.4.4/src/libusblinux300/initrov.c:325:17: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. cnt += sprintf(msg + cnt,"ERROR, Could not write money\n"); data/w1retap-1.4.4/src/libusblinux300/initrov.c:332:17: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. cnt += sprintf(msg + cnt,"** Money page authenticate read\n"); data/w1retap-1.4.4/src/libusblinux300/initrov.c:335:17: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. cnt += sprintf(msg + cnt,"ERROR, could not read auth money page\n" data/w1retap-1.4.4/src/libusblinux300/initrov.c:343:17: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. cnt += sprintf(msg + cnt,"** Money contents verified\n"); data/w1retap-1.4.4/src/libusblinux300/initrov.c:346:17: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. cnt += sprintf(msg + cnt,"ERROR, could not verify money\n"); data/w1retap-1.4.4/src/libusblinux300/ioutil.c:67:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ch,defbuf[80]; data/w1retap-1.4.4/src/libusblinux300/ioutil.c:381:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char hexchar[3]; data/w1retap-1.4.4/src/libusblinux300/jib96.c:107:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(g_CmdPacket.CmdData, data/w1retap-1.4.4/src/libusblinux300/jib96.c:120:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(g_CmdPacket.CmdData + g_CmdPacket.Len - 3, // CmdData is 3 bytes into structure data/w1retap-1.4.4/src/libusblinux300/jib96.c:179:8: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&g_MasterPIN,p_lpMasterPIN,sizeof(JIBMASTERPIN)); data/w1retap-1.4.4/src/libusblinux300/jib96.c:352:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(l_Data,(uchar*)&g_MasterPIN,g_MasterPIN.Len+1); data/w1retap-1.4.4/src/libusblinux300/jib96.c:402:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(l_Data,(uchar*)&g_MasterPIN,g_MasterPIN.Len+1); data/w1retap-1.4.4/src/libusblinux300/jib96.c:453:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(l_Data,(uchar*)&g_MasterPIN,g_MasterPIN.Len+1); data/w1retap-1.4.4/src/libusblinux300/jib96.c:504:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(l_Data,(uchar*)&g_MasterPIN,g_MasterPIN.Len+1); data/w1retap-1.4.4/src/libusblinux300/jib96.c:549:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(l_Data,(uchar*)&g_MasterPIN,g_MasterPIN.Len+1); data/w1retap-1.4.4/src/libusblinux300/jib96.c:600:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(l_Data,(uchar*)&g_MasterPIN,g_MasterPIN.Len+1); data/w1retap-1.4.4/src/libusblinux300/jib96.c:655:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(l_Data,(uchar*)&g_MasterPIN,g_MasterPIN.Len+1); data/w1retap-1.4.4/src/libusblinux300/jib96.c:706:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(l_Data,(uchar*)&g_MasterPIN,g_MasterPIN.Len+1); data/w1retap-1.4.4/src/libusblinux300/jib96.c:778:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(l_Data,(uchar*)&g_MasterPIN,g_MasterPIN.Len+1); data/w1retap-1.4.4/src/libusblinux300/jib96.c:893:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(l_Offset,l_lpResponseAPDU->Data,120); data/w1retap-1.4.4/src/libusblinux300/jib96.c:908:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(l_Offset,l_lpResponseAPDU->Data,l_NumBytes); data/w1retap-1.4.4/src/libusblinux300/jib96.c:909:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(l_lpResponseAPDU->Data,l_RecvData,p_NumBytes); data/w1retap-1.4.4/src/libusblinux300/jib96.c:956:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(l_Buff,l_lpResponseAPDU->Data,0x12); data/w1retap-1.4.4/src/libusblinux300/jib96.c:958:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(l_lpResponseAPDU->Data+1,l_Buff+2,0x10); data/w1retap-1.4.4/src/libusblinux300/jib96.c:1077:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(l_Data,(uchar*)&g_MasterPIN,g_MasterPIN.Len+1); data/w1retap-1.4.4/src/libusblinux300/jib96.c:1128:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(l_Data,(uchar*)&g_MasterPIN,g_MasterPIN.Len+1); data/w1retap-1.4.4/src/libusblinux300/jib96.c:1130:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(l_Data+g_MasterPIN.Len+1,p_lpNewMasterPin,p_lpNewMasterPin->Len+1); data/w1retap-1.4.4/src/libusblinux300/jib96.c:1180:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(l_Data,(uchar*)&g_MasterPIN,g_MasterPIN.Len+1); data/w1retap-1.4.4/src/libusblinux300/jib96.c:1205:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(l_Data,(uchar*)&g_MasterPIN,g_MasterPIN.Len+1); data/w1retap-1.4.4/src/libusblinux300/jib96.c:1206:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(l_Data+g_MasterPIN.Len+1,p_lpAID,p_lpAID->Len+1); data/w1retap-1.4.4/src/libusblinux300/jib96.c:1250:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(l_lpOffset,(uchar*)&g_MasterPIN,sizeof(g_MasterPIN)); data/w1retap-1.4.4/src/libusblinux300/jib96.c:1255:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(l_lpOffset,(uchar*)p_lpAID,p_lpAID->Len+1); data/w1retap-1.4.4/src/libusblinux300/jib96.c:1261:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(l_lpOffset,p_lpAppletBuffer,p_AppletLen); data/w1retap-1.4.4/src/libusblinux300/jib96o.c:1069:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(StreamBuff,&FB,sizeof(FB)); data/w1retap-1.4.4/src/libusblinux300/jib96o.c:1282:12: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(mp, TempArray+3,size-3); data/w1retap-1.4.4/src/libusblinux300/jibload.c:156:19: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if(!(l_InFile = fopen(p_FileName,"r+b"))) data/w1retap-1.4.4/src/libusblinux300/jibload.c:230:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(l_CurrentAID.Data, filename, l_CurrentAID.Len); data/w1retap-1.4.4/src/libusblinux300/jibmodpw.c:163:10: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(l_RefBuffer,l_lpResponseAPDU->Data+1,l_lpResponseAPDU->Len-1); data/w1retap-1.4.4/src/libusblinux300/jibmodpw.c:220:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(l_RefBuffer,l_lpResponseAPDU->Data,l_lpResponseAPDU->Len); data/w1retap-1.4.4/src/libusblinux300/jibtest.c:105:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char l_Buff[256]; data/w1retap-1.4.4/src/libusblinux300/jibtest.c:141:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(l_Buff,l_lpResponseAPDU->Data,l_lpResponseAPDU->Len); data/w1retap-1.4.4/src/libusblinux300/jibtest.c:142:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(l_lpResponseAPDU->Data,l_Buff+1,--(l_lpResponseAPDU->Len)); data/w1retap-1.4.4/src/libusblinux300/jibtest.c:342:16: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(l_Buff,l_lpResponseAPDU->Data+1,(int)l_lpResponseAPDU->Data[0]); data/w1retap-1.4.4/src/libusblinux300/jibtest.c:373:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(l_Buff, data/w1retap-1.4.4/src/libusblinux300/libusbses.c:93:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tempStr[4]; data/w1retap-1.4.4/src/libusblinux300/libusbses.c:126:22: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). portnumfromstring = atoi(&tempStr[0]); data/w1retap-1.4.4/src/libusblinux300/linuxlnk.c:176:18: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd[portnum] = open(port_zstr, O_RDWR|O_NONBLOCK); data/w1retap-1.4.4/src/libusblinux300/memutil.c:105:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[132]; data/w1retap-1.4.4/src/libusblinux300/memutil.c:111:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(msg,"1-Wire Net name required on command line!\n" data/w1retap-1.4.4/src/libusblinux300/owerr.c:168:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char *owErrorMsg[123] = data/w1retap-1.4.4/src/libusblinux300/owfile.h:77:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char Entries[10][4]; // sub-directory entry names data/w1retap-1.4.4/src/libusblinux300/pressure.c:61:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char SW1[20], SW2[20], SW3[20], SW4[20]; data/w1retap-1.4.4/src/libusblinux300/pressure.c:283:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char StringBuffer[64]; data/w1retap-1.4.4/src/libusblinux300/pressure.c:340:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char Lect[30]; data/w1retap-1.4.4/src/libusblinux300/pressure.c:392:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char SW11[20] = "0", SW22[20] = "0", SW33[20] = "0", SW44[20] = "0"; data/w1retap-1.4.4/src/libusblinux300/pressure.c:514:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(fe.Name, "8570", 4) ; data/w1retap-1.4.4/src/libusblinux300/screenio.c:63:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char linebuf[256]; data/w1retap-1.4.4/src/libusblinux300/sha18.c:169:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(data, &send_block[4+resume], 32); data/w1retap-1.4.4/src/libusblinux300/sha18.c:452:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(data, &send_block[send_cnt-32], 32); data/w1retap-1.4.4/src/libusblinux300/sha18.c:544:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(data, &send_block[send_cnt-42-num_verf], 32); data/w1retap-1.4.4/src/libusblinux300/sha18.c:555:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(sign, &send_block[8], 20); data/w1retap-1.4.4/src/libusblinux300/sha18.c:830:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(data, &secret[offset], (bytes_left<32?bytes_left:32)); data/w1retap-1.4.4/src/libusblinux300/sha18.c:833:10: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&scratchpad[8], &secret[offset+32], data/w1retap-1.4.4/src/libusblinux300/sha18.c:889:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&scratchpad[8], bindCode, 15); data/w1retap-1.4.4/src/libusblinux300/sha33.c:105:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(data, &send_block[4+resume], 8); data/w1retap-1.4.4/src/libusblinux300/sha33.c:355:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(data, &send_block[send_cnt-35], 32); data/w1retap-1.4.4/src/libusblinux300/sha33.c:380:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(sign, send_block, 20); data/w1retap-1.4.4/src/libusblinux300/sha33.c:435:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(data, &send_block[send_cnt-32], 32); data/w1retap-1.4.4/src/libusblinux300/sha33.c:716:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(data, &input_secret[offset], (bytes_left<32?bytes_left:32)); data/w1retap-1.4.4/src/libusblinux300/sha33.c:719:10: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&scratchpad[8], &input_secret[offset+32], data/w1retap-1.4.4/src/libusblinux300/sha33.c:726:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(MT,currentSecret,4); data/w1retap-1.4.4/src/libusblinux300/sha33.c:728:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&MT[4],data,32); data/w1retap-1.4.4/src/libusblinux300/sha33.c:730:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&MT[36],&scratchpad[8],15); data/w1retap-1.4.4/src/libusblinux300/sha33.c:734:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&MT[48],¤tSecret[4],4); data/w1retap-1.4.4/src/libusblinux300/sha33.c:739:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(currentSecret, MAC, 8); data/w1retap-1.4.4/src/libusblinux300/sha33.c:748:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(local_secret, currentSecret, 8); data/w1retap-1.4.4/src/libusblinux300/sha33.c:774:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(MT,currentSecret,4); data/w1retap-1.4.4/src/libusblinux300/sha33.c:776:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&MT[4],bindData,32); data/w1retap-1.4.4/src/libusblinux300/sha33.c:778:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&MT[40],&bindCode[4],8); data/w1retap-1.4.4/src/libusblinux300/sha33.c:782:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&MT[48],¤tSecret[4],4); data/w1retap-1.4.4/src/libusblinux300/sha33.c:787:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(currentSecret, MAC, 8); data/w1retap-1.4.4/src/libusblinux300/sha33.c:791:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(local_secret, currentSecret, 8); data/w1retap-1.4.4/src/libusblinux300/sha_chck.c:81:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(copr.serviceFilename, "DLSM", 4); data/w1retap-1.4.4/src/libusblinux300/sha_chck.c:87:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(copr.bindCode, "bindcde", 7); data/w1retap-1.4.4/src/libusblinux300/sha_chck.c:90:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&copr.bindData[i*4], "bind", 4); data/w1retap-1.4.4/src/libusblinux300/sha_chck.c:116:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(fe.Name, "DLSM", 4); data/w1retap-1.4.4/src/libusblinux300/sha_init.c:84:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(copr.serviceFilename, "DLSM", 4); data/w1retap-1.4.4/src/libusblinux300/sha_init.c:90:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(copr.bindCode, "bindcde", 7); data/w1retap-1.4.4/src/libusblinux300/sha_init.c:93:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&copr.bindData[i*4], "bind", 4); data/w1retap-1.4.4/src/libusblinux300/sha_init.c:197:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(fe.Name, copr->serviceFilename, 4); data/w1retap-1.4.4/src/libusblinux300/sha_init.c:254:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(fullBindCode, copr->bindCode, 4); data/w1retap-1.4.4/src/libusblinux300/sha_init.c:258:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&fullBindCode[5], user->devAN, 7); data/w1retap-1.4.4/src/libusblinux300/sha_init.c:260:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&fullBindCode[12], &(copr->bindCode[4]), 3); data/w1retap-1.4.4/src/libusblinux300/sha_init.c:320:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&user->accountFile[2], copr->initSignature, 20); data/w1retap-1.4.4/src/libusblinux300/sha_init.c:342:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&scratchpad[13], user->devAN, 7); data/w1retap-1.4.4/src/libusblinux300/sha_init.c:344:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&scratchpad[20], copr->signChlg, 3); data/w1retap-1.4.4/src/libusblinux300/shaapp.c:60:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[200]; data/w1retap-1.4.4/src/libusblinux300/shaapp.c:71:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char hexstr[32]; data/w1retap-1.4.4/src/libusblinux300/shaapp.c:76:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(msg,"1-Wire Net name required on command line!\n" data/w1retap-1.4.4/src/libusblinux300/shacopr.c:56:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char test[2] = {'y',0}; data/w1retap-1.4.4/src/libusblinux300/shacopr.c:153:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(copr.providerName, coprFile, namelen); data/w1retap-1.4.4/src/libusblinux300/shacopr.c:161:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(copr.auxilliaryData , coprFile, auxlen); data/w1retap-1.4.4/src/libusblinux300/shacopr.c:218:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(coprFile, copr.serviceFilename, 5); data/w1retap-1.4.4/src/libusblinux300/shacopr.c:223:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&coprFile[13], copr.bindData, 32); data/w1retap-1.4.4/src/libusblinux300/shacopr.c:224:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&coprFile[45], copr.bindCode, 7); data/w1retap-1.4.4/src/libusblinux300/shacopr.c:225:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&coprFile[52], copr.signChlg, 3); data/w1retap-1.4.4/src/libusblinux300/shacopr.c:229:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&coprFile[58], copr.providerName, namelen ); data/w1retap-1.4.4/src/libusblinux300/shacopr.c:230:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&coprFile[58+namelen], copr.initSignature, 20 ); data/w1retap-1.4.4/src/libusblinux300/shacopr.c:231:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&coprFile[78+namelen], copr.auxilliaryData, auxlen ); data/w1retap-1.4.4/src/libusblinux300/shacopr.c:237:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen(SHACoprFilename, "wb"); data/w1retap-1.4.4/src/libusblinux300/shacopr.c:312:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(*secret, inputBuffer, lvalue); data/w1retap-1.4.4/src/libusblinux300/shadbtvm.c:97:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(fe.Name, copr->serviceFilename, 4); data/w1retap-1.4.4/src/libusblinux300/shadbtvm.c:154:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(fullBindCode, copr->bindCode, 4); data/w1retap-1.4.4/src/libusblinux300/shadbtvm.c:158:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&fullBindCode[5], user->devAN, 7); data/w1retap-1.4.4/src/libusblinux300/shadbtvm.c:160:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&fullBindCode[12], &(copr->bindCode[4]), 3); data/w1retap-1.4.4/src/libusblinux300/shadbtvm.c:256:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(accountFile->signature, copr->initSignature, 20); data/w1retap-1.4.4/src/libusblinux300/shadbtvm.c:276:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&scratchpad[13], user->devAN, 7); data/w1retap-1.4.4/src/libusblinux300/shadbtvm.c:278:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&scratchpad[20], copr->signChlg, 3); data/w1retap-1.4.4/src/libusblinux300/shadbtvm.c:551:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&scratchpad[13], user->devAN, 7); data/w1retap-1.4.4/src/libusblinux300/shadbtvm.c:553:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&scratchpad[20], copr->signChlg, 3); data/w1retap-1.4.4/src/libusblinux300/shadbtvm.c:556:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((uchar*)&acctFile, user->accountFile, 32); data/w1retap-1.4.4/src/libusblinux300/shadbtvm.c:559:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(acctFile.signature, copr->initSignature, 20); data/w1retap-1.4.4/src/libusblinux300/shadbtvm.c:592:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(oldAcctData, user->accountFile, 32); data/w1retap-1.4.4/src/libusblinux300/shadbtvm.c:649:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(newAcctData, user->accountFile, 32); data/w1retap-1.4.4/src/libusblinux300/shadbtvm.c:677:16: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(newAcctData, user->accountFile, 32); data/w1retap-1.4.4/src/libusblinux300/shadbtvm.c:726:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(fullBindCode, copr->bindCode, 4); data/w1retap-1.4.4/src/libusblinux300/shadbtvm.c:727:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&fullBindCode[12], &(copr->bindCode[4]), 3); data/w1retap-1.4.4/src/libusblinux300/shadbtvm.c:748:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&fullBindCode[5], user->devAN, 7); data/w1retap-1.4.4/src/libusblinux300/shadbtvm.c:751:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&scratchpad[12], &fullBindCode[4], 8); data/w1retap-1.4.4/src/libusblinux300/shadbtvm.c:753:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&scratchpad[20], chlg, 3); data/w1retap-1.4.4/src/libusblinux300/shadbtvm.c:759:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&temp_buf[8],fullBindCode,15); data/w1retap-1.4.4/src/libusblinux300/shadbtvm.c:771:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(wspc_secret, temp_buf, 8); data/w1retap-1.4.4/src/libusblinux300/shadbtvm.c:815:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(digestBuff,secret,4); data/w1retap-1.4.4/src/libusblinux300/shadbtvm.c:816:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&digestBuff[4],data,32); data/w1retap-1.4.4/src/libusblinux300/shadbtvm.c:817:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&digestBuff[36],&scratchpad[8],12); data/w1retap-1.4.4/src/libusblinux300/shadbtvm.c:818:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&digestBuff[48],&secret[4],4); data/w1retap-1.4.4/src/libusblinux300/shadbtvm.c:819:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&digestBuff[52],&scratchpad[20],3); data/w1retap-1.4.4/src/libusblinux300/shadbtvm.c:893:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(data, &secret[offset], (bytes_left<32?bytes_left:32)); data/w1retap-1.4.4/src/libusblinux300/shadbtvm.c:896:10: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&scratchpad[8], &secret[offset+32], data/w1retap-1.4.4/src/libusblinux300/shadbtvm.c:915:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dst_secret, scratchpad, 8); data/w1retap-1.4.4/src/libusblinux300/shadbtvm.c:999:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char test[2] = { 'y', 0 }; data/w1retap-1.4.4/src/libusblinux300/shadbtvm.c:1009:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen(SHACoprFilename, "rb"); data/w1retap-1.4.4/src/libusblinux300/shadbtvm.c:1027:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(signSecret, &buffer[index+1], signlen); data/w1retap-1.4.4/src/libusblinux300/shadbtvm.c:1033:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(authSecret, &buffer[index+1], authlen); data/w1retap-1.4.4/src/libusblinux300/shadbtvm.c:1091:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(*secret, inputBuffer, lvalue); data/w1retap-1.4.4/src/libusblinux300/shadbtvm.c:1129:10: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(data, pageContents, 28); data/w1retap-1.4.4/src/libusblinux300/shadbtvm.c:1130:10: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&data[28], &user->accountFile[i], 4); data/w1retap-1.4.4/src/libusblinux300/shadbtvm.c:1131:10: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&scratchpad[8], &user->accountFile[i+4], 4); data/w1retap-1.4.4/src/libusblinux300/shadbtvm.c:1133:10: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&scratchpad[13], user->devAN, 7); data/w1retap-1.4.4/src/libusblinux300/shadbtvm.c:1148:10: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&pageContents[i], &user->accountFile[i], 8); data/w1retap-1.4.4/src/libusblinux300/shadebit.c:88:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(fe.Name, copr->serviceFilename, 4); data/w1retap-1.4.4/src/libusblinux300/shadebit.c:145:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(fullBindCode, copr->bindCode, 4); data/w1retap-1.4.4/src/libusblinux300/shadebit.c:149:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&fullBindCode[5], user->devAN, 7); data/w1retap-1.4.4/src/libusblinux300/shadebit.c:151:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&fullBindCode[12], &(copr->bindCode[4]), 3); data/w1retap-1.4.4/src/libusblinux300/shadebit.c:247:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(accountFile->signature, copr->initSignature, 20); data/w1retap-1.4.4/src/libusblinux300/shadebit.c:267:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&scratchpad[13], user->devAN, 7); data/w1retap-1.4.4/src/libusblinux300/shadebit.c:269:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&scratchpad[20], copr->signChlg, 3); data/w1retap-1.4.4/src/libusblinux300/shadebit.c:404:10: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(data, pageContents, 28); data/w1retap-1.4.4/src/libusblinux300/shadebit.c:405:10: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&data[28], &user->accountFile[i], 4); data/w1retap-1.4.4/src/libusblinux300/shadebit.c:406:10: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&scratchpad[8], &user->accountFile[i+4], 4); data/w1retap-1.4.4/src/libusblinux300/shadebit.c:408:10: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&scratchpad[13], user->devAN, 7); data/w1retap-1.4.4/src/libusblinux300/shadebit.c:428:10: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&pageContents[i], &user->accountFile[i], 8); data/w1retap-1.4.4/src/libusblinux300/shadebit.c:597:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&scratchpad[13], user->devAN, 7); data/w1retap-1.4.4/src/libusblinux300/shadebit.c:599:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&scratchpad[20], copr->signChlg, 3); data/w1retap-1.4.4/src/libusblinux300/shadebit.c:602:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((uchar*)&acctFile, user->accountFile, 32); data/w1retap-1.4.4/src/libusblinux300/shadebit.c:605:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(acctFile.signature, copr->initSignature, 20); data/w1retap-1.4.4/src/libusblinux300/shadebit.c:638:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(oldAcctData, user->accountFile, 32); data/w1retap-1.4.4/src/libusblinux300/shadebit.c:695:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(newAcctData, user->accountFile, 32); data/w1retap-1.4.4/src/libusblinux300/shadebit.c:723:16: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(newAcctData, user->accountFile, 32); data/w1retap-1.4.4/src/libusblinux300/shademo.c:114:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(fe.Name, copr.serviceFilename, 4); data/w1retap-1.4.4/src/libusblinux300/shaib.c:100:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(copr->serviceFilename, raw, 5); data/w1retap-1.4.4/src/libusblinux300/shaib.c:112:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(copr->bindData, &raw[13], 32); data/w1retap-1.4.4/src/libusblinux300/shaib.c:113:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(copr->bindCode, &raw[45], 7); data/w1retap-1.4.4/src/libusblinux300/shaib.c:114:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(copr->signChlg, &raw[52], 3); data/w1retap-1.4.4/src/libusblinux300/shaib.c:122:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(copr->providerName, &raw[58], namelen); data/w1retap-1.4.4/src/libusblinux300/shaib.c:126:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(copr->initSignature, &raw[58+namelen], data/w1retap-1.4.4/src/libusblinux300/shaib.c:131:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(copr->auxilliaryData, data/w1retap-1.4.4/src/libusblinux300/shaib.c:284:10: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ListOfKnownSHA[portnum&0x0FF], tempList, MAX_SHA_IBUTTONS); data/w1retap-1.4.4/src/libusblinux300/shaib.c:289:10: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(listBuffer[portnum&0x0FF], tempList, MAX_SHA_IBUTTONS); data/w1retap-1.4.4/src/libusblinux300/shaib.c:320:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[255]; data/w1retap-1.4.4/src/libusblinux300/shaib.c:323:14: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. mcnt = sprintf(msg,"\n Device select "); data/w1retap-1.4.4/src/libusblinux300/shaib.c:325:18: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. mcnt += sprintf(msg + mcnt, "%02X",ROM[i]); data/w1retap-1.4.4/src/libusblinux300/shaib.c:408:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(chlg,&scratchpad[start],3); data/w1retap-1.4.4/src/libusblinux300/shaib.c:428:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&user->accountFile[20], chlg, 3); data/w1retap-1.4.4/src/libusblinux300/shaib.c:498:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(fullBindCode, copr->bindCode, 4); data/w1retap-1.4.4/src/libusblinux300/shaib.c:499:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&fullBindCode[12], &(copr->bindCode[4]), 3); data/w1retap-1.4.4/src/libusblinux300/shaib.c:523:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&fullBindCode[5], user->devAN, 7); data/w1retap-1.4.4/src/libusblinux300/shaib.c:526:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&scratchpad[12], &fullBindCode[4], 8); data/w1retap-1.4.4/src/libusblinux300/shaib.c:528:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&scratchpad[20], chlg, 3); data/w1retap-1.4.4/src/libusblinux300/shaib.c:624:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(signature, &scratchpad[8], 20); data/w1retap-1.4.4/src/libusblinux300/sharov.c:27:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char test[2] = {'y',0}; data/w1retap-1.4.4/src/libusblinux300/sharov.c:137:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(*secret, inputBuffer, lvalue); data/w1retap-1.4.4/src/libusblinux300/sht11_humid.c:41:30: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static int checkcrc(unsigned char *blk,unsigned char crcs[2]) data/w1retap-1.4.4/src/libusblinux300/sht11_humid.c:41:49: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static int checkcrc(unsigned char *blk,unsigned char crcs[2]) data/w1retap-1.4.4/src/libusblinux300/sht11_humid.c:87:22: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char blk[10]; data/w1retap-1.4.4/src/libusblinux300/sht11_humid.c:98:26: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char crcs[2]; data/w1retap-1.4.4/src/libusblinux300/swtloop.c:56:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char out[140]; //used for output of the info byte data data/w1retap-1.4.4/src/libusblinux300/thermo21.c:181:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[256],LastDescription[256],LastMsg[256]; data/w1retap-1.4.4/src/libusblinux300/thermo21.c:291:10: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(msg,"Operation complete"); data/w1retap-1.4.4/src/libusblinux300/thermo21.c:300:10: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(msg,"Ready to read status page %d", data/w1retap-1.4.4/src/libusblinux300/thermo21.c:310:10: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(msg,"Ready to read alarm pages %d to %d", data/w1retap-1.4.4/src/libusblinux300/thermo21.c:320:10: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(msg,"Ready to read histogram pages %d to %d", data/w1retap-1.4.4/src/libusblinux300/thermo21.c:330:10: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(msg,"Ready to read log pages %d to %d", data/w1retap-1.4.4/src/libusblinux300/thermo21.c:345:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(msg,"Thermochron not on 1-Wire Net"); data/w1retap-1.4.4/src/libusblinux300/thermo21.c:354:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(msg,"Pages read from Thermochron"); data/w1retap-1.4.4/src/libusblinux300/thermo21.c:366:10: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(msg,"Write to setup clear memory"); data/w1retap-1.4.4/src/libusblinux300/thermo21.c:386:10: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(msg,"Clear memory command sent"); data/w1retap-1.4.4/src/libusblinux300/thermo21.c:395:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(msg,"Memory is clear"); data/w1retap-1.4.4/src/libusblinux300/thermo21.c:400:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(msg,"Memory did NOT clear"); data/w1retap-1.4.4/src/libusblinux300/thermo21.c:412:10: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(msg,"Write time, clock alarm, and trips setup"); data/w1retap-1.4.4/src/libusblinux300/thermo21.c:421:10: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(msg,"Write control, mission delay, clear flags setup"); data/w1retap-1.4.4/src/libusblinux300/thermo21.c:429:10: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(msg,"Write sample rate setup"); data/w1retap-1.4.4/src/libusblinux300/thermo21.c:437:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(msg,"Memory written to Thermochron"); data/w1retap-1.4.4/src/libusblinux300/thermo21.c:442:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(msg,"Thermochron not on 1-Wire Net"); data/w1retap-1.4.4/src/libusblinux300/thermo21.c:915:11: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. cnt += sprintf(&str[cnt],"Stat For DS1921:"); data/w1retap-1.4.4/src/libusblinux300/thermo21.c:917:11: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. cnt += sprintf(&str[cnt],"Mission State\n-------------\n"); data/w1retap-1.4.4/src/libusblinux300/thermo21.c:918:11: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. cnt += sprintf(&str[cnt],"Serial Number of DS1921: "); data/w1retap-1.4.4/src/libusblinux300/thermo21.c:923:14: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. cnt += sprintf(&str[cnt],"%02X",mstatus->serial_num[i]); data/w1retap-1.4.4/src/libusblinux300/thermo21.c:927:14: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. cnt += sprintf(&str[cnt],"\nMission is in progress\n"); data/w1retap-1.4.4/src/libusblinux300/thermo21.c:929:14: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. cnt += sprintf(&str[cnt],"\nMission is ended\n"); data/w1retap-1.4.4/src/libusblinux300/thermo21.c:932:11: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. cnt += sprintf(&str[cnt],"Sample rate: %d minute(s)\n",mstatus->sample_rate); data/w1retap-1.4.4/src/libusblinux300/thermo21.c:935:11: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. cnt += sprintf(&str[cnt],"Roll-Over Enabled: "); data/w1retap-1.4.4/src/libusblinux300/thermo21.c:937:14: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. cnt += sprintf(&str[cnt],"yes\n"); data/w1retap-1.4.4/src/libusblinux300/thermo21.c:939:14: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. cnt += sprintf(&str[cnt],"no\n"); data/w1retap-1.4.4/src/libusblinux300/thermo21.c:941:11: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. cnt += sprintf(&str[cnt],"Roll-Over Occurred: "); data/w1retap-1.4.4/src/libusblinux300/thermo21.c:943:14: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. cnt += sprintf(&str[cnt],"yes\n"); data/w1retap-1.4.4/src/libusblinux300/thermo21.c:945:14: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. cnt += sprintf(&str[cnt],"no\n"); data/w1retap-1.4.4/src/libusblinux300/thermo21.c:952:17: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. cnt += sprintf(&str[cnt],"Mission Start time: not started yet\n"); data/w1retap-1.4.4/src/libusblinux300/thermo21.c:954:17: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. cnt += sprintf(&str[cnt],"Mission Start: %02d/%02d/%04d %02d:%02d:%02d\n", data/w1retap-1.4.4/src/libusblinux300/thermo21.c:959:14: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. cnt += sprintf(&str[cnt],"Mission Start time: na\n"); data/w1retap-1.4.4/src/libusblinux300/thermo21.c:962:11: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. cnt += sprintf(&str[cnt],"Mission Start delay: %d minute(s)\n",mstatus->start_delay); data/w1retap-1.4.4/src/libusblinux300/thermo21.c:965:11: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. cnt += sprintf(&str[cnt],"Mission Samples: %d\n",mstatus->mission_samples); data/w1retap-1.4.4/src/libusblinux300/thermo21.c:968:11: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. cnt += sprintf(&str[cnt],"Device total samples: %d\n",mstatus->samples_total); data/w1retap-1.4.4/src/libusblinux300/thermo21.c:971:11: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. cnt += sprintf(&str[cnt],"Temp displayed in: "); data/w1retap-1.4.4/src/libusblinux300/thermo21.c:973:14: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. cnt += sprintf(&str[cnt],"(Fahrenheit)\n"); data/w1retap-1.4.4/src/libusblinux300/thermo21.c:975:14: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. cnt += sprintf(&str[cnt],"(Celsius)\n"); data/w1retap-1.4.4/src/libusblinux300/thermo21.c:978:11: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. cnt += sprintf(&str[cnt],"High Threshold: %6.1f\n", data/w1retap-1.4.4/src/libusblinux300/thermo21.c:981:11: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. cnt += sprintf(&str[cnt],"Low Threshold: %6.1f\n", data/w1retap-1.4.4/src/libusblinux300/thermo21.c:986:11: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. cnt += sprintf(&str[cnt],"Current Real-Time Clock from DS1921: %02d/%02d/%04d %02d:%02d:%02d\n", data/w1retap-1.4.4/src/libusblinux300/thermo21.c:994:11: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. cnt += sprintf(&str[cnt],"Current PC Time: %02d/%02d/%04d %02d:%02d:%02d\n", data/w1retap-1.4.4/src/libusblinux300/thermo21.c:1033:11: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. cnt += sprintf(&str[cnt],"Temperature Histogram\n---------------------\n" data/w1retap-1.4.4/src/libusblinux300/thermo21.c:1037:14: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. cnt += sprintf(&str[cnt],"(Fahrenheit)\n"); data/w1retap-1.4.4/src/libusblinux300/thermo21.c:1039:14: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. cnt += sprintf(&str[cnt],"(Celsius)\n"); data/w1retap-1.4.4/src/libusblinux300/thermo21.c:1044:14: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. cnt += sprintf(&str[cnt],"%6.1f to %6.1f, %d\n", data/w1retap-1.4.4/src/libusblinux300/thermo21.c:1136:11: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. cnt += sprintf(&str[cnt],"Temperature Alarms\n------------------\n" data/w1retap-1.4.4/src/libusblinux300/thermo21.c:1142:14: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. cnt += sprintf(&str[cnt],"LOW , "); data/w1retap-1.4.4/src/libusblinux300/thermo21.c:1145:14: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. cnt += sprintf(&str[cnt]," %02d/%02d/%04d %02d:%02d to ", data/w1retap-1.4.4/src/libusblinux300/thermo21.c:1149:14: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. cnt += sprintf(&str[cnt]," %02d/%02d/%04d %02d:%02d\n", data/w1retap-1.4.4/src/libusblinux300/thermo21.c:1156:14: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. cnt += sprintf(&str[cnt],"HIGH , "); data/w1retap-1.4.4/src/libusblinux300/thermo21.c:1159:14: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. cnt += sprintf(&str[cnt]," %02d/%02d/%04d %02d:%02d to ", data/w1retap-1.4.4/src/libusblinux300/thermo21.c:1163:14: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. cnt += sprintf(&str[cnt]," %02d/%02d/%04d %02d:%02d\n", data/w1retap-1.4.4/src/libusblinux300/thermo21.c:1227:11: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. cnt += sprintf(&str[cnt],"Log Data\n--------\n" data/w1retap-1.4.4/src/libusblinux300/thermo21.c:1230:14: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. cnt += sprintf(&str[cnt],"(Fahrenheit)\n"); data/w1retap-1.4.4/src/libusblinux300/thermo21.c:1232:14: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. cnt += sprintf(&str[cnt],"(Celsius)\n"); data/w1retap-1.4.4/src/libusblinux300/thermo21.c:1240:14: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. cnt += sprintf(&str[cnt],"%02d/%02d/%04d %02d:%02d ,", data/w1retap-1.4.4/src/libusblinux300/thermo21.c:1243:14: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. cnt += sprintf(&str[cnt],"%6.1f\n", data/w1retap-1.4.4/src/libusblinux300/thermo21.c:1263:11: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. cnt += sprintf(&str[cnt],"Debug Dump\n----------\nRegister Page:\n"); data/w1retap-1.4.4/src/libusblinux300/thermo21.c:1268:14: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. cnt += sprintf(&str[cnt],"%02X ",mstatus->status_raw[i]); data/w1retap-1.4.4/src/libusblinux300/thermo21.c:1274:11: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. cnt += sprintf(&str[cnt],"Alarms:\n"); data/w1retap-1.4.4/src/libusblinux300/thermo21.c:1277:14: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. cnt += sprintf(&str[cnt],"%02X ",alarm->alarm_raw[i]); data/w1retap-1.4.4/src/libusblinux300/thermo21.c:1283:11: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. cnt += sprintf(&str[cnt],"Histogram:\n"); data/w1retap-1.4.4/src/libusblinux300/thermo21.c:1286:14: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. cnt += sprintf(&str[cnt],"%02X ",hist->hist_raw[i]); data/w1retap-1.4.4/src/libusblinux300/thermo21.c:1293:11: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. cnt += sprintf(&str[cnt],"Log:\n"); data/w1retap-1.4.4/src/libusblinux300/thermo21.c:1296:14: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. cnt += sprintf(&str[cnt],"%02X ",log->log_raw[i]); data/w1retap-1.4.4/src/libusblinux300/thermo21.h:147:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char StepDescription[50]; data/w1retap-1.4.4/src/libusblinux300/thermodl.c:111:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen(argv[filenum],"w+"); data/w1retap-1.4.4/src/libusblinux300/thermoms.c:57:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[800]; data/w1retap-1.4.4/src/libusblinux300/time04.c:285:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&timebuffer[0], &settime, 4); data/w1retap-1.4.4/src/libusblinux300/time04.c:383:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&timebuffer[0], &setalarm, 4); data/w1retap-1.4.4/src/libusblinux300/tm_check.c:234:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&usertext[0], &filedata[0], usertextlength); // get usertext data/w1retap-1.4.4/src/libusblinux300/tm_check.c:235:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&SoftTimeArray[0], &filedata[usertextlength], 5); // get SoftTime as bytes data/w1retap-1.4.4/src/libusblinux300/tm_check.c:236:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&MAC[0], &filedata[(usertextlength + 5)], 20); // get MAC from file as 20 bytes data/w1retap-1.4.4/src/libusblinux300/tm_check.c:240:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&inputforsha[0],&TimeSN[0][0], 8); data/w1retap-1.4.4/src/libusblinux300/tm_check.c:241:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&inputforsha[8],&usertext[0], usertextlength); data/w1retap-1.4.4/src/libusblinux300/tm_check.c:242:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&inputforsha[(usertextlength + 8)],&SoftTimeArray[0], 5); data/w1retap-1.4.4/src/libusblinux300/tm_check.c:244:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&inputforsha[(usertextlength + 13)], &secret, secretlength); data/w1retap-1.4.4/src/libusblinux300/tm_check.c:250:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&newMAC[0], &intMAC[0], 20); data/w1retap-1.4.4/src/libusblinux300/tm_init.c:89:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char wpparameter[6]; // command line parameter to see if clock should be write-protected data/w1retap-1.4.4/src/libusblinux300/tm_init.c:151:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(wpparameter, "-wp"); data/w1retap-1.4.4/src/libusblinux300/tm_init.c:241:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&SoftTimeArray[1], &SoftTime, 4); // convert SoftTime to an array data/w1retap-1.4.4/src/libusblinux300/tm_init.c:244:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&inputforsha[0],&TimeSN[0][0], 8); data/w1retap-1.4.4/src/libusblinux300/tm_init.c:245:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&inputforsha[8],&usertext[0], usertextlength); data/w1retap-1.4.4/src/libusblinux300/tm_init.c:246:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&inputforsha[(usertextlength + 8)],&SoftTimeArray[0], 5); data/w1retap-1.4.4/src/libusblinux300/tm_init.c:247:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&inputforsha[(usertextlength + 13)], &secret, secretlength); data/w1retap-1.4.4/src/libusblinux300/tm_init.c:253:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&MAC[0], &intMAC[0], 20); data/w1retap-1.4.4/src/libusblinux300/tm_init.c:264:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&filedata[0], &usertext, usertextlength); data/w1retap-1.4.4/src/libusblinux300/tm_init.c:265:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&filedata[usertextlength], &SoftTimeArray, 5); data/w1retap-1.4.4/src/libusblinux300/tm_init.c:266:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&filedata[(usertextlength + 5)], &MAC, 20); data/w1retap-1.4.4/src/libusblinux300/w1find.c:68:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char xdev[32]; data/w1retap-1.4.4/src/libusblinux300/w1find.c:88:8: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(xdev,"DS2490-%d", ndev); data/w1retap-1.4.4/src/libusblinux300/weather.c:105:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char TempSN[190]; data/w1retap-1.4.4/src/libusblinux300/weather.c:109:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[45]; data/w1retap-1.4.4/src/libusblinux300/weather.c:121:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if((fptr = fopen(filename, "r")) == NULL) data/w1retap-1.4.4/src/libusblinux300/weather.c:173:27: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if((fptr = fopen(filename, "w")) == NULL) data/w1retap-1.4.4/src/libusblinux300/weather.c:378:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[45]; data/w1retap-1.4.4/src/mongo/w1mongo.c:70:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char t[256],v[256]; data/w1retap-1.4.4/src/mongo/w1mongo.c:221:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buff[32]; data/w1retap-1.4.4/src/mongo/w1mongo.c:225:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char collection[128]; data/w1retap-1.4.4/src/mongo/w1mongo.c:471:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char collection[128]; data/w1retap-1.4.4/src/mongo/w1mongo.c:491:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char collection[128]; data/w1retap-1.4.4/src/mysql/w1mysql.c:48:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char t[256],v[256]; data/w1retap-1.4.4/src/mysql/w1mysql.c:341:21: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tval[64]; data/w1retap-1.4.4/src/odbc/w1odbc.c:53:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cnam[256]; data/w1retap-1.4.4/src/odbc/w1odbc.c:87:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char device[32] = {0}; data/w1retap-1.4.4/src/odbc/w1odbc.c:88:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char type[32] = {0}; data/w1retap-1.4.4/src/odbc/w1odbc.c:109:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[512]; data/w1retap-1.4.4/src/odbc/w1odbc.c:148:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[512]; data/w1retap-1.4.4/src/pgsql/w1pgsql.c:340:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tval[64]; data/w1retap-1.4.4/src/pgsql/w1pgsql.c:389:39: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char * pvals[3]; data/w1retap-1.4.4/src/pgsql/w1pgsql.c:412:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char * pvals[2]; data/w1retap-1.4.4/src/pgsql/w1pgsql.c:447:19: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char * pvals[2]; data/w1retap-1.4.4/src/pgsql/w1pgsql.c:448:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tstr[64]; data/w1retap-1.4.4/src/sqlite/w1sqlite.c:304:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tval[64]; data/w1retap-1.4.4/src/sqlite/w1sqlite.c:408:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tval[64]; data/w1retap-1.4.4/src/w1conf.c:33:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/w1retap-1.4.4/src/w1conf.c:50:10: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen(w1->rcfile,"r"); data/w1retap-1.4.4/src/w1conf.c:55:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char lbuf[512]; data/w1retap-1.4.4/src/w1csv.c:34:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char timb[TBUF_SZ]; data/w1retap-1.4.4/src/w1csv.c:51:19: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). lfp = fopen(logfile, "a"); data/w1retap-1.4.4/src/w1file.c:45:14: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if((fp = fopen(fname, "r"))) data/w1retap-1.4.4/src/w1file.c:47:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char line[256]; data/w1retap-1.4.4/src/w1file.c:110:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char timb[TBUF_SZ]; data/w1retap-1.4.4/src/w1file.c:127:19: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). lfp = fopen(logfile, "a"); data/w1retap-1.4.4/src/w1file.c:155:25: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tval[64]; data/w1retap-1.4.4/src/w1retap.c:112:26: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen(w1->repfile, "a"); data/w1retap-1.4.4/src/w1retap.c:121:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s[64]; data/w1retap-1.4.4/src/w1retap.c:555:26: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if(NULL != (fp = fopen(w1->pidfile,"w"))) data/w1retap-1.4.4/src/w1retap.h:106:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char serno[8]; data/w1retap-1.4.4/src/w1retap.h:121:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char control[16]; data/w1retap-1.4.4/src/w1retap.h:126:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char devid[32]; data/w1retap-1.4.4/src/w1retap.h:154:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char log_delim[2]; data/w1retap-1.4.4/src/w1sensors.c:275:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[48]; data/w1retap-1.4.4/src/w1sensors.c:301:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char adname[4] = "ADA"; data/w1retap-1.4.4/src/w1sensors.c:1024:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char message[80]; data/w1retap-1.4.4/src/w1sensors.c:1144:25: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(temps+j, w->s+i, sizeof( w1_sensor_t)); data/w1retap-1.4.4/src/w1sensors.c:1315:21: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/w1retap-1.4.4/src/w1util.c:380:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tbuf1[TBUF_SZ]; data/w1retap-1.4.4/src/w1util.c:381:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tbuf2[TBUF_SZ]; data/w1retap-1.4.4/src/w1util.c:387:22: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int fd = open(w1->tmpname, O_WRONLY|O_CREAT|O_TRUNC, 0664); data/w1retap-1.4.4/src/w1util.c:408:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char md[2] = {"w"}, *pmd; data/w1retap-1.4.4/src/w1util.c:417:8: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). lfp = fopen(logfile, md); data/w1retap-1.4.4/src/w1xml.c:42:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char timb[TBUF_SZ]; data/w1retap-1.4.4/src/w1xml.c:61:19: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). lfp = fopen(logfile, "a"); data/w1retap-1.4.4/src/w1xml.c:84:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tval[64]; data/w1retap-1.4.4/src/w1xml.c:134:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char timb[TBUF_SZ]; data/w1retap-1.4.4/src/w1xml.c:152:19: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). lfp = fopen(logfile, "a"); data/w1retap-1.4.4/contrib/applets/archserv0:/w1temp.c:773:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). _tmp0_ = strlen (self); data/w1retap-1.4.4/contrib/applets/archserv0:/w1temp.c:825:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). _tmp5_ = strlen (d); data/w1retap-1.4.4/contrib/applets/w1temp-gnome2/w1temp.c:773:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). _tmp0_ = strlen (self); data/w1retap-1.4.4/contrib/applets/w1temp-gnome2/w1temp.c:825:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). _tmp5_ = strlen (d); data/w1retap-1.4.4/contrib/applets/w1temp-gnome3/src/w1temp.c:123:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). p += 1+strlen(m->key); data/w1retap-1.4.4/contrib/applets/w1temp-gnome3/src/w1temp.c:152:9: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(m->lbl, "?"); data/w1retap-1.4.4/contrib/applets/w1temp-gnome3/w1temp-0.0.5/src/w1temp.c:123:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). p += 1+strlen(m->key); data/w1retap-1.4.4/contrib/applets/w1temp-gnome3/w1temp-0.0.5/src/w1temp.c:152:9: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(m->lbl, "?"); data/w1retap-1.4.4/src/libusblinux300/fish.c:1647:19: [1] (buffer) getchar: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ch = (char) getchar(); data/w1retap-1.4.4/src/libusblinux300/humalog.c:523:19: [1] (buffer) getchar: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ch = (char) getchar(); data/w1retap-1.4.4/src/libusblinux300/ibshaut.c:140:14: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. cnt += sprintf(temp + cnt,"\n"); data/w1retap-1.4.4/src/libusblinux300/ibshaut.c:165:17: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. cnt += sprintf(temp + cnt,"\n"); data/w1retap-1.4.4/src/libusblinux300/initcopr.c:168:10: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. sprintf(msg + cnt,"\n"); data/w1retap-1.4.4/src/libusblinux300/initrov.c:261:17: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. cnt += sprintf(msg + cnt,"\n"); data/w1retap-1.4.4/src/libusblinux300/ioutil.c:74:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). deflen = strlen(buf); data/w1retap-1.4.4/src/libusblinux300/ioutil.c:306:11: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). return fgetc(stdin); data/w1retap-1.4.4/src/libusblinux300/ioutil.c:389:22: [1] (buffer) getchar: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ch = (char) getchar(); data/w1retap-1.4.4/src/libusblinux300/ioutil.c:405:22: [1] (buffer) getchar: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ch = (char) getchar(); data/w1retap-1.4.4/src/libusblinux300/ioutil.c:410:33: [1] (buffer) getchar: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). hexchar[1] = (char) getchar(); data/w1retap-1.4.4/src/libusblinux300/jibload.c:226:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). l_CurrentAID.Len = strlen(filename) - strlen(".jib"); data/w1retap-1.4.4/src/libusblinux300/jibload.c:226:45: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). l_CurrentAID.Len = strlen(filename) - strlen(".jib"); data/w1retap-1.4.4/src/libusblinux300/jibload.c:236:10: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy((char *)l_FileName, filename, l_CurrentAID.Len); data/w1retap-1.4.4/src/libusblinux300/libusbses.c:99:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (i = 0;i < (int)strlen(port_zstr); i++) data/w1retap-1.4.4/src/libusblinux300/libusbses.c:105:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). portstringlength = strlen(port_zstr) - strlen(&portSubStr[0]); // get port string length data/w1retap-1.4.4/src/libusblinux300/libusbses.c:105:44: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). portstringlength = strlen(port_zstr) - strlen(&portSubStr[0]); // get port string length data/w1retap-1.4.4/src/libusblinux300/linuxlnk.c:294:14: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (read(fd[portnum],&inbuf[cnt],1) != 1) data/w1retap-1.4.4/src/libusblinux300/pressure.c:245:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). lng = strlen (Cmd); data/w1retap-1.4.4/src/libusblinux300/pressure.c:286:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy (StringBuffer, ""); data/w1retap-1.4.4/src/libusblinux300/pressure.c:292:17: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat (StringBuffer, "1"); data/w1retap-1.4.4/src/libusblinux300/pressure.c:294:17: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat (StringBuffer, "0"); data/w1retap-1.4.4/src/libusblinux300/pressure.c:358:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen (Lect) != 16) data/w1retap-1.4.4/src/libusblinux300/pressure.c:403:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen (SW1) != 16) data/w1retap-1.4.4/src/libusblinux300/pressure.c:405:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen (SW2) != 16) data/w1retap-1.4.4/src/libusblinux300/pressure.c:407:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen (SW3) != 16) data/w1retap-1.4.4/src/libusblinux300/pressure.c:409:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen (SW4) != 16) data/w1retap-1.4.4/src/libusblinux300/shaapp.c:132:37: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(!ParseData(hexstr,strlen(hexstr),data,16)) data/w1retap-1.4.4/src/libusblinux300/shaapp.c:167:37: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(!ParseData(hexstr,strlen(hexstr),secret,16)) data/w1retap-1.4.4/src/libusblinux300/shaapp.c:264:40: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(!ParseData(hexstr,strlen(hexstr),data,16)) data/w1retap-1.4.4/src/libusblinux300/shaapp.c:312:40: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(!ParseData(hexstr,strlen(hexstr),data,16)) data/w1retap-1.4.4/src/libusblinux300/shaapp.c:356:40: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(!ParseData(hexstr,strlen(hexstr),data,16)) data/w1retap-1.4.4/src/libusblinux300/shaapp.c:395:40: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(!ParseData(hexstr,strlen(hexstr),data,16)) data/w1retap-1.4.4/src/libusblinux300/shaapp.c:418:40: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(!ParseData(hexstr,strlen(hexstr),data,16)) data/w1retap-1.4.4/src/libusblinux300/shaib.c:326:15: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. mcnt += sprintf(msg + mcnt,"\n"); data/w1retap-1.4.4/src/libusblinux300/thermo21.c:1270:17: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. cnt += sprintf(&str[cnt],"\n"); data/w1retap-1.4.4/src/libusblinux300/thermo21.c:1279:17: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. cnt += sprintf(&str[cnt],"\n"); data/w1retap-1.4.4/src/libusblinux300/thermo21.c:1288:17: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. cnt += sprintf(&str[cnt],"\n"); data/w1retap-1.4.4/src/libusblinux300/thermo21.c:1298:17: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. cnt += sprintf(&str[cnt],"\n"); data/w1retap-1.4.4/src/mongo/w1mongo.c:71:18: [1] (buffer) sscanf: It's unclear if the %s limit in the format string is small enough (CWE-120). Check that the limit is sufficiently small, or use a different input function. if (2 == sscanf(s1,"%256[^=]=%256s", t, v)) data/w1retap-1.4.4/src/mysql/w1mysql.c:49:18: [1] (buffer) sscanf: It's unclear if the %s limit in the format string is small enough (CWE-120). Check that the limit is sufficiently small, or use a different input function. if (2 == sscanf(s1,"%256[^=]=%256s", t, v)) data/w1retap-1.4.4/src/mysql/w1mysql.c:322:44: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). bind[1].buffer_length= strlen(bind[1].buffer); data/w1retap-1.4.4/src/mysql/w1mysql.c:358:55: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(0 != mysql_real_query(conn, q, strlen(q))) data/w1retap-1.4.4/src/odbc/w1odbc.c:290:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). psz = strlen(devs->s[j].abbrv); data/w1retap-1.4.4/src/pgsql/w1pgsql.c:408:17: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(jptr-1,"}"); data/w1retap-1.4.4/src/sqlite/w1sqlite.c:371:13: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(jptr-1,"}"); data/w1retap-1.4.4/src/w1util.c:38:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). fname = malloc(strlen(p) + strlen(f) + 2); data/w1retap-1.4.4/src/w1util.c:38:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). fname = malloc(strlen(p) + strlen(f) + 2); ANALYSIS SUMMARY: Hits = 606 Lines analyzed = 70317 in approximately 1.59 seconds (44119 lines/second) Physical Source Lines of Code (SLOC) = 43490 Hits@level = [0] 1344 [1] 56 [2] 437 [3] 25 [4] 88 [5] 0 Hits@level+ = [0+] 1950 [1+] 606 [2+] 550 [3+] 113 [4+] 88 [5+] 0 Hits/KSLOC@level+ = [0+] 44.8379 [1+] 13.9342 [2+] 12.6466 [3+] 2.5983 [4+] 2.02345 [5+] 0 Dot directories skipped = 5 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.