Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/389-ds-base-1.4.4.8/include/base/crit.h
Examining data/389-ds-base-1.4.4.8/include/base/dbtbase.h
Examining data/389-ds-base-1.4.4.8/include/base/ereport.h
Examining data/389-ds-base-1.4.4.8/include/base/file.h
Examining data/389-ds-base-1.4.4.8/include/base/fsmutex.h
Examining data/389-ds-base-1.4.4.8/include/base/plist.h
Examining data/389-ds-base-1.4.4.8/include/base/pool.h
Examining data/389-ds-base-1.4.4.8/include/base/shexp.h
Examining data/389-ds-base-1.4.4.8/include/base/systems.h
Examining data/389-ds-base-1.4.4.8/include/base/systhr.h
Examining data/389-ds-base-1.4.4.8/include/base/util.h
Examining data/389-ds-base-1.4.4.8/include/i18n.h
Examining data/389-ds-base-1.4.4.8/include/ldaputil/cert.h
Examining data/389-ds-base-1.4.4.8/include/ldaputil/certmap.h
Examining data/389-ds-base-1.4.4.8/include/ldaputil/dbconf.h
Examining data/389-ds-base-1.4.4.8/include/ldaputil/encode.h
Examining data/389-ds-base-1.4.4.8/include/ldaputil/errors.h
Examining data/389-ds-base-1.4.4.8/include/ldaputil/init.h
Examining data/389-ds-base-1.4.4.8/include/ldaputil/ldapauth.h
Examining data/389-ds-base-1.4.4.8/include/ldaputil/ldaputil.h
Examining data/389-ds-base-1.4.4.8/include/libaccess/acl.h
Examining data/389-ds-base-1.4.4.8/include/libaccess/aclerror.h
Examining data/389-ds-base-1.4.4.8/include/libaccess/acleval.h
Examining data/389-ds-base-1.4.4.8/include/libaccess/aclglobal.h
Examining data/389-ds-base-1.4.4.8/include/libaccess/aclproto.h
Examining data/389-ds-base-1.4.4.8/include/libaccess/aclstruct.h
Examining data/389-ds-base-1.4.4.8/include/libaccess/attrec.h
Examining data/389-ds-base-1.4.4.8/include/libaccess/authdb.h
Examining data/389-ds-base-1.4.4.8/include/libaccess/dbtlibaccess.h
Examining data/389-ds-base-1.4.4.8/include/libaccess/dnfstruct.h
Examining data/389-ds-base-1.4.4.8/include/libaccess/ipfstruct.h
Examining data/389-ds-base-1.4.4.8/include/libaccess/las.h
Examining data/389-ds-base-1.4.4.8/include/libaccess/nsauth.h
Examining data/389-ds-base-1.4.4.8/include/libaccess/nsautherr.h
Examining data/389-ds-base-1.4.4.8/include/libaccess/nserror.h
Examining data/389-ds-base-1.4.4.8/include/libaccess/symbols.h
Examining data/389-ds-base-1.4.4.8/include/libaccess/userauth.h
Examining data/389-ds-base-1.4.4.8/include/libaccess/usi.h
Examining data/389-ds-base-1.4.4.8/include/libaccess/usrcache.h
Examining data/389-ds-base-1.4.4.8/include/libadmin/dbtlibadmin.h
Examining data/389-ds-base-1.4.4.8/include/libadmin/libadmin.h
Examining data/389-ds-base-1.4.4.8/include/netsite.h
Examining data/389-ds-base-1.4.4.8/include/public/base/systems.h
Examining data/389-ds-base-1.4.4.8/include/public/netsite.h
Examining data/389-ds-base-1.4.4.8/include/public/nsacl/aclapi.h
Examining data/389-ds-base-1.4.4.8/include/public/nsacl/acldef.h
Examining data/389-ds-base-1.4.4.8/include/public/nsacl/nserrdef.h
Examining data/389-ds-base-1.4.4.8/include/public/nsacl/plistdef.h
Examining data/389-ds-base-1.4.4.8/include/public/nsapi.h
Examining data/389-ds-base-1.4.4.8/ldap/include/avl.h
Examining data/389-ds-base-1.4.4.8/ldap/include/dblayer.h
Examining data/389-ds-base-1.4.4.8/ldap/include/disptmpl.h
Examining data/389-ds-base-1.4.4.8/ldap/include/ldaprot.h
Examining data/389-ds-base-1.4.4.8/ldap/include/portable.h
Examining data/389-ds-base-1.4.4.8/ldap/include/regex.h
Examining data/389-ds-base-1.4.4.8/ldap/include/srchpref.h
Examining data/389-ds-base-1.4.4.8/ldap/include/sysexits-compat.h
Examining data/389-ds-base-1.4.4.8/ldap/libraries/libavl/avl.c
Examining data/389-ds-base-1.4.4.8/ldap/libraries/libavl/testavl.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/acct_usability/acct_usability.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/acct_usability/acct_usability.h
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/acctpolicy/acct_config.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/acctpolicy/acct_init.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/acctpolicy/acct_plugin.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/acctpolicy/acct_util.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/acctpolicy/acctpolicy.h
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.h
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl_ext.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclanom.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acleffectiverights.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclgroup.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclinit.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acllas.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acllist.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclparse.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclplugin.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclutil.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/addn/addn.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/addn/addn.h
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/automember/automember.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/automember/automember.h
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/bitwise/bitwise.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/chainingdb/cb.h
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/chainingdb/cb_abandon.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/chainingdb/cb_acl.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/chainingdb/cb_add.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/chainingdb/cb_bind.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/chainingdb/cb_cleanup.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/chainingdb/cb_close.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/chainingdb/cb_compare.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/chainingdb/cb_config.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/chainingdb/cb_conn_stateless.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/chainingdb/cb_controls.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/chainingdb/cb_debug.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/chainingdb/cb_delete.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/chainingdb/cb_init.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/chainingdb/cb_instance.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/chainingdb/cb_modify.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/chainingdb/cb_modrdn.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/chainingdb/cb_monitor.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/chainingdb/cb_schema.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/chainingdb/cb_search.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/chainingdb/cb_start.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/chainingdb/cb_temp.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/chainingdb/cb_test.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/chainingdb/cb_unbind.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/chainingdb/cb_utils.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/collation/collate.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/collation/collate.h
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/collation/config.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/collation/config.h
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/collation/debug.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/collation/orfilter.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/collation/orfilter.h
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/cos/cos.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/cos/cos_cache.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/cos/cos_cache.h
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/deref/deref.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/deref/deref.h
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/distrib/distrib.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/dna/dna.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/http/http_client.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/http/http_client.h
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/http/http_impl.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/http/http_impl.h
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/linkedattrs/fixup_task.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/linkedattrs/linked_attrs.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/linkedattrs/linked_attrs.h
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/memberof/memberof.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/memberof/memberof.h
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/memberof/memberof_config.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/mep/mep.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/mep/mep.h
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/pam_passthru/pam_passthru.h
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/pam_passthru/pam_ptconfig.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/pam_passthru/pam_ptdebug.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/pam_passthru/pam_ptimpl.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/pam_passthru/pam_ptpreop.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/passthru/passthru.h
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/passthru/ptbind.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/passthru/ptconfig.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/passthru/ptconn.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/passthru/ptdebug.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/passthru/ptpreop.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/passthru/ptutil.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/posix-winsync/posix-group-func.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/posix-winsync/posix-group-func.h
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/posix-winsync/posix-group-task.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/posix-winsync/posix-winsync-config.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/posix-winsync/posix-winsync.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/posix-winsync/posix-wsp-ident.h
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/presence/presence.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/pwdstorage/md5.h
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/pwdstorage/md5c.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/pwdstorage/ns-mta-md5_pwd.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/pwdstorage/pbkdf2_pwd.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/pwdstorage/pwd_init.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/pwdstorage/pwd_util.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/pwdstorage/pwdstorage.h
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/pwdstorage/ssha_pwd.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/pwdstorage/clear_pwd.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/pwdstorage/crypt_pwd.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/pwdstorage/md5_pwd.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/pwdstorage/sha_pwd.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/pwdstorage/smd5_pwd.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/referint/referint.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5.h
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_api.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_api.h
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_clcache.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_clcache.h
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_config.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_init.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_test.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_test.h
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl_crypt.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl_crypt.h
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/csnpl.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/csnpl.h
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/llist.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/llist.h
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/profile.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl-session-plugin.h
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5.h
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_agmt.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_agmtlist.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_backoff.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_connection.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_inc_protocol.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_init.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_mtnode_ext.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_plugins.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_prot_private.h
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_protocol.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_protocol_util.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_replica.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_replica_config.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_replica_dnhash.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_replica_hash.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_replsupplier.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_ruv.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_ruv.h
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_schedule.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_tot_protocol.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_total.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_updatedn_list.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl_connext.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl_controls.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl_ext.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl_extop.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl_globals.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl_helper.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl_helper.h
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl_opext.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl_session_plugin.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl_shared.h
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/replutil.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/test_repl_session_plugin.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/tests/dnp_sim.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/tests/dnp_sim2.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/tests/dnp_sim3.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/urp.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/urp.h
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/urp_glue.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/urp_tombstone.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/windows_connection.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/windows_inc_protocol.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/windows_private.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/windows_prot_private.h
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/windows_protocol_util.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/windows_tot_protocol.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/windowsrepl.h
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/winsync-plugin.h
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/retrocl/linktest.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/retrocl/retrocl.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/retrocl/retrocl.h
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/retrocl/retrocl_cn.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/retrocl/retrocl_create.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/retrocl/retrocl_po.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/retrocl/retrocl_rootdse.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/retrocl/retrocl_trim.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/rever/pbe.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/rever/rever.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/rever/rever.h
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/roles/roles_cache.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/roles/roles_cache.h
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/roles/roles_plugin.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/rootdn_access/rootdn_access.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/rootdn_access/rootdn_access.h
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/schema_reload/schema_reload.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/statechange/statechange.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/sync/sync.h
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/sync/sync_init.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/sync/sync_refresh.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/sync/sync_util.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/sync/sync_persist.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/syntaxes/bin.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/syntaxes/bitstring.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/syntaxes/ces.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/syntaxes/cis.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/syntaxes/debug.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/syntaxes/deliverymethod.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/syntaxes/dn.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/syntaxes/facsimile.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/syntaxes/guide.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/syntaxes/int.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/syntaxes/nameoptuid.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/syntaxes/numericstring.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/syntaxes/phonetic.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/syntaxes/sicis.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/syntaxes/string.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/syntaxes/syntax.h
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/syntaxes/syntax_common.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/syntaxes/tel.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/syntaxes/teletex.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/syntaxes/telex.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/syntaxes/validate.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/syntaxes/validate_task.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/syntaxes/value.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/uiduniq/7bit.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/uiduniq/plugin-utils.h
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/uiduniq/uid.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/uiduniq/utils.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/usn/usn.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/usn/usn.h
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/usn/usn_cleanup.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/vattrsp_template/vattrsp.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/views/views.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/plugins/whoami/whoami.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/abandon.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/add.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/agtmmap.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/agtmmap.h
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/apibroker.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/attr.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/attrlist.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/attrsyntax.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/auditlog.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/auth.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/auth.h
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/ava.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ancestorid.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/archive.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/attrcrypt.h
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/back-ldbm.h
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/backentry.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/cache.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/cleanup.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/close.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_config.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_import.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_import_threads.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_instance_config.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_layer.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_layer.h
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_ldif2db.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_misc.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_monitor.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_upgrade.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_verify.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_version.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/dblayer.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/dblayer.h
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/dbsize.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/dbverify.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/dn2entry.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/entrystore.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/filterindex.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/findentry.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/haschildren.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/id2entry.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/idl.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/idl_common.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/idl_new.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/idl_set.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/idl_shim.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/import.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/import.h
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/index.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/init.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/instance.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_abandon.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_add.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_attr.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_attrcrypt.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_attrcrypt_config.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_bind.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_compare.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_config.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_config.h
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_delete.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_entryrdn.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_index_config.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_instance_config.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_modify.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_modrdn.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_search.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_unbind.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_usn.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldif2ldbm.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/matchrule.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/misc.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/nextid.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/parents.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/perfctrs.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/perfctrs.h
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/proto-back-ldbm.h
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/rmdb.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/seq.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/sort.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/start.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/tools/index_dump/index_dump.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/uniqueid2entry.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/vlv.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/vlv_key.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/vlv_key.h
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/vlv_srch.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/vlv_srch.h
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/backend.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/backend_manager.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/bind.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/bitset.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/bulk_import.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/charray.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/compare.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/computed.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/config.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/configdse.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/connection.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/conntable.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/control.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/counters.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/csn.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/csngen.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/csngen.h
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/csnset.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/daemon.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/defbackend.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/delete.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/detach.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/disconnect_error_strings.h
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/disconnect_errors.h
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/dl.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/dn.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/dse.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/dynalib.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/entry.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/entrywsi.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/errormap.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/eventq.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/extendop.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/factory.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/fe.h
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/features.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/fedse.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/fileio.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/filter.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/filter.h
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/filtercmp.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/filterentry.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/generation.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/getfilelist.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/getopt_ext.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/getopt_ext.h
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/getsocketpeer.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/getsocketpeer.h
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/globals.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/house.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/http.h
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/init.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/intrinsics.h
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/ldbmlinktest.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/lenstr.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/libglobs.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/localhost.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/lock.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/log.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/log.h
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/main.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/mapping_tree.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/match.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/modify.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/modrdn.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/modutil.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/monitor.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/object.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/objset.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/openldapber.h
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/operation.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/opshared.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/pagedresults.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/passwd_extop.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/pblock.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/pblock_v3.h
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/plugin.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/plugin_acl.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/plugin_internal_op.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/plugin_mmr.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/plugin_mr.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/plugin_role.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/plugin_syntax.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/poll_using_select.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/poll_using_select.h
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/prerrstrs.h
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/protect_db.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/protect_db.h
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/proto-slap.h
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/proxyauth.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/psearch.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/pw.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/pw.h
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/pw_mgmt.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/pw_retry.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/pw_verify.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/pw_verify.h
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/rdn.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/referral.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/regex.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/resourcelimit.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/result.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/rewriters.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/rootdse.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/sasl_io.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/sasl_map.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/saslbind.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/schemaparse.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/search.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/secerrstrs.h
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/security_wrappers.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/slap.h
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/slapd_plhash.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/slapi-plugin-compat4.h
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/slapi-private.h
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/slapi2nspr.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/slapi_counter.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/slapi_pal.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/slapi_pal.h
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/snmp_collator.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/snmp_collator.h
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/snoop.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/sort.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/ssl.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/sslerrstrs.h
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/start_tls_extop.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/statechange.h
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/str2filter.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/strdup.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/stubrepl.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/stubs.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/subentry.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/task.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/tempnam.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/test-plugins/clients/reqextop.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/test-plugins/sampletask.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/test-plugins/testbind.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/test-plugins/testdatainterop.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/test-plugins/testdbinterop.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/test-plugins/testdbinterop.h
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/test-plugins/testentry.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/test-plugins/testextendedop.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/test-plugins/testgetip.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/test-plugins/testpostop.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/test-plugins/testpreop.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/test-plugins/testsaslbind.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/thread_data.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/time.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/dbscan.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/eggencode.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldaptool-sasl.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldaptool-sasl.h
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldaptool.h
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/data.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldap-private.h
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldapfct.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldclt.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldclt.h
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldcltU.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/opCheck.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/parser.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/port.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/port.h
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/remote.h
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/repcheck.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/repslave.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/scalab01.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/scalab01.h
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/srv.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/threadMain.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/utils.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/utils.h
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/version.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/workarounds.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/mkdep.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/pwenc.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/unbind.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/uniqueid.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/uniqueidgen.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/upgrade.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/utf8.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/utf8compare.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/util.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/uuid.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/uuid.h
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/value.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/valueset.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/vattr.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/vattr_spi.h
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/views.h
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/ldaputil.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/ch_malloc.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/slapd/slapi-plugin.h
Examining data/389-ds-base-1.4.4.8/ldap/servers/snmp/ldap-agent.c
Examining data/389-ds-base-1.4.4.8/ldap/servers/snmp/ldap-agent.h
Examining data/389-ds-base-1.4.4.8/ldap/servers/snmp/main.c
Examining data/389-ds-base-1.4.4.8/ldap/systools/hp_patches.c
Examining data/389-ds-base-1.4.4.8/ldap/systools/pio.h
Examining data/389-ds-base-1.4.4.8/ldap/systools/sol_patches.c
Examining data/389-ds-base-1.4.4.8/ldap/systools/viewcore.c
Examining data/389-ds-base-1.4.4.8/lib/base/crit.cpp
Examining data/389-ds-base-1.4.4.8/lib/base/dnsdmain.cpp
Examining data/389-ds-base-1.4.4.8/lib/base/ereport.cpp
Examining data/389-ds-base-1.4.4.8/lib/base/file.cpp
Examining data/389-ds-base-1.4.4.8/lib/base/fsmutex.cpp
Examining data/389-ds-base-1.4.4.8/lib/base/lexer_pvt.h
Examining data/389-ds-base-1.4.4.8/lib/base/nscperror.c
Examining data/389-ds-base-1.4.4.8/lib/base/plist.cpp
Examining data/389-ds-base-1.4.4.8/lib/base/plist_pvt.h
Examining data/389-ds-base-1.4.4.8/lib/base/pool.cpp
Examining data/389-ds-base-1.4.4.8/lib/base/shexp.cpp
Examining data/389-ds-base-1.4.4.8/lib/base/system.cpp
Examining data/389-ds-base-1.4.4.8/lib/base/systhr.cpp
Examining data/389-ds-base-1.4.4.8/lib/base/util.cpp
Examining data/389-ds-base-1.4.4.8/lib/ldaputil/cert.c
Examining data/389-ds-base-1.4.4.8/lib/ldaputil/certmap.c
Examining data/389-ds-base-1.4.4.8/lib/ldaputil/dbconf.c
Examining data/389-ds-base-1.4.4.8/lib/ldaputil/encode.c
Examining data/389-ds-base-1.4.4.8/lib/ldaputil/errors.c
Examining data/389-ds-base-1.4.4.8/lib/ldaputil/examples/init.c
Examining data/389-ds-base-1.4.4.8/lib/ldaputil/examples/plugin.c
Examining data/389-ds-base-1.4.4.8/lib/ldaputil/examples/plugin.h
Examining data/389-ds-base-1.4.4.8/lib/ldaputil/init.c
Examining data/389-ds-base-1.4.4.8/lib/ldaputil/ldapauth.c
Examining data/389-ds-base-1.4.4.8/lib/ldaputil/ldaputili.h
Examining data/389-ds-base-1.4.4.8/lib/ldaputil/vtable.c
Examining data/389-ds-base-1.4.4.8/lib/libaccess/access_plhash.cpp
Examining data/389-ds-base-1.4.4.8/lib/libaccess/access_plhash.h
Examining data/389-ds-base-1.4.4.8/lib/libaccess/acl.tab.cpp
Examining data/389-ds-base-1.4.4.8/lib/libaccess/acl.tab.h
Examining data/389-ds-base-1.4.4.8/lib/libaccess/acl.yy.cpp
Examining data/389-ds-base-1.4.4.8/lib/libaccess/aclcache.cpp
Examining data/389-ds-base-1.4.4.8/lib/libaccess/aclcache.h
Examining data/389-ds-base-1.4.4.8/lib/libaccess/aclerror.cpp
Examining data/389-ds-base-1.4.4.8/lib/libaccess/acleval.cpp
Examining data/389-ds-base-1.4.4.8/lib/libaccess/aclflush.cpp
Examining data/389-ds-base-1.4.4.8/lib/libaccess/aclpriv.h
Examining data/389-ds-base-1.4.4.8/lib/libaccess/aclscan.h
Examining data/389-ds-base-1.4.4.8/lib/libaccess/aclspace.cpp
Examining data/389-ds-base-1.4.4.8/lib/libaccess/acltools.cpp
Examining data/389-ds-base-1.4.4.8/lib/libaccess/aclutil.cpp
Examining data/389-ds-base-1.4.4.8/lib/libaccess/aclutil.h
Examining data/389-ds-base-1.4.4.8/lib/libaccess/authdb.cpp
Examining data/389-ds-base-1.4.4.8/lib/libaccess/las.h
Examining data/389-ds-base-1.4.4.8/lib/libaccess/lasdns.cpp
Examining data/389-ds-base-1.4.4.8/lib/libaccess/lasdns.h
Examining data/389-ds-base-1.4.4.8/lib/libaccess/lasgroup.cpp
Examining data/389-ds-base-1.4.4.8/lib/libaccess/lasip.cpp
Examining data/389-ds-base-1.4.4.8/lib/libaccess/lasip.h
Examining data/389-ds-base-1.4.4.8/lib/libaccess/lastod.cpp
Examining data/389-ds-base-1.4.4.8/lib/libaccess/lasuser.cpp
Examining data/389-ds-base-1.4.4.8/lib/libaccess/ldapauth.h
Examining data/389-ds-base-1.4.4.8/lib/libaccess/method.cpp
Examining data/389-ds-base-1.4.4.8/lib/libaccess/nsautherr.cpp
Examining data/389-ds-base-1.4.4.8/lib/libaccess/nseframe.cpp
Examining data/389-ds-base-1.4.4.8/lib/libaccess/oneeval.cpp
Examining data/389-ds-base-1.4.4.8/lib/libaccess/oneeval.h
Examining data/389-ds-base-1.4.4.8/lib/libaccess/parse.h
Examining data/389-ds-base-1.4.4.8/lib/libaccess/permhash.h
Examining data/389-ds-base-1.4.4.8/lib/libaccess/register.cpp
Examining data/389-ds-base-1.4.4.8/lib/libaccess/symbols.cpp
Examining data/389-ds-base-1.4.4.8/lib/libaccess/usi.cpp
Examining data/389-ds-base-1.4.4.8/lib/libaccess/usrcache.cpp
Examining data/389-ds-base-1.4.4.8/lib/libadmin/error.c
Examining data/389-ds-base-1.4.4.8/lib/libadmin/template.c
Examining data/389-ds-base-1.4.4.8/lib/libadmin/util.c
Examining data/389-ds-base-1.4.4.8/lib/libsi18n/getstrmem.h
Examining data/389-ds-base-1.4.4.8/lib/libsi18n/getstrprop.c
Examining data/389-ds-base-1.4.4.8/lib/libsi18n/gsslapd.h
Examining data/389-ds-base-1.4.4.8/lib/libsi18n/makstrdb.c
Examining data/389-ds-base-1.4.4.8/lib/libsi18n/reshash.c
Examining data/389-ds-base-1.4.4.8/lib/libsi18n/reshash.h
Examining data/389-ds-base-1.4.4.8/lib/libsi18n/txtfile.c
Examining data/389-ds-base-1.4.4.8/lib/libsi18n/txtfile.h
Examining data/389-ds-base-1.4.4.8/src/contrib/back-ldif/add.c
Examining data/389-ds-base-1.4.4.8/src/contrib/back-ldif/back-ldif.h
Examining data/389-ds-base-1.4.4.8/src/contrib/back-ldif/bind.c
Examining data/389-ds-base-1.4.4.8/src/contrib/back-ldif/close.c
Examining data/389-ds-base-1.4.4.8/src/contrib/back-ldif/compare.c
Examining data/389-ds-base-1.4.4.8/src/contrib/back-ldif/config.c
Examining data/389-ds-base-1.4.4.8/src/contrib/back-ldif/delete.c
Examining data/389-ds-base-1.4.4.8/src/contrib/back-ldif/init.c
Examining data/389-ds-base-1.4.4.8/src/contrib/back-ldif/modify.c
Examining data/389-ds-base-1.4.4.8/src/contrib/back-ldif/modrdn.c
Examining data/389-ds-base-1.4.4.8/src/contrib/back-ldif/monitor.c
Examining data/389-ds-base-1.4.4.8/src/contrib/back-ldif/search.c
Examining data/389-ds-base-1.4.4.8/src/contrib/back-ldif/start.c
Examining data/389-ds-base-1.4.4.8/src/contrib/back-ldif/unbind.c
Examining data/389-ds-base-1.4.4.8/src/libsds/external/csiphash/csiphash.c
Examining data/389-ds-base-1.4.4.8/src/libsds/external/liblfds711/build/wdk_7.1/driver_entry_renamed_to_avoid_compiler_warning.c
Examining data/389-ds-base-1.4.4.8/src/libsds/external/liblfds711/inc/liblfds711.h
Examining data/389-ds-base-1.4.4.8/src/libsds/external/liblfds711/inc/liblfds711/lfds711_btree_addonly_unbalanced.h
Examining data/389-ds-base-1.4.4.8/src/libsds/external/liblfds711/inc/liblfds711/lfds711_freelist.h
Examining data/389-ds-base-1.4.4.8/src/libsds/external/liblfds711/inc/liblfds711/lfds711_hash_addonly.h
Examining data/389-ds-base-1.4.4.8/src/libsds/external/liblfds711/inc/liblfds711/lfds711_list_addonly_singlylinked_ordered.h
Examining data/389-ds-base-1.4.4.8/src/libsds/external/liblfds711/inc/liblfds711/lfds711_list_addonly_singlylinked_unordered.h
Examining data/389-ds-base-1.4.4.8/src/libsds/external/liblfds711/inc/liblfds711/lfds711_misc.h
Examining data/389-ds-base-1.4.4.8/src/libsds/external/liblfds711/inc/liblfds711/lfds711_porting_abstraction_layer_compiler.h
Examining data/389-ds-base-1.4.4.8/src/libsds/external/liblfds711/inc/liblfds711/lfds711_porting_abstraction_layer_operating_system.h
Examining data/389-ds-base-1.4.4.8/src/libsds/external/liblfds711/inc/liblfds711/lfds711_porting_abstraction_layer_processor.h
Examining data/389-ds-base-1.4.4.8/src/libsds/external/liblfds711/inc/liblfds711/lfds711_prng.h
Examining data/389-ds-base-1.4.4.8/src/libsds/external/liblfds711/inc/liblfds711/lfds711_queue_bounded_manyproducer_manyconsumer.h
Examining data/389-ds-base-1.4.4.8/src/libsds/external/liblfds711/inc/liblfds711/lfds711_queue_bounded_singleproducer_singleconsumer.h
Examining data/389-ds-base-1.4.4.8/src/libsds/external/liblfds711/inc/liblfds711/lfds711_queue_unbounded_manyproducer_manyconsumer.h
Examining data/389-ds-base-1.4.4.8/src/libsds/external/liblfds711/inc/liblfds711/lfds711_ringbuffer.h
Examining data/389-ds-base-1.4.4.8/src/libsds/external/liblfds711/inc/liblfds711/lfds711_stack.h
Examining data/389-ds-base-1.4.4.8/src/libsds/external/liblfds711/src/lfds711_btree_addonly_unbalanced/lfds711_btree_addonly_unbalanced_cleanup.c
Examining data/389-ds-base-1.4.4.8/src/libsds/external/liblfds711/src/lfds711_btree_addonly_unbalanced/lfds711_btree_addonly_unbalanced_get.c
Examining data/389-ds-base-1.4.4.8/src/libsds/external/liblfds711/src/lfds711_btree_addonly_unbalanced/lfds711_btree_addonly_unbalanced_init.c
Examining data/389-ds-base-1.4.4.8/src/libsds/external/liblfds711/src/lfds711_btree_addonly_unbalanced/lfds711_btree_addonly_unbalanced_insert.c
Examining data/389-ds-base-1.4.4.8/src/libsds/external/liblfds711/src/lfds711_btree_addonly_unbalanced/lfds711_btree_addonly_unbalanced_internal.h
Examining data/389-ds-base-1.4.4.8/src/libsds/external/liblfds711/src/lfds711_btree_addonly_unbalanced/lfds711_btree_addonly_unbalanced_query.c
Examining data/389-ds-base-1.4.4.8/src/libsds/external/liblfds711/src/lfds711_freelist/lfds711_freelist_cleanup.c
Examining data/389-ds-base-1.4.4.8/src/libsds/external/liblfds711/src/lfds711_freelist/lfds711_freelist_init.c
Examining data/389-ds-base-1.4.4.8/src/libsds/external/liblfds711/src/lfds711_freelist/lfds711_freelist_internal.h
Examining data/389-ds-base-1.4.4.8/src/libsds/external/liblfds711/src/lfds711_freelist/lfds711_freelist_pop.c
Examining data/389-ds-base-1.4.4.8/src/libsds/external/liblfds711/src/lfds711_freelist/lfds711_freelist_push.c
Examining data/389-ds-base-1.4.4.8/src/libsds/external/liblfds711/src/lfds711_freelist/lfds711_freelist_query.c
Examining data/389-ds-base-1.4.4.8/src/libsds/external/liblfds711/src/lfds711_hash_addonly/lfds711_hash_addonly_cleanup.c
Examining data/389-ds-base-1.4.4.8/src/libsds/external/liblfds711/src/lfds711_hash_addonly/lfds711_hash_addonly_get.c
Examining data/389-ds-base-1.4.4.8/src/libsds/external/liblfds711/src/lfds711_hash_addonly/lfds711_hash_addonly_init.c
Examining data/389-ds-base-1.4.4.8/src/libsds/external/liblfds711/src/lfds711_hash_addonly/lfds711_hash_addonly_insert.c
Examining data/389-ds-base-1.4.4.8/src/libsds/external/liblfds711/src/lfds711_hash_addonly/lfds711_hash_addonly_internal.h
Examining data/389-ds-base-1.4.4.8/src/libsds/external/liblfds711/src/lfds711_hash_addonly/lfds711_hash_addonly_iterate.c
Examining data/389-ds-base-1.4.4.8/src/libsds/external/liblfds711/src/lfds711_hash_addonly/lfds711_hash_addonly_query.c
Examining data/389-ds-base-1.4.4.8/src/libsds/external/liblfds711/src/lfds711_list_addonly_singlylinked_ordered/lfds711_list_addonly_singlylinked_ordered_cleanup.c
Examining data/389-ds-base-1.4.4.8/src/libsds/external/liblfds711/src/lfds711_list_addonly_singlylinked_ordered/lfds711_list_addonly_singlylinked_ordered_get.c
Examining data/389-ds-base-1.4.4.8/src/libsds/external/liblfds711/src/lfds711_list_addonly_singlylinked_ordered/lfds711_list_addonly_singlylinked_ordered_init.c
Examining data/389-ds-base-1.4.4.8/src/libsds/external/liblfds711/src/lfds711_list_addonly_singlylinked_ordered/lfds711_list_addonly_singlylinked_ordered_insert.c
Examining data/389-ds-base-1.4.4.8/src/libsds/external/liblfds711/src/lfds711_list_addonly_singlylinked_ordered/lfds711_list_addonly_singlylinked_ordered_internal.h
Examining data/389-ds-base-1.4.4.8/src/libsds/external/liblfds711/src/lfds711_list_addonly_singlylinked_ordered/lfds711_list_addonly_singlylinked_ordered_query.c
Examining data/389-ds-base-1.4.4.8/src/libsds/external/liblfds711/src/lfds711_list_addonly_singlylinked_unordered/lfds711_list_addonly_singlylinked_unordered_cleanup.c
Examining data/389-ds-base-1.4.4.8/src/libsds/external/liblfds711/src/lfds711_list_addonly_singlylinked_unordered/lfds711_list_addonly_singlylinked_unordered_get.c
Examining data/389-ds-base-1.4.4.8/src/libsds/external/liblfds711/src/lfds711_list_addonly_singlylinked_unordered/lfds711_list_addonly_singlylinked_unordered_init.c
Examining data/389-ds-base-1.4.4.8/src/libsds/external/liblfds711/src/lfds711_list_addonly_singlylinked_unordered/lfds711_list_addonly_singlylinked_unordered_insert.c
Examining data/389-ds-base-1.4.4.8/src/libsds/external/liblfds711/src/lfds711_list_addonly_singlylinked_unordered/lfds711_list_addonly_singlylinked_unordered_internal.h
Examining data/389-ds-base-1.4.4.8/src/libsds/external/liblfds711/src/lfds711_list_addonly_singlylinked_unordered/lfds711_list_addonly_singlylinked_unordered_query.c
Examining data/389-ds-base-1.4.4.8/src/libsds/external/liblfds711/src/lfds711_misc/lfds711_misc_globals.c
Examining data/389-ds-base-1.4.4.8/src/libsds/external/liblfds711/src/lfds711_misc/lfds711_misc_internal.h
Examining data/389-ds-base-1.4.4.8/src/libsds/external/liblfds711/src/lfds711_misc/lfds711_misc_internal_backoff_init.c
Examining data/389-ds-base-1.4.4.8/src/libsds/external/liblfds711/src/lfds711_misc/lfds711_misc_query.c
Examining data/389-ds-base-1.4.4.8/src/libsds/external/liblfds711/src/lfds711_prng/lfds711_prng_init.c
Examining data/389-ds-base-1.4.4.8/src/libsds/external/liblfds711/src/lfds711_prng/lfds711_prng_internal.h
Examining data/389-ds-base-1.4.4.8/src/libsds/external/liblfds711/src/lfds711_queue_bounded_manyproducer_manyconsumer/lfds711_queue_bounded_manyproducer_manyconsumer_cleanup.c
Examining data/389-ds-base-1.4.4.8/src/libsds/external/liblfds711/src/lfds711_queue_bounded_manyproducer_manyconsumer/lfds711_queue_bounded_manyproducer_manyconsumer_dequeue.c
Examining data/389-ds-base-1.4.4.8/src/libsds/external/liblfds711/src/lfds711_queue_bounded_manyproducer_manyconsumer/lfds711_queue_bounded_manyproducer_manyconsumer_enqueue.c
Examining data/389-ds-base-1.4.4.8/src/libsds/external/liblfds711/src/lfds711_queue_bounded_manyproducer_manyconsumer/lfds711_queue_bounded_manyproducer_manyconsumer_init.c
Examining data/389-ds-base-1.4.4.8/src/libsds/external/liblfds711/src/lfds711_queue_bounded_manyproducer_manyconsumer/lfds711_queue_bounded_manyproducer_manyconsumer_internal.h
Examining data/389-ds-base-1.4.4.8/src/libsds/external/liblfds711/src/lfds711_queue_bounded_manyproducer_manyconsumer/lfds711_queue_bounded_manyproducer_manyconsumer_query.c
Examining data/389-ds-base-1.4.4.8/src/libsds/external/liblfds711/src/lfds711_queue_bounded_singleproducer_singleconsumer/lfds711_queue_bounded_singleproducer_singleconsumer_cleanup.c
Examining data/389-ds-base-1.4.4.8/src/libsds/external/liblfds711/src/lfds711_queue_bounded_singleproducer_singleconsumer/lfds711_queue_bounded_singleproducer_singleconsumer_dequeue.c
Examining data/389-ds-base-1.4.4.8/src/libsds/external/liblfds711/src/lfds711_queue_bounded_singleproducer_singleconsumer/lfds711_queue_bounded_singleproducer_singleconsumer_enqueue.c
Examining data/389-ds-base-1.4.4.8/src/libsds/external/liblfds711/src/lfds711_queue_bounded_singleproducer_singleconsumer/lfds711_queue_bounded_singleproducer_singleconsumer_init.c
Examining data/389-ds-base-1.4.4.8/src/libsds/external/liblfds711/src/lfds711_queue_bounded_singleproducer_singleconsumer/lfds711_queue_bounded_singleproducer_singleconsumer_internal.h
Examining data/389-ds-base-1.4.4.8/src/libsds/external/liblfds711/src/lfds711_queue_bounded_singleproducer_singleconsumer/lfds711_queue_bounded_singleproducer_singleconsumer_query.c
Examining data/389-ds-base-1.4.4.8/src/libsds/external/liblfds711/src/lfds711_queue_unbounded_manyproducer_manyconsumer/lfds711_queue_unbounded_manyproducer_manyconsumer_cleanup.c
Examining data/389-ds-base-1.4.4.8/src/libsds/external/liblfds711/src/lfds711_queue_unbounded_manyproducer_manyconsumer/lfds711_queue_unbounded_manyproducer_manyconsumer_dequeue.c
Examining data/389-ds-base-1.4.4.8/src/libsds/external/liblfds711/src/lfds711_queue_unbounded_manyproducer_manyconsumer/lfds711_queue_unbounded_manyproducer_manyconsumer_enqueue.c
Examining data/389-ds-base-1.4.4.8/src/libsds/external/liblfds711/src/lfds711_queue_unbounded_manyproducer_manyconsumer/lfds711_queue_unbounded_manyproducer_manyconsumer_init.c
Examining data/389-ds-base-1.4.4.8/src/libsds/external/liblfds711/src/lfds711_queue_unbounded_manyproducer_manyconsumer/lfds711_queue_unbounded_manyproducer_manyconsumer_internal.h
Examining data/389-ds-base-1.4.4.8/src/libsds/external/liblfds711/src/lfds711_queue_unbounded_manyproducer_manyconsumer/lfds711_queue_unbounded_manyproducer_manyconsumer_query.c
Examining data/389-ds-base-1.4.4.8/src/libsds/external/liblfds711/src/lfds711_ringbuffer/lfds711_ringbuffer_cleanup.c
Examining data/389-ds-base-1.4.4.8/src/libsds/external/liblfds711/src/lfds711_ringbuffer/lfds711_ringbuffer_init.c
Examining data/389-ds-base-1.4.4.8/src/libsds/external/liblfds711/src/lfds711_ringbuffer/lfds711_ringbuffer_internal.h
Examining data/389-ds-base-1.4.4.8/src/libsds/external/liblfds711/src/lfds711_ringbuffer/lfds711_ringbuffer_query.c
Examining data/389-ds-base-1.4.4.8/src/libsds/external/liblfds711/src/lfds711_ringbuffer/lfds711_ringbuffer_read.c
Examining data/389-ds-base-1.4.4.8/src/libsds/external/liblfds711/src/lfds711_ringbuffer/lfds711_ringbuffer_write.c
Examining data/389-ds-base-1.4.4.8/src/libsds/external/liblfds711/src/lfds711_stack/lfds711_stack_cleanup.c
Examining data/389-ds-base-1.4.4.8/src/libsds/external/liblfds711/src/lfds711_stack/lfds711_stack_init.c
Examining data/389-ds-base-1.4.4.8/src/libsds/external/liblfds711/src/lfds711_stack/lfds711_stack_internal.h
Examining data/389-ds-base-1.4.4.8/src/libsds/external/liblfds711/src/lfds711_stack/lfds711_stack_pop.c
Examining data/389-ds-base-1.4.4.8/src/libsds/external/liblfds711/src/lfds711_stack/lfds711_stack_push.c
Examining data/389-ds-base-1.4.4.8/src/libsds/external/liblfds711/src/lfds711_stack/lfds711_stack_query.c
Examining data/389-ds-base-1.4.4.8/src/libsds/external/liblfds711/src/liblfds711_internal.h
Examining data/389-ds-base-1.4.4.8/src/libsds/include/sds.h
Examining data/389-ds-base-1.4.4.8/src/libsds/sds/bpt/bpt.c
Examining data/389-ds-base-1.4.4.8/src/libsds/sds/bpt/bpt.h
Examining data/389-ds-base-1.4.4.8/src/libsds/sds/bpt/common.c
Examining data/389-ds-base-1.4.4.8/src/libsds/sds/bpt/list.c
Examining data/389-ds-base-1.4.4.8/src/libsds/sds/bpt/map.c
Examining data/389-ds-base-1.4.4.8/src/libsds/sds/bpt/search.c
Examining data/389-ds-base-1.4.4.8/src/libsds/sds/bpt/set.c
Examining data/389-ds-base-1.4.4.8/src/libsds/sds/bpt/verify.c
Examining data/389-ds-base-1.4.4.8/src/libsds/sds/bpt_cow/atomic.c
Examining data/389-ds-base-1.4.4.8/src/libsds/sds/bpt_cow/bpt_cow.c
Examining data/389-ds-base-1.4.4.8/src/libsds/sds/bpt_cow/bpt_cow.h
Examining data/389-ds-base-1.4.4.8/src/libsds/sds/bpt_cow/delete.c
Examining data/389-ds-base-1.4.4.8/src/libsds/sds/bpt_cow/insert.c
Examining data/389-ds-base-1.4.4.8/src/libsds/sds/bpt_cow/node.c
Examining data/389-ds-base-1.4.4.8/src/libsds/sds/bpt_cow/search.c
Examining data/389-ds-base-1.4.4.8/src/libsds/sds/bpt_cow/txn.c
Examining data/389-ds-base-1.4.4.8/src/libsds/sds/bpt_cow/verify.c
Examining data/389-ds-base-1.4.4.8/src/libsds/sds/core/crc32c.c
Examining data/389-ds-base-1.4.4.8/src/libsds/sds/core/utils.c
Examining data/389-ds-base-1.4.4.8/src/libsds/sds/ht/ht.c
Examining data/389-ds-base-1.4.4.8/src/libsds/sds/ht/ht.h
Examining data/389-ds-base-1.4.4.8/src/libsds/sds/ht/map.c
Examining data/389-ds-base-1.4.4.8/src/libsds/sds/ht/node.c
Examining data/389-ds-base-1.4.4.8/src/libsds/sds/ht/op.c
Examining data/389-ds-base-1.4.4.8/src/libsds/sds/ht/verify.c
Examining data/389-ds-base-1.4.4.8/src/libsds/sds/queue/lqueue.c
Examining data/389-ds-base-1.4.4.8/src/libsds/sds/queue/queue.c
Examining data/389-ds-base-1.4.4.8/src/libsds/sds/queue/queue.h
Examining data/389-ds-base-1.4.4.8/src/libsds/sds/queue/tqueue.c
Examining data/389-ds-base-1.4.4.8/src/libsds/sds/sds_internal.h
Examining data/389-ds-base-1.4.4.8/src/libsds/test/benchmark.c
Examining data/389-ds-base-1.4.4.8/src/libsds/test/benchmark.h
Examining data/389-ds-base-1.4.4.8/src/libsds/test/benchmark_par.c
Examining data/389-ds-base-1.4.4.8/src/libsds/test/benchmark_par.h
Examining data/389-ds-base-1.4.4.8/src/libsds/test/benchmark_parwrap.c
Examining data/389-ds-base-1.4.4.8/src/libsds/test/test_fixtures.c
Examining data/389-ds-base-1.4.4.8/src/libsds/test/test_sds.c
Examining data/389-ds-base-1.4.4.8/src/libsds/test/test_sds.h
Examining data/389-ds-base-1.4.4.8/src/libsds/test/test_sds_bpt.c
Examining data/389-ds-base-1.4.4.8/src/libsds/test/test_sds_cow.c
Examining data/389-ds-base-1.4.4.8/src/libsds/test/test_sds_csiphash.c
Examining data/389-ds-base-1.4.4.8/src/libsds/test/test_sds_ht.c
Examining data/389-ds-base-1.4.4.8/src/libsds/test/test_sds_lqueue.c
Examining data/389-ds-base-1.4.4.8/src/libsds/test/test_sds_queue.c
Examining data/389-ds-base-1.4.4.8/src/libsds/test/test_sds_set.c
Examining data/389-ds-base-1.4.4.8/src/libsds/test/test_sds_tqueue.c
Examining data/389-ds-base-1.4.4.8/src/rewriters/adfilter.c
Examining data/389-ds-base-1.4.4.8/src/slapi_r_plugin/src/init.c
Examining data/389-ds-base-1.4.4.8/src/svrcore/examples/svrcore_driver.c
Examining data/389-ds-base-1.4.4.8/src/svrcore/src/alt.c
Examining data/389-ds-base-1.4.4.8/src/svrcore/src/cache.c
Examining data/389-ds-base-1.4.4.8/src/svrcore/src/errors.c
Examining data/389-ds-base-1.4.4.8/src/svrcore/src/file.c
Examining data/389-ds-base-1.4.4.8/src/svrcore/src/ntgetpin.c
Examining data/389-ds-base-1.4.4.8/src/svrcore/src/ntresource.h
Examining data/389-ds-base-1.4.4.8/src/svrcore/src/pin.c
Examining data/389-ds-base-1.4.4.8/src/svrcore/src/pk11.c
Examining data/389-ds-base-1.4.4.8/src/svrcore/src/std-systemd.c
Examining data/389-ds-base-1.4.4.8/src/svrcore/src/std.c
Examining data/389-ds-base-1.4.4.8/src/svrcore/src/svrcore.h
Examining data/389-ds-base-1.4.4.8/src/svrcore/src/systemd-ask-pass.c
Examining data/389-ds-base-1.4.4.8/src/svrcore/src/user.c
Examining data/389-ds-base-1.4.4.8/test/libslapd/counters/atomic.c
Examining data/389-ds-base-1.4.4.8/test/libslapd/operation/v3_compat.c
Examining data/389-ds-base-1.4.4.8/test/libslapd/pblock/analytics.c
Examining data/389-ds-base-1.4.4.8/test/libslapd/pblock/v3_compat.c
Examining data/389-ds-base-1.4.4.8/test/libslapd/schema/filter_validate.c
Examining data/389-ds-base-1.4.4.8/test/libslapd/spal/meminfo.c
Examining data/389-ds-base-1.4.4.8/test/libslapd/test.c
Examining data/389-ds-base-1.4.4.8/test/main.c
Examining data/389-ds-base-1.4.4.8/test/plugins/pwdstorage/pbkdf2.c
Examining data/389-ds-base-1.4.4.8/test/plugins/test.c
Examining data/389-ds-base-1.4.4.8/test/test_slapd.h

FINAL RESULTS:

data/389-ds-base-1.4.4.8/ldap/servers/slapd/daemon.c:2291:13:  [5] (race) chmod:
  This accepts filename arguments; if an attacker can move those files, a
  race condition results. (CWE-362). Use fchmod( ) instead.
        if (chmod(get_pid_file(), S_IWUSR | S_IRUSR | S_IRGRP | S_IROTH) != 0) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/daemon.c:2453:13:  [5] (race) chmod:
  This accepts filename arguments; if an attacker can move those files, a
  race condition results. (CWE-362). Use fchmod( ) instead.
        if (chmod((*listenaddr)->local.path,
data/389-ds-base-1.4.4.8/ldap/servers/slapd/log.c:856:14:  [5] (race) chmod:
  This accepts filename arguments; if an attacker can move those files, a
  race condition results. (CWE-362). Use fchmod( ) instead.
            (chmod(loginfo.log_access_file, v) != 0)) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/log.c:872:14:  [5] (race) chmod:
  This accepts filename arguments; if an attacker can move those files, a
  race condition results. (CWE-362). Use fchmod( ) instead.
            (chmod(loginfo.log_error_file, v) != 0)) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/log.c:888:14:  [5] (race) chmod:
  This accepts filename arguments; if an attacker can move those files, a
  race condition results. (CWE-362). Use fchmod( ) instead.
            (chmod(loginfo.log_audit_file, v) != 0)) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/main.c:505:13:  [5] (race) chmod:
  This accepts filename arguments; if an attacker can move those files, a
  race condition results. (CWE-362). Use fchmod( ) instead.
        if (chmod(start_pid_file, S_IWUSR | S_IRUSR | S_IRGRP | S_IROTH) != 0) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/protect_db.c:177:13:  [5] (race) chown:
  This accepts filename arguments; if an attacker can move those files, a
  race condition results. (CWE-362). Use fchown( ) instead.
        if (chown(dir, pw->pw_uid, -1) == -1) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/protect_db.c:216:13:  [5] (race) chown:
  This accepts filename arguments; if an attacker can move those files, a
  race condition results. (CWE-362). Use fchown( ) instead.
        if (chown(file_name, pw->pw_uid, -1) == -1) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/ssl.c:1118:13:  [5] (race) chmod:
  This accepts filename arguments; if an attacker can move those files, a
  race condition results. (CWE-362). Use fchmod( ) instead.
            chmod(cert8db_file_name, S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP)) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/ssl.c:1123:13:  [5] (race) chmod:
  This accepts filename arguments; if an attacker can move those files, a
  race condition results. (CWE-362). Use fchmod( ) instead.
            chmod(cert9db_file_name, S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP)) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/ssl.c:1128:13:  [5] (race) chmod:
  This accepts filename arguments; if an attacker can move those files, a
  race condition results. (CWE-362). Use fchmod( ) instead.
            chmod(key3db_file_name, S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP)) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/ssl.c:1133:13:  [5] (race) chmod:
  This accepts filename arguments; if an attacker can move those files, a
  race condition results. (CWE-362). Use fchmod( ) instead.
            chmod(key4db_file_name, S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP)) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/ssl.c:1138:13:  [5] (race) chmod:
  This accepts filename arguments; if an attacker can move those files, a
  race condition results. (CWE-362). Use fchmod( ) instead.
            chmod(secmoddb_file_name, S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP)) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/ssl.c:1143:13:  [5] (race) chmod:
  This accepts filename arguments; if an attacker can move those files, a
  race condition results. (CWE-362). Use fchmod( ) instead.
            chmod(pkcs11txt_file_name, S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP)) {
data/389-ds-base-1.4.4.8/lib/base/fsmutex.cpp:89:18:  [5] (race) chown:
  This accepts filename arguments; if an attacker can move those files, a
  race condition results. (CWE-362). Use fchown( ) instead.
        int rc = chown( ((fsmutex_s *)fsm)->id, uid, gid);
data/389-ds-base-1.4.4.8/include/base/ereport.h:41:27:  [4] (format) printf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
    __attribute__((format(printf, 2, 3)));
data/389-ds-base-1.4.4.8/include/base/util.h:46:27:  [4] (format) printf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
    __attribute__((format(printf, 2, 3)));
data/389-ds-base-1.4.4.8/include/base/util.h:55:27:  [4] (format) printf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
    __attribute__((format(printf, 3, 4)));
data/389-ds-base-1.4.4.8/include/i18n.h:122:22:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
#define AdminFprintf fprintf
data/389-ds-base-1.4.4.8/include/i18n.h:123:22:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
#define DebugFprintf fprintf
data/389-ds-base-1.4.4.8/include/i18n.h:125:23:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
#define ClientSprintf sprintf
data/389-ds-base-1.4.4.8/include/i18n.h:126:22:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
#define AdminSprintf sprintf
data/389-ds-base-1.4.4.8/include/i18n.h:127:22:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
#define DebugSprintf sprintf
data/389-ds-base-1.4.4.8/include/ldaputil/errors.h:22:23:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
#define DBG_PRINT1(x) fprintf(stderr, x)
data/389-ds-base-1.4.4.8/include/ldaputil/errors.h:23:26:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
#define DBG_PRINT2(x, y) fprintf(stderr, x, y)
data/389-ds-base-1.4.4.8/include/ldaputil/errors.h:24:29:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
#define DBG_PRINT3(x, y, z) fprintf(stderr, x, y, z)
data/389-ds-base-1.4.4.8/include/ldaputil/errors.h:25:32:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
#define DBG_PRINT4(x, y, z, a) fprintf(stderr, x, y, z, a)
data/389-ds-base-1.4.4.8/include/public/nsapi.h:253:35:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
#define file_unix2local(path, p2) strcpy(p2, path)
data/389-ds-base-1.4.4.8/ldap/libraries/libavl/testavl.c:26:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(new, s);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.c:46:51:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
static int acl__TestRights(Acl_PBlock *aclpb, int access, const char **right, const char **map_generic, aclResultReason_t *result_reason);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.c:50:78:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
static int acl__attr_cached_result(struct acl_pblock *aclpb, char *attr, int access);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.c:51:82:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
static int acl__match_handlesFromCache(struct acl_pblock *aclpb, char *attr, int access);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.c:53:75:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
static int acl__recompute_acl(Acl_PBlock *aclpb, AclAttrEval *a_eval, int access, int aciIndex);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.c:55:45:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
                                        int access,
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.c:69:87:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
static int check_rdn_access(Slapi_PBlock *pb, Slapi_Entry *e, const char *newrdn, int access);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.c:86:9:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
    int access __attribute__((unused))          /* requested access rights */
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.c:143:72:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
check_rdn_access(Slapi_PBlock *pb, Slapi_Entry *e, const char *dn, int access)
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.c:166:55:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
                                                      access)) != LDAP_SUCCESS) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.c:212:9:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
    int access          /* requested access rights */
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.c:239:69:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
    TNF_PROBE_1_DEBUG(acl_access_allowed_start, "ACL", "", tnf_int, access, access);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.c:239:77:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
    TNF_PROBE_1_DEBUG(acl_access_allowed_start, "ACL", "", tnf_int, access, access);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.c:256:9:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
    if (access & (ACLPB_SLAPI_ACL_WRITE_ADD | ACLPB_SLAPI_ACL_WRITE_DEL)) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.c:257:9:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
        access |= SLAPI_ACL_WRITE;
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.c:267:9:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
    if (access & (SLAPI_ACL_WRITE | SLAPI_ACL_ADD | SLAPI_ACL_DELETE | SLAPI_ACL_MODDN)) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.c:280:42:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
                          acl_access2str(access),
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.c:288:38:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
    if (acl_skip_access_check(pb, e, access)) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.c:293:38:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
                      acl_access2str(access),
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.c:307:9:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
    if (access & SLAPI_ACL_PROXY)
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.c:336:9:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
    if (access & SLAPI_ACL_MODDN) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.c:352:17:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
    if (val && (access & SLAPI_ACL_WRITE) && (val->bv_len > 0)) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.c:368:17:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
                access |= SLAPI_ACL_SELF;
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.c:379:33:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
    if ((right = acl_access2str(access)) == NULL) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.c:382:67:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
                      "acl_access_allowed - Unknown rights:%d\n", access);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.c:395:10:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
    if ((access & (SLAPI_ACL_SEARCH | SLAPI_ACL_READ)) &&
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.c:398:61:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
        ret_val = aclanom_match_profile(pb, aclpb, e, attr, access);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.c:415:10:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
        (access & SLAPI_ACL_SEARCH)) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.c:432:28:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
    aclpb->aclpb_access |= access;
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.c:458:15:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
        if (!(access & SLAPI_ACL_PROXY) &&
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.c:472:13:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
        if (access & SLAPI_ACL_SEARCH) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.c:552:10:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
    if ((access & SLAPI_ACL_SEARCH) &&
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.c:553:61:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
        (ret_val = acl__match_handlesFromCache(aclpb, attr, access)) != -1) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.c:592:33:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
    rv = acl__TestRights(aclpb, access, &right, ds_map_generic,
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.c:601:37:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
        rv = acl__TestRights(aclpb, access, &right, ds_map_generic,
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.c:629:17:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
            if (access & SLAPI_ACL_SEARCH)
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.c:631:22:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
            else if (access & SLAPI_ACL_READ)
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.c:636:17:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
            if (access & SLAPI_ACL_SEARCH)
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.c:638:22:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
            else if (access & SLAPI_ACL_READ)
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.c:889:9:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
    int access /* access rights */
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.c:920:38:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
    if (acl_skip_access_check(pb, e, access)) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.c:924:38:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
                      acl_access2str(access),
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.c:1086:46:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
                                       NULL, access) != LDAP_SUCCESS) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.c:1223:9:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
    int access          /* access rights */
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.c:1246:38:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
    if (acl_skip_access_check(pb, e, access)) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.c:1249:38:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
                      acl_access2str(access),
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.c:1367:50:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
    return (acl_access_allowed(pb, e, attr, val, access));
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.c:2896:40:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
acl__TestRights(Acl_PBlock *aclpb, int access, const char **right, const char **map_generic, aclResultReason_t *result_reason)
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.c:2973:13:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
        if (access & (SLAPI_ACL_SEARCH | SLAPI_ACL_READ)) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.c:3001:25:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
                    if (access & SLAPI_ACL_SEARCH) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.c:3005:64:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
                            __acl_set_aclIndex_inResult(aclpb, access, index);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.c:3024:64:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
                            __acl_set_aclIndex_inResult(aclpb, access, index);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.c:3078:13:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
        if (access & (SLAPI_ACL_SEARCH | SLAPI_ACL_READ)) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.c:3120:48:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
            __acl_set_aclIndex_inResult(aclpb, access, index);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.c:3122:21:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
                if (access & SLAPI_ACL_SEARCH) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.c:3141:21:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
                if (access & SLAPI_ACL_SEARCH) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.c:3150:21:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
                if (access & SLAPI_ACL_SEARCH) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.c:3202:13:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
        if (access & (SLAPI_ACL_SEARCH | SLAPI_ACL_READ)) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.c:3231:25:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
                    if (access & SLAPI_ACL_SEARCH) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.c:3235:64:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
                            __acl_set_aclIndex_inResult(aclpb, access, index);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.c:3254:64:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
                            __acl_set_aclIndex_inResult(aclpb, access, index);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.c:3299:13:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
        if (access & (SLAPI_ACL_SEARCH | SLAPI_ACL_READ)) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.c:3344:48:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
            __acl_set_aclIndex_inResult(aclpb, access, index);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.c:3346:21:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
                if (access & SLAPI_ACL_SEARCH) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.c:3362:21:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
                if (access & SLAPI_ACL_SEARCH) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.c:3507:9:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
    int access          /* access rights */
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.c:3530:47:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
    rv = acl_access_allowed(pb, e, attr, val, access);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.c:3557:67:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
acl__attr_cached_result(struct acl_pblock *aclpb, char *attr, int access)
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.c:3563:11:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
    if (!(access & (SLAPI_ACL_SEARCH | SLAPI_ACL_READ)))
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.c:3585:18:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
            if ((access & SLAPI_ACL_READ) && a_eval->attrEval_r_status &&
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.c:3596:60:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
                    rc = acl__recompute_acl(aclpb, a_eval, access,
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.c:3626:17:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
            if (access & SLAPI_ACL_SEARCH) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.c:3633:64:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
                        rc = acl__recompute_acl(aclpb, a_eval, access,
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.c:3656:64:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
                        rc = acl__recompute_acl(aclpb, a_eval, access,
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.c:3933:64:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
acl__match_handlesFromCache(Acl_PBlock *aclpb, char *attr, int access)
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.c:3985:56:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
        ret_val = acl__attr_cached_result(aclpb, attr, access);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.c:3994:60:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
            ret_val = acl__attr_cached_result(aclpb, attr, access);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.c:4073:85:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
acl_skip_access_check(Slapi_PBlock *pb, Slapi_Entry *e __attribute__((unused)), int access)
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.c:4083:21:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
    if (isRoot && ((access & SLAPI_ACL_PROXY) || !aclpb))
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.c:4143:24:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
                   int access,
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.c:4215:35:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
    testRight[0] = acl_access2str(access);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.c:4225:13:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
        if (access & SLAPI_ACL_SEARCH)
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.c:4230:13:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
        if (access & SLAPI_ACL_SEARCH)
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.c:4265:13:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
        if (access & SLAPI_ACL_SEARCH)
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.c:4273:13:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
        if (access & SLAPI_ACL_SEARCH)
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.c:4279:13:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
        if (access & SLAPI_ACL_SEARCH)
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.c:4290:52:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
__acl_set_aclIndex_inResult(Acl_PBlock *aclpb, int access, int index)
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.c:4295:13:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
        if (access & SLAPI_ACL_SEARCH)
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.c:4297:18:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
        else if (access & SLAPI_ACL_READ)
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.h:717:90:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
int acl_read_access_allowed_on_entry(Slapi_PBlock *pb, Slapi_Entry *e, char **attrs, int access);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.h:718:101:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
int acl_access_allowed_modrdn(Slapi_PBlock *pb, Slapi_Entry *e, char *attr, struct berval *val, int access);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.h:719:107:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
int acl_read_access_allowed_on_attr(Slapi_PBlock *pb, Slapi_Entry *e, char *attr, struct berval *val, int access);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.h:721:26:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
void acl_gen_err_msg(int access, char *edn, char *attr, char **errbuf);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.h:724:112:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
int acl_access_allowed_disjoint_resource(Slapi_PBlock *pb, Slapi_Entry *e, char *attr, struct berval *val, int access);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.h:725:101:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
int acl_access_allowed_main(Slapi_PBlock *pb, Slapi_Entry *e, char **attrs, struct berval *val, int access, int flags, char **errbuf);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.h:726:94:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
int acl_access_allowed(Slapi_PBlock *pb, Slapi_Entry *e, char *attr, struct berval *val, int access);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.h:730:27:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
char *acl__access2str(int access);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.h:736:26:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
char *acl_access2str(int access);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.h:759:65:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
int acl_skip_access_check(Slapi_PBlock *pb, Slapi_Entry *e, int access);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.h:807:103:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
int aclanom_match_profile(Slapi_PBlock *pb, struct acl_pblock *aclpb, Slapi_Entry *e, char *attr, int access);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.h:859:98:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
acl_get_effective_rights(Slapi_PBlock *pb, Slapi_Entry *e, char **attrs, struct berval *val, int access, char **errbuf);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclanom.c:422:99:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
aclanom_match_profile(Slapi_PBlock *pb, struct acl_pblock *aclpb, Slapi_Entry *e, char *attr, int access)
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclanom.c:436:11:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
    if (!(access & (SLAPI_ACL_SEARCH | SLAPI_ACL_READ)))
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclanom.c:473:59:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
        if (!(a_profile->anom_targetinfo[i].anom_access & access))
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclanom.c:522:17:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
            if (access & SLAPI_ACL_MODDN) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclanom.c:540:17:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
            if (access & SLAPI_ACL_MODDN) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acleffectiverights.c:60:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    strcat(*gerstr, news);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acleffectiverights.c:62:9:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
        strcat(*gerstr, news2);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acleffectiverights.c:952:9:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
    int access __attribute__((unused)),         /* requested access rights */
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acllas.c:631:17:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
                sprintf(lineptr, "(userdn=%s)", user);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acllas.c:1879:9:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
        strcat(buf, minfo->member);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acllas.c:1891:9:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
        sprintf(buf, "\nuserDN=\"%s\"\nmember=", info->userDN);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acllas.c:1895:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(&(buf[len]), "\"%s\"", *info->member);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclparse.c:1495:20:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
acl_access2str(int access)
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclparse.c:1498:9:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
    if (access & SLAPI_ACL_COMPARE) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclparse.c:1500:16:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
    } else if (access & SLAPI_ACL_SEARCH) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclparse.c:1502:16:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
    } else if (access & SLAPI_ACL_READ) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclparse.c:1504:16:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
    } else if (access & SLAPI_ACL_DELETE) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclparse.c:1506:16:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
    } else if (access & SLAPI_ACL_ADD) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclparse.c:1508:17:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
    } else if ((access & SLAPI_ACL_WRITE) && (access & SLAPI_ACL_SELF)) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclparse.c:1508:47:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
    } else if ((access & SLAPI_ACL_WRITE) && (access & SLAPI_ACL_SELF)) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclparse.c:1510:16:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
    } else if (access & SLAPI_ACL_WRITE) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclparse.c:1512:16:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
    } else if (access & SLAPI_ACL_PROXY) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclparse.c:1514:16:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
    } else if (access & SLAPI_ACL_MODDN) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclparse.c:1652:17:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
                sprintf(lineptr, "(attr=%s)", str);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclplugin.c:335:97:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
acl_access_allowed_main(Slapi_PBlock *pb, Slapi_Entry *e, char **attrs, struct berval *val, int access, int flags, char **errbuf)
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclplugin.c:346:61:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
        rc = acl_read_access_allowed_on_entry(pb, e, attrs, access);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclplugin.c:352:68:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
            rc = acl_read_access_allowed_on_attr(pb, e, attr, val, access);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclplugin.c:355:69:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
        rc = acl_access_allowed_disjoint_resource(pb, e, attr, val, access);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclplugin.c:357:58:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
        rc = acl_access_allowed_modrdn(pb, e, attr, val, access);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclplugin.c:359:58:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
        rc = acl_get_effective_rights(pb, e, attrs, val, access, errbuf);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclplugin.c:361:51:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
        rc = acl_access_allowed(pb, e, attr, val, access);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclplugin.c:366:10:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
        (access & (SLAPI_ACL_WRITE | SLAPI_ACL_ADD | SLAPI_ACL_DELETE | SLAPI_ACL_MODDN))) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclplugin.c:370:25:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
        acl_gen_err_msg(access, edn, attr, errbuf);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclutil.c:56:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    strcat(*str1, str2);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclutil.c:184:9:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
        sprintf(lineptr, "ACL Internal Error(%d): "
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclutil.c:189:9:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
        sprintf(lineptr, "ACL Internal Error(%d): "
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclutil.c:194:9:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
        sprintf(lineptr, "ACL Internal Error(%d): "
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclutil.c:199:9:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
        sprintf(lineptr, "ACL Syntax Error(%d):%s\n",
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclutil.c:203:9:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
        sprintf(lineptr, "ACL Syntax Error in the Bind Rules(%d):%s\n",
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclutil.c:227:9:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
        sprintf(lineptr, "ACL Invalid Target Error(%d): "
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclutil.c:230:9:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
        sprintf(lineptr + strlen(lineptr), " %s\n", escape_string_with_punctuation(str, ebuf));
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclutil.c:234:9:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
        sprintf(lineptr, "ACL Multiple auth method Error(%d):"
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclutil.c:239:9:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
        sprintf(lineptr, "ACL Syntax Error(%d):"
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclutil.c:244:9:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
        sprintf(lineptr, "ACL Syntax Error(%d):"
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclutil.c:249:9:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
        sprintf(lineptr, "ACL Internal Error(%d):"
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclutil.c:435:21:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
acl_gen_err_msg(int access, char *edn, char *attr, char **errbuf)
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclutil.c:439:9:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
    if (access & SLAPI_ACL_WRITE) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclutil.c:443:16:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
    } else if (access & SLAPI_ACL_ADD) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclutil.c:447:16:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
    } else if (access & SLAPI_ACL_DELETE) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclutil.c:450:16:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
    } else if (access & SLAPI_ACL_MODDN) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclutil.c:1290:13:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
            strcpy(patched, prefix);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclutil.c:1291:13:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
            strcat(patched, replace_with_str);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclutil.c:1292:13:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
            strcat(patched, suffix);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/chainingdb/cb_acl.c:45:9:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
    int access,         /* access rights */
data/389-ds-base-1.4.4.8/ldap/servers/plugins/chainingdb/cb_acl.c:50:13:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
    switch (access) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/chainingdb/cb_acl.c:61:55:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
        return slapi_access_allowed(pb, e, attr, val, access);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/chainingdb/cb_instance.c:1636:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(buf, "%s", "on");
data/389-ds-base-1.4.4.8/ldap/servers/plugins/chainingdb/cb_instance.c:1638:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(buf, "%s", "off");
data/389-ds-base-1.4.4.8/ldap/servers/plugins/collation/config.c:113:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        strcpy(line + lcur, buf);                        \
data/389-ds-base-1.4.4.8/ldap/servers/plugins/cos/cos_cache.c:1929:21:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
                    strcpy(tmpGrade, pCosSpecifier->val);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/dna/dna.c:2518:9:  [4] (format) snprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
        snprintf(next_value, sizeof(next_value), "%" PRIu64, nextval);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/dna/dna.c:2630:9:  [4] (format) snprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
        snprintf(remaining_vals, sizeof(remaining_vals), "%" PRIu64,
data/389-ds-base-1.4.4.8/ldap/servers/plugins/dna/dna.c:2731:5:  [4] (format) snprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
    snprintf(nextrange_value, sizeof(nextrange_value), "%" PRIu64 "-%" PRIu64,
data/389-ds-base-1.4.4.8/ldap/servers/plugins/dna/dna.c:2801:5:  [4] (format) snprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
    snprintf(maxval_val, sizeof(maxval_val), "%" PRIu64, config_entry->next_range_upper);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/dna/dna.c:2802:5:  [4] (format) snprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
    snprintf(nextval_val, sizeof(nextval_val), "%" PRIu64, config_entry->next_range_lower);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/dna/dna.c:4260:21:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
                    strcpy(new_value, config_entry->prefix);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/dna/dna.c:4261:21:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
                    strcat(new_value, value);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/dna/dna.c:4263:21:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
                    strcpy(new_value, value);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/dna/dna.c:4451:9:  [4] (format) snprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
        snprintf(lowstr, sizeof(lowstr), "%" PRIu64, lower);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/dna/dna.c:4452:9:  [4] (format) snprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
        snprintf(highstr, sizeof(highstr), "%" PRIu64, upper);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/dna/dna.c:4630:17:  [4] (format) snprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
                snprintf(max_value, sizeof(max_value), "%" PRIu64, (*lower - 1));
data/389-ds-base-1.4.4.8/ldap/servers/plugins/http/http_impl.c:41:35:  [4] (format) printf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
#define slapi_log_err(a, b, c, d) printf((c), (d))
data/389-ds-base-1.4.4.8/ldap/servers/plugins/http/http_impl.c:543:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(reqBUF, HTTP_GET);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/http/http_impl.c:545:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    strcat(reqBUF, path);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/http/http_impl.c:547:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    strcat(reqBUF, HTTP_PROTOCOL);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/http/http_impl.c:627:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(reqBUF, HTTP_POST);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/http/http_impl.c:629:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    strcat(reqBUF, path);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/http/http_impl.c:631:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    strcat(reqBUF, HTTP_PROTOCOL);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/http/http_impl.c:633:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    strcat(reqBUF, HTTP_CONTENT_LENGTH);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/http/http_impl.c:635:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    strcat(reqBUF, body_len_str);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/http/http_impl.c:637:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    strcat(reqBUF, HTTP_CONTENT_TYPE_URL_ENCODED);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/http/http_impl.c:643:13:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
            strcat(reqBUF, httpheaderArray[i]->name);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/http/http_impl.c:646:13:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
            strcat(reqBUF, httpheaderArray[i]->value);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/http/http_impl.c:652:9:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
        strcat(reqBUF, body);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/http/http_impl.c:832:9:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
        sprintf(*path, dir, "/", url);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/http/http_impl.c:834:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        strcpy(*path, url);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/http/http_impl.c:931:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        strcpy(newstr, url + 7);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/http/http_impl.c:936:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        strcpy(newstr, url + 8);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/pam_passthru/pam_ptimpl.c:38:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        strcpy(buf->fixbuf, s);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/pwdstorage/crypt_pwd.c:57:10:  [4] (crypto) crypt_r:
  The crypt functions use a poor one-way hashing algorithm; since they only
  accept passwords of 8 characters or fewer and only a two-byte salt, they
  are excessively vulnerable to dictionary attacks given today's faster
  computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
  with a larger, non-repeating salt.
    cp = crypt_r(userpwd, dbpwd, &data);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/pwdstorage/crypt_pwd.c:102:11:  [4] (crypto) crypt_r:
  The crypt functions use a poor one-way hashing algorithm; since they only
  accept passwords of 8 characters or fewer and only a two-byte salt, they
  are excessively vulnerable to dictionary attacks given today's faster
  computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
  with a larger, non-repeating salt.
    cry = crypt_r(pwd, algo_salt, &data);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/pwdstorage/ns-mta-md5_pwd.c:62:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(saltstr, "%s%c%s%c%s", salt, 89, passwd, 247, salt);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/pwdstorage/pbkdf2_pwd.c:185:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(enc, "%c%s%c", PWD_HASH_PREFIX_START, schemeName, PWD_HASH_PREFIX_END);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/pwdstorage/sha_pwd.c:185:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(enc, "%c%s%c", PWD_HASH_PREFIX_START, schemeName,
data/389-ds-base-1.4.4.8/ldap/servers/plugins/pwdstorage/ssha_pwd.c:139:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(enc, "%c%s%c", PWD_HASH_PREFIX_START, schemeName,
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_api.c:1709:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        strcpy(*buff, str);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_replica_config.c:240:18:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
                 strcpy(errortext, MSG_NOREPLICANORMRDN);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_replica_config.c:260:13:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
            strcpy(errortext, MSG_NOREPLICARDN);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_total.c:57:22:  [4] (format) printf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
#define BER_DEBUG(a) printf(a)
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_updatedn_list.c:311:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    strcat(data->string, slapi_sdn_get_dn(dn));
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_updatedn_list.c:312:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    strcat(data->string, data->delimiter);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/replutil.c:653:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(tmpref, "%s%s", referrals_to_set[ii], (need_slash ? "/" : ""));
data/389-ds-base-1.4.4.8/ldap/servers/plugins/retrocl/retrocl.c:510:17:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
                strcpy(retrocl_aliases[i], pos + 1);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/rever/pbe.c:39:20:  [4] (crypto) crypt:
  The crypt functions use a poor one-way hashing algorithm; since they only
  accept passwords of 8 characters or fewer and only a two-byte salt, they
  are excessively vulnerable to dictionary attacks given today's faster
  computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
  with a larger, non-repeating salt.
    unsigned char *crypt;
data/389-ds-base-1.4.4.8/ldap/servers/plugins/rever/pbe.c:99:25:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
                        sprintf(tmp, "%c%s-%s%c%s", PWD_HASH_PREFIX_START, scheme,
data/389-ds-base-1.4.4.8/ldap/servers/plugins/rever/pbe.c:106:25:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
                        sprintf(tmp, "%c%s%c%s", PWD_HASH_PREFIX_START, scheme,
data/389-ds-base-1.4.4.8/ldap/servers/plugins/rever/pbe.c:173:40:  [4] (crypto) crypt:
  The crypt functions use a poor one-way hashing algorithm; since they only
  accept passwords of 8 characters or fewer and only a two-byte salt, they
  are excessively vulnerable to dictionary attacks given today's faster
  computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
  with a larger, non-repeating salt.
        slapi_ch_free((void **)&store->crypt);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/rever/pbe.c:249:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy((char *)pwitem->data, iv);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/rever/pbe.c:263:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy((char *)salt->data, iv);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/rever/pbe.c:475:17:  [4] (crypto) crypt:
  The crypt functions use a poor one-way hashing algorithm; since they only
  accept passwords of 8 characters or fewer and only a two-byte salt, they
  are excessively vulnerable to dictionary attacks given today's faster
  computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
  with a larger, non-repeating salt.
    if (!store->crypt) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/rever/pbe.c:491:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy((char *)clear_with_padding, clear);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/rever/pbe.c:500:42:  [4] (crypto) crypt:
  The crypt functions use a poor one-way hashing algorithm; since they only
  accept passwords of 8 characters or fewer and only a two-byte salt, they
  are excessively vulnerable to dictionary attacks given today's faster
  computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
  with a larger, non-repeating salt.
    rv = slapd_pk11_cipherOp(ctx, store->crypt, &outLen, store->length,
data/389-ds-base-1.4.4.8/ldap/servers/plugins/rever/pbe.c:517:23:  [4] (crypto) crypt:
  The crypt functions use a poor one-way hashing algorithm; since they only
  accept passwords of 8 characters or fewer and only a two-byte salt, they
  are excessively vulnerable to dictionary attacks given today's faster
  computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
  with a larger, non-repeating salt.
        *out = store->crypt;
data/389-ds-base-1.4.4.8/ldap/servers/plugins/uiduniq/uid.c:387:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        strcpy(fp, (tmp_config->attrs)[i]);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/uiduniq/uid.c:512:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        strcpy(fp, requiredObjectClass);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/uiduniq/uid.c:520:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        strcpy(fp, attributes[0]);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/uiduniq/uid.c:542:13:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
            strcpy(fp, attributes[i]);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/usn/usn.c:366:5:  [4] (format) snprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
    snprintf(usn_berval.bv_val, USN_COUNTER_BUF_LEN, "%" PRIu64,
data/389-ds-base-1.4.4.8/ldap/servers/plugins/usn/usn.c:706:17:  [4] (format) snprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
                snprintf(usn_berval.bv_val, USN_COUNTER_BUF_LEN, "%" PRIu64,
data/389-ds-base-1.4.4.8/ldap/servers/plugins/usn/usn.c:729:17:  [4] (format) snprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
                snprintf(usn_berval.bv_val, USN_COUNTER_BUF_LEN, "%" PRIu64,
data/389-ds-base-1.4.4.8/ldap/servers/plugins/vattrsp_template/vattrsp.c:375:27:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        thang.type_name = strcpy(thang.type_name, attr);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ancestorid.c:305:9:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
        sprintf(p, "%s%s", (p != ndnstr) ? "," : "", rdns1[i]);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/cache.c:958:9:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
        sprintf(*out + strlen(*out), "%s hash: %lu slots, %d items (%d max "
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_import_threads.c:3574:9:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
        sprintf(tp, "dn: %s\n", slapi_entry_get_dn_const(*ep));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_import_threads.c:3610:17:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
                sprintf(tp, "%s: %s\n", attr_name, attr_val->bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_layer.c:1399:9:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
        sprintf(s, "%" PRIu64, import_cache);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_layer.c:2624:17:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
                sprintf(p, "%c%s%s", get_sep(dbNamep), a->ai_type, LDBM_FILENAME_SUFFIX);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_ldif2db.c:2694:9:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
        sprintf(fullpathp, "%s/%s", inst_dirp, direntry->name);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_misc.c:312:9:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
        sprintf(size_to_str, "%" PRIu64, db_size);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_misc.c:371:9:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
        sprintf(size_to_str, "%" PRIu64, import_size);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_monitor.c:29:9:  [4] (format) snprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
        snprintf(tmp_atype, sizeof(tmp_atype), _attr, _x); \
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_monitor.c:90:5:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
    sprintf(buf, "%" PRIu64, hits);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_monitor.c:92:5:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
    sprintf(buf, "%" PRIu64, tries);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_monitor.c:94:5:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
    sprintf(buf, "%" PRIu64, (uint64_t)(100.0 * (double)hits / (double)(tries > 0 ? tries : 1)));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_monitor.c:96:5:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
    sprintf(buf, "%" PRIu64, size);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_monitor.c:98:5:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
    sprintf(buf, "%" PRIu64, maxsize);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_monitor.c:100:5:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
    sprintf(buf, "%" PRIu64, nentries);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_monitor.c:102:5:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
    sprintf(buf, "%" PRId64, maxentries);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_monitor.c:109:9:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
        sprintf(buf, "%" PRIu64, hits);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_monitor.c:111:9:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
        sprintf(buf, "%" PRIu64, tries);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_monitor.c:113:9:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
        sprintf(buf, "%" PRIu64, (uint64_t)(100.0 * (double)hits / (double)(tries > 0 ? tries : 1)));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_monitor.c:115:9:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
        sprintf(buf, "%" PRIu64, size);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_monitor.c:117:9:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
        sprintf(buf, "%" PRIu64, maxsize);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_monitor.c:119:9:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
        sprintf(buf, "%" PRIu64, nentries);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_monitor.c:121:9:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
        sprintf(buf, "%" PRId64, maxentries);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_monitor.c:234:5:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
    sprintf(buf, "%" PRIu64, cache_tries);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_monitor.c:253:9:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
        sprintf(buf, "%" PRIu64, tries);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_monitor.c:255:9:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
        sprintf(buf, "%" PRIu64, hits);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_monitor.c:257:9:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
        sprintf(buf, "%" PRIu64, (tries - hits));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_monitor.c:259:9:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
        sprintf(buf, "%" PRIu64, (uint64_t)(100.0 * (double)hits / (double)(tries > 0 ? tries : 1)));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_monitor.c:261:9:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
        sprintf(buf, "%" PRIu64, evicts);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_monitor.c:263:9:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
        sprintf(buf, "%" PRIu64, size);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_monitor.c:268:13:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
            sprintf(buf, "%" PRIu64, maxsize);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_monitor.c:271:9:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
        sprintf(buf, "%" PRIu64, thread_size);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_monitor.c:273:9:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
        sprintf(buf, "%" PRIu64, slots);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_monitor.c:275:9:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
        sprintf(buf, "%" PRIu64, count);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_version.c:95:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(buf, "%s\n", dataversion);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/dblayer.c:318:9:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
        sprintf(buf, "%s%c%s",
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/dblayer.c:325:9:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
        sprintf(buf, "%s%c%s",
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/dblayer.c:331:9:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
        sprintf(buf, "%s", parent_dir);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/idl.c:335:9:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
        sprintf(kstr, "%c%s%lu", CONT_PREFIX, (char *)key->dptr, (u_long)thisID);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/idl.c:512:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(bkey->dptr, "%c%s%lu", CONT_PREFIX, (char *)hkey->dptr, (u_long)b->b_ids[0]);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/idl.c:532:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(fmt, "IDL_CHECK_FAILED - %s(%%s,%lu) %s: %s\n", func, (u_long)id, note, FORMAT); \
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/idl.c:694:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(kstr, "%c%s%lu", CONT_PREFIX, (char *)key->dptr,
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/idl.c:701:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(kstr, "%c%s%lu", CONT_PREFIX, (char *)key->dptr,
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/idl.c:761:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(kstr, "%c%s%lu", CONT_PREFIX, (char *)key->dptr, (u_long)idl->b_ids[i]);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/idl.c:824:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(kstr3, "%c%s%lu", CONT_PREFIX, (char *)key->dptr,
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/idl.c:955:17:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
                sprintf(kstr, "%c%s%lu", CONT_PREFIX, (char *)key->dptr,
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/idl.c:1011:9:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
        sprintf(kstr, "%c%s%lu", CONT_PREFIX, (char *)key->dptr,
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/idl.c:1023:9:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
        sprintf(kstr, "%c%s%lu", CONT_PREFIX, (char *)key->dptr,
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/idl.c:1589:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(contkey->dptr, "%c%s%lu", CONT_PREFIX, (char *)key->dptr, (u_long)id);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_config.c:176:9:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
        sprintf(buf, "%" PRIu32, (uint32_t)((size_t)val));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_config.c:179:9:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
        sprintf(buf, "%" PRIu64, (uint64_t)((uintptr_t)val));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_config.c:935:13:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
            strcpy(p, li->li_attrs_to_exclude_from_export[i]);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_modrdn.c:1987:9:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
        strcat(newdn, olddns[i]);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_modrdn.c:1991:9:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
        strcat(newdn, newsuperiordns[i]);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/seq.c:145:24:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            key.size = sprintf(key.data, "%c%s", EQ_PREFIX, val);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/sort.c:112:9:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
        sprintf(buffer, "%s", prefix);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/sort.c:116:9:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
        sprintf(buffer + size + prefix_size, "%s", candidate_buffer);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/sort.c:239:23:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            buffer += sprintf(buffer, "%s%s%s%s ",
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/vlv.c:1757:14:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
        p += sprintf(p, "%d:%d:%s",
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/vlv_srch.c:369:17:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
                sprintf(text + strlen(text), "'%s', ", pi->vlv_name);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/config.c:105:25:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
                        strcpy(value, s);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/conntable.c:580:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(bufptr, "%d:%s:%d:%d:%s%s:%s:%s:%" PRIu64 ":ip=%s",
data/389-ds-base-1.4.4.8/ldap/servers/slapd/conntable.c:604:5:  [4] (format) snprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
    snprintf(buf, sizeof(buf), "%" PRIu64, slapi_counter_get_value(num_conns));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/conntable.c:609:5:  [4] (format) snprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
    snprintf(buf, sizeof(buf), "%" PRIu64, slapi_counter_get_value(conns_in_maxthreads));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/conntable.c:614:5:  [4] (format) snprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
    snprintf(buf, sizeof(buf), "%" PRIu64, slapi_counter_get_value(max_threads_count));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/counters.c:108:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(name, "%s_%s_%s", counters[i].qname, counters[i].rname, counters[i].description);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/counters.c:110:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(value, "%d -> %d (%s%d)",
data/389-ds-base-1.4.4.8/ldap/servers/slapd/daemon.c:1982:17:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
                strcpy(dn_str, tpl);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/daemon.c:1983:17:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
                strcat(dn_str, base);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/daemon.c:1985:17:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
                sprintf(auth_dn, dn_str, gid, uid);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/entry.c:1498:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        strcpy(p, attrtype);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/entry.c:1509:13:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
            strcpy(p, DELETED_ATTR_STRING);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/entry.c:1513:13:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
            strcpy(p, DELETED_VALUE_STRING);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/entry.c:2996:5:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
    sprintf(value, "%" PRIu64, l);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/filter.c:424:13:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
            strcat(*fstr, ftmp);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/filter.c:472:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(*fstr, "(%s=", f->f_sub_type);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/filter.c:503:17:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
                strcat(*fstr, eval);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/filter.c:518:17:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
                strcat(*fstr, eval);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/filter.c:536:17:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
                strcat(*fstr, eval);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/filter.c:1307:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(buf, "(%s%s%.*s)", f->f_ava.ava_type, operator,(int) f->f_ava.ava_value.bv_len,
data/389-ds-base-1.4.4.8/ldap/servers/slapd/filter.c:1317:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(buf, "(%s=", f->f_sub_type);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/filter.c:1325:21:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
                    sprintf(buf, "%s", f->f_sub_initial);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/filter.c:1335:25:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
                        sprintf(buf, "*%s", f->f_sub_any[i]);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/filter.c:1345:21:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
                    sprintf(buf, "*%s", f->f_sub_final);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/filter.c:1362:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(buf, "(%s=*)", f->f_type);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/filter.c:1392:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(buf, "(%s%s%s%s%s%.*s)", f->f_mr_type, f->f_mr_dnAttrs ? ":dn" : "",
data/389-ds-base-1.4.4.8/ldap/servers/slapd/ldaputil.c:1288:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        strcpy(dnbuf + 3, binddn);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/localhost.c:163:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(DN, RDN);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/localhost.c:166:9:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
        strcat(DN, DNS);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/localhost.c:168:9:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
        strcat(DN, RDN);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/localhost.c:172:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    strcat(DN, DNS);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/localhost.c:233:9:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
        sprintf(c, "cn=ldap://%s:%d", host ? host : "", config_get_port());
data/389-ds-base-1.4.4.8/ldap/servers/slapd/log.c:2564:17:  [4] (format) vsnprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
    if ((vlen = vsnprintf(vbuf, SLAPI_LOG_BUFSIZ, fmt, ap)) == -1) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/main.c:392:5:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
    fprintf(stderr, usagestr, name, extraname, extraspace);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/main.c:432:9:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
        strcat(buf, u.release);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/main.c:453:17:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
                strcat(buf, rp);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/main.c:469:5:  [4] (format) printf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
    printf(SLAPD_VENDOR_NAME "\n%s B%s\n", versionstring, buildnum);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/main.c:881:13:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
        if (access(rundir, R_OK | W_OK)) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/main.c:1486:17:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
                strcpy(p, optarg_ext);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/main.c:2258:25:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
                        sprintf(my_ldiffile, "%s_%s", *instp, mcfg->archive_name);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/main.c:2262:25:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
                        sprintf(my_ldiffile, "%s%c%s_%s",
data/389-ds-base-1.4.4.8/ldap/servers/slapd/main.c:2828:13:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
            strcpy(p, slapd_debug_level_map[i].dle_string);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/monitor.c:59:18:  [4] (format) snprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
    val.bv_len = snprintf(buf, sizeof(buf), "%" PRIu64, g_get_active_threadcnt());
data/389-ds-base-1.4.4.8/ldap/servers/slapd/monitor.c:65:18:  [4] (format) snprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
    val.bv_len = snprintf(buf, sizeof(buf), "%" PRIu64, slapi_counter_get_value(ops_initiated));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/monitor.c:69:18:  [4] (format) snprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
    val.bv_len = snprintf(buf, sizeof(buf), "%" PRIu64, slapi_counter_get_value(ops_completed));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/monitor.c:73:18:  [4] (format) snprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
    val.bv_len = snprintf(buf, sizeof(buf), "%" PRIu64, g_get_num_entries_sent());
data/389-ds-base-1.4.4.8/ldap/servers/slapd/monitor.c:77:18:  [4] (format) snprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
    val.bv_len = snprintf(buf, sizeof(buf), "%" PRIu64, g_get_num_bytes_sent());
data/389-ds-base-1.4.4.8/ldap/servers/slapd/opshared.c:370:13:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
            strcpy(fmtstr, SLAPD_SEARCH_FMTSTR_CONN_OP);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/opshared.c:373:17:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
                strcpy(fmtstr, SLAPD_SEARCH_FMTSTR_CONN_OP_INT_INT);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/opshared.c:375:17:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
                strcpy(fmtstr, SLAPD_SEARCH_FMTSTR_CONN_OP_EXT_INT);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/opshared.c:378:9:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
        strcat(fmtstr, LOG_ACCESS_FORMAT_BUFSIZ(normbase, " SRCH base=\"", SLAPD_SEARCH_BUFPART));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/opshared.c:379:9:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
        strcat(fmtstr, LOG_ACCESS_FORMAT_BUFSIZ(fstr, "\" scope=%d filter=\"", SLAPD_SEARCH_BUFPART));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/opshared.c:380:9:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
        strcat(fmtstr, LOG_ACCESS_FORMAT_ATTR_BUFSIZ(attrliststr, "\" attrs=", SLAPD_SEARCH_BUFPART));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/opshared.c:381:9:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
        strcat(fmtstr, SLAPD_SEARCH_FMTSTR_REMAINDER);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/plugin.c:646:13:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
            strcat(names_list, p->plg_pwdstorageschemename);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/plugin_acl.c:22:58:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
acl_default_access(Slapi_PBlock *pb, Slapi_Entry *e, int access)
data/389-ds-base-1.4.4.8/ldap/servers/slapd/plugin_acl.c:37:21:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
    if (rootdse && (access & (SLAPI_ACL_READ | SLAPI_ACL_SEARCH)))
data/389-ds-base-1.4.4.8/ldap/servers/slapd/plugin_acl.c:44:96:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
plugin_call_acl_plugin(Slapi_PBlock *pb, Slapi_Entry *e, char **attrs, struct berval *val, int access, int flags, char **errbuf)
data/389-ds-base-1.4.4.8/ldap/servers/slapd/plugin_acl.c:62:66:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
            rc = (*p->plg_acl_access_allowed)(pb, e, attrs, val, access, flags, errbuf);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/plugin_acl.c:69:40:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
        rc = acl_default_access(pb, e, access);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/plugin_acl.c:206:92:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
slapi_access_allowed(Slapi_PBlock *pb, Slapi_Entry *e, char *attr, struct berval *val, int access)
data/389-ds-base-1.4.4.8/ldap/servers/slapd/plugin_acl.c:211:55:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
    return (plugin_call_acl_plugin(pb, e, attrs, val, access, ACLPLUGIN_ACCESS_DEFAULT, NULL));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/protect_db.c:66:13:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
            fprintf(stderr, ERROR_WRITING_LOCKFILE, lockfile);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/protect_db.c:75:9:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
        fprintf(stderr, ERROR_ACCESSING_LOCKFILE, lockfile);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/protect_db.c:89:21:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
                    fprintf(stderr, ERROR_WRITING_LOCKFILE, lockfile);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/protect_db.c:106:21:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
                    fprintf(stderr, LOCKFILE_DEAD_OWNER, lockfile, owning_pid);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/protect_db.c:112:21:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
                    fprintf(stderr, UNABLE_TO_GET_LOCKFILE, lockfile);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/protect_db.c:119:17:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
                fprintf(stderr, LOCKFILE_ALREADY_OWNED, owning_pid);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/proto-slap.h:807:27:  [4] (format) printf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
    __attribute__((format(printf, 2, 3)));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/proto-slap.h:978:100:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
int plugin_call_acl_plugin(Slapi_PBlock *pb, Slapi_Entry *e, char **attrs, struct berval *val, int access, int flags, char **errbuf);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/referral.c:356:9:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
        strcat(*urlp, p);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/result.c:489:17:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
                strcpy(buf, text);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/result.c:495:17:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
                strcat(buf, urls[i]->bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/result.c:2023:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(csn_str, " csn=%s", csn_as_string(operationcsn, PR_FALSE, tmp_csn_str));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/rootdse.c:162:9:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
        sprintf(val.bv_val, "%s:%s", be_name, base);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:169:27:  [4] (format) printf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
    __attribute__((format(printf, 5, 6)));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:1471:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    outp += sprintf(outp, "( %s NAME ", asip->asi_oid);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:1474:17:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
        outp += sprintf(outp, "'%s' ", asip->asi_name);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:1477:17:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
        outp += sprintf(outp, "( '%s' ", asip->asi_name);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:1479:21:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            outp += sprintf(outp, "'%s' ", asip->asi_aliases[i]);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:1486:17:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
        outp += sprintf(outp, "DESC '%s'", attr_desc);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:1601:9:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
        sprintf(sew->psbSyntaxDescription->buffer, "( %s )", oid);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:1606:9:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
        sprintf(sew->psbSyntaxDescription->buffer, "( %s DESC '%s' )",
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:1749:9:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
        sprintf(psbObjectClasses->buffer, "( %s NAME '%s'", (oc->oc_oid) ? oc->oc_oid : "", oc->oc_name);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:1758:17:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
                strcat(psbObjectClasses->buffer, oc_description);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:1765:13:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
            strcat(psbObjectClasses->buffer, schema_obsolete_with_spaces);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:1779:17:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
                strcat(psbObjectClasses->buffer, (enquote_sup_oc ? "'" : ""));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:1780:17:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
                strcat(psbObjectClasses->buffer, ((oc->oc_superior && *oc->oc_superior) ? oc->oc_superior : "top"));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:1781:17:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
                strcat(psbObjectClasses->buffer, (enquote_sup_oc ? "'" : ""));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:1792:13:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
            strcat(psbObjectClasses->buffer, schema_oc_kind_strings_with_spaces[oc->oc_kind]);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:1822:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(psbMatchingRule->buffer,
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:1832:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(psbMatchingRule->buffer, "( %s ", mrl->mr_entry->mr_oid);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:1835:17:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
                sprintf(p, "NAME '%s' ", mr_name);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:1839:17:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
                sprintf(p, "DESC '%s' ", mr_desc);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:1842:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(p, "SYNTAX %s )", mrl->mr_entry->mr_syntax);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:2476:9:  [4] (buffer) sscanf:
  The scanf() family's %s operation, without a limit specification, permits
  buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
  different input function.
        sscanf(attr_ldif, "%s name %s syntax %s",
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:2697:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        strcpy(psbOcName->buffer, pnew_oc->oc_name);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:2698:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        strcpy(psbOcOid->buffer, pnew_oc->oc_oid);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:4433:21:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            count = sprintf(outp, "%s'%s%s' ", tag, oid, suffix);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:4435:21:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            count = sprintf(outp, "%s%s%s ", tag, oid, suffix);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:4464:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(p, "%s %s ", prefix, oids[0]); /* just one oid */
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:4466:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(p, "%s ( ", prefix); /* oidlist */
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:4471:17:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
                strcat(p, oids[i]);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:4517:22:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
                p += sprintf(p, "%s '%s' ", prefix, qdlist[0]);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:4519:22:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
                p += sprintf(p, "%s (", prefix);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:4521:26:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
                    p += sprintf(p, " '%s'", qdlist[i]);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:5132:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(oc_str, "( %s NAME '%s'", (oc->oc_oid) ? oc->oc_oid : "", oc->oc_name);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:5137:9:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
        strcat(oc_str, oc->oc_desc);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:5144:9:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
        strcat(oc_str, oc->oc_superior);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:5149:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    strcat(oc_str, schema_oc_kind_strings_with_spaces[oc->oc_kind]);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:5158:13:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
            strcat(oc_str, oc->oc_orig_required[i]);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:5170:13:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
            strcat(oc_str, oc->oc_orig_allowed[i]);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/slapi-plugin.h:40:27:  [4] (format) printf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
    __attribute__((format(printf, 3, 4)));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/slapi-plugin.h:47:27:  [4] (format) printf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
    __attribute__((format(printf, 1, 2)));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/slapi-plugin.h:54:27:  [4] (format) printf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
    __attribute__((format(printf, 2, 3)));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/slapi-plugin.h:61:27:  [4] (format) printf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
    __attribute__((format(printf, 2, 3)));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/slapi-plugin.h:5419:96:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
int slapi_access_allowed(Slapi_PBlock *pb, Slapi_Entry *e, char *attr, struct berval *val, int access);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/slapi-plugin.h:5811:27:  [4] (format) printf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
    __attribute__((format(printf, 1, 2)));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/slapi-plugin.h:6033:27:  [4] (format) printf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
    __attribute__((format(printf, 3, 4)));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/slapi-plugin.h:6661:27:  [4] (format) printf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
    __attribute__((format(printf, 2, 3)));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/slapi-plugin.h:6668:27:  [4] (format) printf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
    __attribute__((format(printf, 2, 3)));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/slapi-private.h:668:9:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    int system;       /* marks this index as system */
data/389-ds-base-1.4.4.8/ldap/servers/slapd/slapi_pal.c:104:13:  [4] (buffer) sscanf:
  The scanf() family's %s operation, without a limit specification, permits
  buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
  different input function. If the scanf format is influenceable by an
  attacker, it's exploitable.
            sscanf(s + prefix_len, "%" SCNu64, dest);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/slapi_pal.c:107:13:  [4] (buffer) sscanf:
  The scanf() family's %s operation, without a limit specification, permits
  buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
  different input function. If the scanf format is influenceable by an
  attacker, it's exploitable.
            sscanf(s, "%" SCNu64, dest);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/snmp_collator.c:711:5:  [4] (format) snprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
    snprintf(value, sizeof(value), "%" PRIu64, countervalue);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/ssl.c:953:9:  [4] (buffer) sscanf:
  The scanf() family's %s operation, without a limit specification, permits
  buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
  different input function.
        sscanf(sline,"%d %d %d:%d %s %s %s\n",
data/389-ds-base-1.4.4.8/ldap/servers/slapd/ssl.c:1117:13:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
        if (access(cert8db_file_name, F_OK) == 0 &&
data/389-ds-base-1.4.4.8/ldap/servers/slapd/ssl.c:1122:13:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
        if (access(cert9db_file_name, F_OK) == 0 &&
data/389-ds-base-1.4.4.8/ldap/servers/slapd/ssl.c:1127:13:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
        if (access(key3db_file_name, F_OK) == 0 &&
data/389-ds-base-1.4.4.8/ldap/servers/slapd/ssl.c:1132:13:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
        if (access(key4db_file_name, F_OK) == 0 &&
data/389-ds-base-1.4.4.8/ldap/servers/slapd/ssl.c:1137:13:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
        if (access(secmoddb_file_name, F_OK) == 0 &&
data/389-ds-base-1.4.4.8/ldap/servers/slapd/ssl.c:1142:13:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
        if (access(pkcs11txt_file_name, F_OK) == 0 &&
data/389-ds-base-1.4.4.8/ldap/servers/slapd/strdup.c:27:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(p, s);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/task.c:241:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        strcpy(newbuf, task->task_log + i);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/task.c:255:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    strcat(task->task_log, buffer);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/task.c:306:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        strcpy(newbuf, task->task_log + i);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/task.c:321:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    strcat(task->task_log, buffer);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/task.c:1139:21:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
                    sprintf(this_ldif_file, "%s_%s", *inp, ldif_file);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/task.c:1145:21:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
                    sprintf(this_ldif_file, "%s%c%s_%s",
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tempnam.c:36:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(s, dir);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tempnam.c:39:9:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
        strcat(s, pfx);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tempnam.c:42:5:  [4] (tmpfile) mktemp:
  Temporary file race condition (CWE-377).
    mktemp(s);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/test-plugins/testextendedop.c:98:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(retval, "%s%s", msg, bval->bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/test-plugins/testpreop.c:130:13:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
            strcat(tmp + 4, s);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/dbscan.c:133:5:  [4] (format) vfprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
    vfprintf(stdout, fmt, ap);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/dbscan.c:143:5:  [4] (format) vfprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
    vfprintf(stdout, fmt, ap);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldaptool-sasl.c:83:18:  [4] (misc) getlogin:
  It's often easy to fool getlogin. Sometimes it does not work at all,
  because some program messed up the utmp file. Often, it gives only the
  first 8 characters of the login name. The user currently logged in on the
  controlling tty of our program need not be the user who started it. Avoid
  getlogin() for security-related purposes (CWE-807). Use getpwuid(geteuid())
  and extract the desired information instead.
    if ((login = getlogin()) == NULL) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldaptool-sasl.c:336:20:  [4] (misc) getpass:
  This function is obsolete and not portable. It was in SUSv2 but removed by
  POSIX.2. What it does exactly varies considerably between systems,
  particularly in where its prompt is displayed and where it gets its data
  (e.g., /dev/tty, stdin, stderr, etc.). In addition, some implementations
  overflow buffers. (CWE-676, CWE-120, CWE-20). Make the specific calls to do
  exactly what you want. If you continue to use it, or write your own, be
  sure to zero the password as soon as possible to avoid leaving the
  cleartext password visible in the process' address space.
    pass = (char *)getpass(prompt);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldaptool.h:57:28:  [4] (tmpfile) mktemp:
  Temporary file race condition (CWE-377).
#define LDAPTOOL_MKTEMP(p) mktemp(p)
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldaptool.h:117:9:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
        fprintf(stderr, fmt, arg1, arg2, arg3);   \
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/data.c:144:13:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
            strcpy(mctx.images[mctx.imagesNb - 1].name, fileName);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldapfct.c:171:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(tttctx->bufPasswd, &(mctx.rndBindDlf->str[num][i]));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldapfct.c:889:13:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
            strcat(attrib->buf, field->cst);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldapfct.c:902:13:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
            strcat(attrib->buf, field->dlf->str[num]);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldapfct.c:904:17:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
                strcpy(object->var[field->var], field->dlf->str[num]);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldapfct.c:920:13:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
            strcat(attrib->buf, field->dlf->str[num]);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldapfct.c:922:17:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
                strcpy(object->var[field->var], tttctx->buf2);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldapfct.c:936:13:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
            strcat(attrib->buf, tttctx->buf2);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldapfct.c:938:17:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
                strcpy(object->var[field->var], tttctx->buf2);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldapfct.c:955:13:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
            strcat(attrib->buf, tttctx->buf2);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldapfct.c:957:17:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
                strcpy(object->var[field->var], tttctx->buf2);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldapfct.c:961:13:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
            strcat(attrib->buf, field->dlf->str[num]);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldapfct.c:963:17:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
                strcpy(object->var[field->var], field->dlf->str[num]);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldapfct.c:967:13:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
            strcat(attrib->buf, tttctx->buf2);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldapfct.c:969:17:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
                strcpy(object->var[field->var], tttctx->buf2);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldapfct.c:973:13:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
            strcat(attrib->buf, tttctx->buf2);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldapfct.c:975:17:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
                strcpy(object->var[field->var], tttctx->buf2);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldapfct.c:985:13:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
            strcat(attrib->buf, object->var[field->var]);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldapfct.c:1060:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        strcpy(tttctx->bufFilter, tttctx->object->rdnName);                 /*JLS 23-03-01*/
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldapfct.c:1062:9:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
        strcat(tttctx->bufFilter, buf);                                     /*JLS 23-03-01*/
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldapfct.c:1081:17:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
                strcat(tttctx->bufFilter, mctx.randomTail);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldapfct.c:1111:17:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
                strcat(tttctx->bufFilter, mctx.randomTail);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldapfct.c:1318:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(newDn, tttctx->bufFilter);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldapfct.c:1320:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    strcat(newDn, tttctx->bufBaseDN);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldapfct.c:1381:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(newDn, tttctx->bufFilter);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldapfct.c:1383:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    strcat(newDn, tttctx->bufBaseDN);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldapfct.c:1438:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(tttctx->bufObject1, tttctx->buf2);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldapfct.c:1492:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(newDn, tttctx->bufFilter);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldapfct.c:1494:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    strcat(newDn, tttctx->bufBaseDN);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldclt.c:688:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(buf, "(%s)", my_ldap_err2string(i));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldclt.c:696:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(buf, "(%s)", my_ldap_err2string(-i));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldclt.c:911:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(*tail, &(src[j]));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldclt.c:2195:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    strcat(argvList, argv[0]);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldclt.c:2199:13:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
            strcat(argvList, argv[i]);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldclt.c:2202:13:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
            strcat(argvList, argv[i]);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldclt.c:2239:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(verStr, "ldclt version %s", ldcltVersion); /*JLS 13-03-01*/
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldclt.c:2582:9:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
        fprintf(stderr,                                             /*JLS 03-05-01*/
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/repcheck.c:78:13:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
            strcpy(result->dn, pendops[i].dn);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/repslave.c:170:13:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
            strcpy(result->dn, pendops[i].dn + 1);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/scalab01.c:507:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(filter, "(%s=*)", attname);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/threadMain.c:834:17:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
                strcpy(tttctx->bufFilter, mctx.filter);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/threadMain.c:837:17:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
                strcpy(tttctx->bufFilter, mctx.randomHead);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/threadMain.c:838:17:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
                strcpy(&(tttctx->bufFilter[tttctx->startRandom + mctx.randomNbDigit]),
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/threadMain.c:861:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        strcpy(tttctx->bufBaseDN, mctx.baseDN);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/threadMain.c:864:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        strcpy(tttctx->bufBaseDN, mctx.baseDNHead);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/threadMain.c:865:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        strcpy(&(tttctx->bufBaseDN[tttctx->startBaseDN + mctx.baseDNNbDigit]),
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/threadMain.c:883:13:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
            strcpy(tttctx->bufBindDN, mctx.bindDN);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/threadMain.c:886:13:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
            strcpy(tttctx->bufBindDN, mctx.bindDNHead);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/threadMain.c:887:13:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
            strcpy(&(tttctx->bufBindDN[tttctx->startBindDN + mctx.bindDNNbDigit]),
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/threadMain.c:907:13:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
            strcpy(tttctx->bufPasswd, mctx.passwd);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/threadMain.c:910:13:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
            strcpy(tttctx->bufPasswd, mctx.passwdHead);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/threadMain.c:911:13:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
            strcpy(&(tttctx->bufPasswd[tttctx->startPasswd + mctx.passwdNbDigit]),
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/threadMain.c:940:13:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
            strcpy(tttctx->bufSaslAuthid, mctx.sasl_authid);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/threadMain.c:943:13:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
            strcpy(tttctx->bufSaslAuthid, mctx.sasl_authid_head);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/threadMain.c:944:13:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
            strcpy(&(tttctx->bufSaslAuthid[tttctx->startSaslAuthid + mctx.sasl_authid_nbdigit]),
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/threadMain.c:961:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        strcpy(tttctx->bufAttrpl, mctx.attrplHead);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/threadMain.c:962:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        strcpy(&(tttctx->bufAttrpl[tttctx->startAttrpl + mctx.attrplNbDigit]),
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/mkdep.c:48:21:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
#define EXISTS(_fn) access(_fn, F_OK)
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/pwenc.c:69:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(r, orig);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/pwenc.c:428:21:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
                    strcpy(value, s);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/util.c:1092:17:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
                strcpy(p, a[ii]);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/uuid.c:440:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        strcpy(path, STATE_FILE);
data/389-ds-base-1.4.4.8/ldap/servers/snmp/main.c:137:25:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
                    if (access(agent_logdir, W_OK) < 0) {
data/389-ds-base-1.4.4.8/ldap/servers/snmp/main.c:155:17:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
                strcat((char *)log_hdl->token, LDAP_AGENT_LOGFILE);
data/389-ds-base-1.4.4.8/ldap/servers/snmp/main.c:297:9:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
        strcat(pidfile, LDAP_AGENT_PIDFILE);
data/389-ds-base-1.4.4.8/ldap/servers/snmp/main.c:332:21:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
                    strcpy(agentx_master, p);
data/389-ds-base-1.4.4.8/ldap/servers/snmp/main.c:344:21:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
                    strcpy(agent_logdir, p);
data/389-ds-base-1.4.4.8/ldap/systools/viewcore.c:308:9:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
        sprintf(buf, "/usr/bin/adb %s %s >>%s", pf, cf, ofname);
data/389-ds-base-1.4.4.8/ldap/systools/viewcore.c:310:9:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
        sprintf(buf, "/usr/bin/adb %s %s", pf, cf);
data/389-ds-base-1.4.4.8/ldap/systools/viewcore.c:313:9:  [4] (shell) popen:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    p = popen(buf, "w");
data/389-ds-base-1.4.4.8/lib/base/dnsdmain.cpp:148:6:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	    strcpy(line, hname);
data/389-ds-base-1.4.4.8/lib/base/dnsdmain.cpp:150:6:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	    strcpy(&line[hnlen+1], domain);
data/389-ds-base-1.4.4.8/lib/ldaputil/certmap.c:775:9:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
        sprintf(certFilter, "%s=%s", certmap_info->searchAttr, subjectDN);
data/389-ds-base-1.4.4.8/lib/ldaputil/dbconf.c:666:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        strcpy(heap, db->dbname);
data/389-ds-base-1.4.4.8/lib/ldaputil/examples/plugin.c:134:9:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
        sprintf(*filter, "mail=%s", e_val[0]);
data/389-ds-base-1.4.4.8/lib/ldaputil/examples/plugin.c:139:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(*ldapDN, "cn=%s, ou=%s, o=%s, c=%s", cn_val[0], ou_val,
data/389-ds-base-1.4.4.8/lib/ldaputil/init.c:109:17:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
                sprintf(dir, "%s%clib%c%s", serv_root, FILE_PATHSEP,
data/389-ds-base-1.4.4.8/lib/ldaputil/init.c:118:21:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
                    sprintf(dir, "%s%clib%c%s", serv_root, FILE_PATHSEP,
data/389-ds-base-1.4.4.8/lib/libaccess/acl.tab.cpp:1003:7:  [4] (format) printf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
						printf( _POP_, *acl_ps,
data/389-ds-base-1.4.4.8/lib/libaccess/lasip.cpp:93:13:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
            strcpy(token, netmaskstr);
data/389-ds-base-1.4.4.8/lib/libaccess/lasip.cpp:113:13:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
            strcpy(token, ipstr);
data/389-ds-base-1.4.4.8/lib/libaccess/lastod.cpp:155:3:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
		strcpy(end, dash+1);
data/389-ds-base-1.4.4.8/lib/libaccess/oneeval.cpp:666:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        strcpy(&rarray_p->right[0], *rights);
data/389-ds-base-1.4.4.8/lib/libadmin/error.c:79:5:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
    fprintf(stdout, (wait) ? "confirm(\"" : "alert(\"");
data/389-ds-base-1.4.4.8/lib/libadmin/util.c:43:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(result, "/tmp/lock.%%s.%s", port);
data/389-ds-base-1.4.4.8/lib/libsi18n/makstrdb.c:149:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(dbfile, DATABASE_NAME);
data/389-ds-base-1.4.4.8/lib/libsi18n/txtfile.c:31:34:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
OpenTextFile(char *filename, int access)
data/389-ds-base-1.4.4.8/lib/libsi18n/txtfile.c:101:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        strcpy(linebuf, p);
data/389-ds-base-1.4.4.8/lib/libsi18n/txtfile.c:110:17:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
                strcpy(linebuf, txtfile->fbCurrent);
data/389-ds-base-1.4.4.8/lib/libsi18n/txtfile.c:122:17:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
                strcpy(linebuf, p);
data/389-ds-base-1.4.4.8/lib/libsi18n/txtfile.c:125:17:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
                strcpy(linebuf, txtfile->fbCurrent);
data/389-ds-base-1.4.4.8/lib/libsi18n/txtfile.h:48:44:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
TEXTFILE *OpenTextFile(char *filename, int access);
data/389-ds-base-1.4.4.8/src/contrib/back-ldif/config.c:201:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        strcpy(buff + lcur, line);
data/389-ds-base-1.4.4.8/src/contrib/back-ldif/modrdn.c:112:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        strcpy(newdn, newrdn);
data/389-ds-base-1.4.4.8/src/contrib/back-ldif/modrdn.c:114:9:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
        strcat(newdn, pdn);
data/389-ds-base-1.4.4.8/src/libsds/sds/core/utils.c:24:27:  [4] (format) printf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
    __attribute__((format(printf, 2, 3)))
data/389-ds-base-1.4.4.8/src/libsds/sds/core/utils.c:30:5:  [4] (format) vprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
    vprintf(msg, subs);
data/389-ds-base-1.4.4.8/src/libsds/test/test_sds_bpt.c:890:9:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
        sprintf(ptr, "%03" PRIu64, i);
data/389-ds-base-1.4.4.8/src/libsds/test/test_sds_bpt.c:902:9:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
        sprintf(ptr, "%03" PRIu64, i);
data/389-ds-base-1.4.4.8/src/libsds/test/test_sds_set.c:36:9:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
        sprintf(ptr, "%03" PRIu64, i);
data/389-ds-base-1.4.4.8/src/libsds/test/test_sds_set.c:311:9:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
        sprintf(ptr, "%03" PRIu64, i);
data/389-ds-base-1.4.4.8/src/svrcore/src/pk11.c:69:18:  [4] (crypto) crypt:
  The crypt functions use a poor one-way hashing algorithm; since they only
  accept passwords of 8 characters or fewer and only a two-byte salt, they
  are excessively vulnerable to dictionary attacks given today's faster
  computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
  with a larger, non-repeating salt.
  unsigned char *crypt;
data/389-ds-base-1.4.4.8/src/svrcore/src/pk11.c:168:19:  [4] (crypto) crypt:
  The crypt functions use a poor one-way hashing algorithm; since they only
  accept passwords of 8 characters or fewer and only a two-byte salt, they
  are excessively vulnerable to dictionary attacks given today's faster
  computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
  with a larger, non-repeating salt.
      if (!store->crypt) { err = SVRCORE_NoMemory_Error; break; }
data/389-ds-base-1.4.4.8/src/svrcore/src/pk11.c:183:7:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
      strcpy((char *)plain, pin);
data/389-ds-base-1.4.4.8/src/svrcore/src/pk11.c:194:40:  [4] (crypto) crypt:
  The crypt functions use a poor one-way hashing algorithm; since they only
  accept passwords of 8 characters or fewer and only a two-byte salt, they
  are excessively vulnerable to dictionary attacks given today's faster
  computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
  with a larger, non-repeating salt.
        rv = PK11_CipherOp(ctx, store->crypt, &outLen, store->length,
data/389-ds-base-1.4.4.8/src/svrcore/src/pk11.c:242:14:  [4] (crypto) crypt:
  The crypt functions use a poor one-way hashing algorithm; since they only
  accept passwords of 8 characters or fewer and only a two-byte salt, they
  are excessively vulnerable to dictionary attacks given today's faster
  computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
  with a larger, non-repeating salt.
  if (store->crypt)
data/389-ds-base-1.4.4.8/src/svrcore/src/pk11.c:244:19:  [4] (crypto) crypt:
  The crypt functions use a poor one-way hashing algorithm; since they only
  accept passwords of 8 characters or fewer and only a two-byte salt, they
  are excessively vulnerable to dictionary attacks given today's faster
  computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
  with a larger, non-repeating salt.
    memset(store->crypt, 0, store->length);
data/389-ds-base-1.4.4.8/src/svrcore/src/pk11.c:245:17:  [4] (crypto) crypt:
  The crypt functions use a poor one-way hashing algorithm; since they only
  accept passwords of 8 characters or fewer and only a two-byte salt, they
  are excessively vulnerable to dictionary attacks given today's faster
  computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
  with a larger, non-repeating salt.
    free(store->crypt);
data/389-ds-base-1.4.4.8/src/svrcore/src/pk11.c:269:19:  [4] (crypto) crypt:
  The crypt functions use a poor one-way hashing algorithm; since they only
  accept passwords of 8 characters or fewer and only a two-byte salt, they
  are excessively vulnerable to dictionary attacks given today's faster
  computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
  with a larger, non-repeating salt.
           store->crypt, store->length);
data/389-ds-base-1.4.4.8/test/libslapd/schema/filter_validate.c:53:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(fdup, fstr);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl_extop.c:768:9:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    if (getenv("SLAPD_TEST_TICKET_374") && (opid > 20)) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/windows_connection.c:1435:9:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    if (getenv("WINSYNC_USE_DS")) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/windows_private.c:1112:9:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    if (getenv("WINSYNC_USE_DS")) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/rever/pbe.c:552:9:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    if (getenv("MIGRATE_BROKEN_PWD")) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/rever/pbe.c:557:13:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
        if (getenv("MIGRATE_BROKEN_PWD")) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_layer.c:1308:17:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
            if (getenv(TXN_TESTING)) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_layer.c:3108:22:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    cfg->hold_msec = getenv(TXN_TEST_HOLD_MSEC) ? atoi(getenv(TXN_TEST_HOLD_MSEC)) : 200;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_layer.c:3108:56:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    cfg->hold_msec = getenv(TXN_TEST_HOLD_MSEC) ? atoi(getenv(TXN_TEST_HOLD_MSEC)) : 200;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_layer.c:3109:22:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    cfg->loop_msec = getenv(TXN_TEST_LOOP_MSEC) ? atoi(getenv(TXN_TEST_LOOP_MSEC)) : 10;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_layer.c:3109:56:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    cfg->loop_msec = getenv(TXN_TEST_LOOP_MSEC) ? atoi(getenv(TXN_TEST_LOOP_MSEC)) : 10;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_layer.c:3110:18:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    cfg->flags = getenv(TXN_TEST_USE_RMW) ? DB_RMW : 0;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_layer.c:3111:20:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    cfg->use_txn = getenv(TXN_TEST_USE_TXN) ? 1 : 0;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_layer.c:3112:9:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    if (getenv(TXN_TEST_INDEXES)) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_layer.c:3113:42:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
        indexlist_copy = slapi_ch_strdup(getenv(TXN_TEST_INDEXES));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_layer.c:3119:20:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    cfg->verbose = getenv(TXN_TEST_VERBOSE) ? 1 : 0;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_layer.c:3124:19:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
                  getenv(TXN_TEST_INDEXES) ? getenv(TXN_TEST_INDEXES) : indexlist);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_layer.c:3124:46:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
                  getenv(TXN_TEST_INDEXES) ? getenv(TXN_TEST_INDEXES) : indexlist);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/dblayer.c:475:9:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    if (getenv("USE_VALGRIND") || slapi_is_loglevel_set(SLAPI_LOG_CACHE)) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/tools/index_dump/index_dump.c:38:18:  [3] (buffer) getopt:
  Some older implementations do not protect against internal buffer overflows
  (CWE-120, CWE-20). Check implementation on installation, or limit the size
  of all string inputs.
    while ((ch = getopt(argc, argv, "df:h:p")) != EOF)
data/389-ds-base-1.4.4.8/ldap/servers/slapd/fedse.c:2998:15:  [3] (buffer) realpath:
  This function does not protect against buffer overflows, and some
  implementations can overflow internally (CWE-120/CWE-785!). Ensure that the
  destination buffer is at least of size MAXPATHLEN, andto protect against
  implementation problems, the input argument should also be checked to
  ensure it is no larger than MAXPATHLEN.
        res = realpath(full_path, NULL);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/filterentry.c:38:19:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
        opt_str = getenv("NS_DS_OPT_FILT_ACL_EVAL");
data/389-ds-base-1.4.4.8/ldap/servers/slapd/getopt_ext.c:224:14:  [3] (buffer) getopt:
  Some older implementations do not protect against internal buffer overflows
  (CWE-120, CWE-20). Check implementation on installation, or limit the size
  of all string inputs.
    retVal = getopt(optind_last, argv, optstring);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/ldaputil.c:833:22:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    char *saslpath = getenv("SASL_PATH");
data/389-ds-base-1.4.4.8/ldap/servers/slapd/ldaputil.c:1896:9:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    if (getenv("HACK_PRINCIPAL_NAME") &&
data/389-ds-base-1.4.4.8/ldap/servers/slapd/ldaputil.c:1897:36:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
        (rc = krb5_parse_name(ctx, getenv("HACK_PRINCIPAL_NAME"), &princ))) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/ldaputil.c:1901:23:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
                      getenv("HACK_PRINCIPAL_NAME"),
data/389-ds-base-1.4.4.8/ldap/servers/slapd/main.c:532:15:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    char *m = getenv("SLAPD_MXFAST");
data/389-ds-base-1.4.4.8/ldap/servers/slapd/main.c:552:19:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
        char *s = getenv("DEBUG_SLEEP");
data/389-ds-base-1.4.4.8/ldap/servers/slapd/main.c:598:20:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    char *notify = getenv("NOTIFY_SOCKET");
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:3152:16:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    } else if (getenv("LDAP_SCHEMA_ALLOW_QUOTED")) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:3535:16:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    } else if (getenv("LDAP_SCHEMA_ALLOW_QUOTED")) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tempnam.c:18:7:  [3] (tmpfile) tempnam:
  Temporary file race condition (CWE-377).
char *tempnam(char *dir, char *pfx);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tempnam.c:21:1:  [3] (tmpfile) tempnam:
  Temporary file race condition (CWE-377).
tempnam(char *dir, char *pfx)
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/dbscan.c:1153:17:  [3] (buffer) getopt:
  Some older implementations do not protect against internal buffer overflows
  (CWE-120, CWE-20). Check implementation on installation, or limit the size
  of all string inputs.
    while ((c = getopt(argc, argv, "f:Rl:nG:srk:K:hvt:")) != EOF) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldapfct.c:146:12:  [3] (random) lrand48:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    num = (lrand48() % mctx.rndBindDlf->strNb);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldapfct.c:960:20:  [3] (random) lrand48:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
            num = (lrand48() % field->dlf->strNb);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldclt.c:2307:23:  [3] (buffer) getopt:
  Some older implementations do not protect against internal buffer overflows
  (CWE-120, CWE-20). Check implementation on installation, or limit the size
  of all string inputs.
    while ((opt_ret = getopt(argc, argv,
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/repcheck.c:107:17:  [3] (buffer) getopt:
  Some older implementations do not protect against internal buffer overflows
  (CWE-120, CWE-20). Check implementation on installation, or limit the size
  of all string inputs.
    while ((i = getopt(argc, argv, "p:")) != EOF) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/repslave.c:230:17:  [3] (buffer) getopt:
  Some older implementations do not protect against internal buffer overflows
  (CWE-120, CWE-20). Check implementation on installation, or limit the size
  of all string inputs.
    while ((i = getopt(argc, argv, "tdP:s:")) != EOF) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/srv.c:67:17:  [3] (buffer) getopt:
  Some older implementations do not protect against internal buffer overflows
  (CWE-120, CWE-20). Check implementation on installation, or limit the size
  of all string inputs.
    while ((i = getopt(argc, argv, "p:")) != EOF) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/utils.c:43:23:  [3] (random) lrand48:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
#define ldcltrand48() lrand48()
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/pwenc.c:147:17:  [3] (buffer) getopt:
  Some older implementations do not protect against internal buffer overflows
  (CWE-120, CWE-20). Check implementation on installation, or limit the size
  of all string inputs.
    while ((i = getopt(argc, argv, opts)) != EOF) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/pwenc.c:238:5:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    srand((int)time(NULL)); /* schemes such as crypt use random salt */
data/389-ds-base-1.4.4.8/ldap/servers/slapd/uuid.c:809:29:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    char *use_broken_uuid = getenv("USE_BROKEN_UUID");
data/389-ds-base-1.4.4.8/ldap/servers/snmp/main.c:57:19:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
        char *s = getenv("DEBUG_SLEEP");
data/389-ds-base-1.4.4.8/lib/libadmin/template.c:49:19:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
                  getenv("SERVER_URL"), server, topic,
data/389-ds-base-1.4.4.8/lib/libadmin/template.c:50:19:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
                  getenv("SERVER_URL"), server, topic,
data/389-ds-base-1.4.4.8/lib/libadmin/template.c:62:18:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    tmp = STRDUP(getenv("SCRIPT_NAME"));
data/389-ds-base-1.4.4.8/lib/libadmin/util.c:41:18:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    char *port = getenv("SERVER_PORT");
data/389-ds-base-1.4.4.8/lib/libadmin/util.c:136:24:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
        char *cookie = getenv("HTTP_COOKIE");
data/389-ds-base-1.4.4.8/include/public/nsacl/nserrdef.h:72:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *ef_errv[NSERRMAXARG]; /* arguments for formatting error message */
data/389-ds-base-1.4.4.8/ldap/include/portable.h:255:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
typedef char GETHOSTBYADDR_buf_t[BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/include/portable.h:308:29:  [2] (buffer) bcopy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
#define SAFEMEMCPY(d, s, n) bcopy(s, d, n)
data/389-ds-base-1.4.4.8/ldap/libraries/libavl/testavl.c:35:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char command[10];
data/389-ds-base-1.4.4.8/ldap/libraries/libavl/testavl.c:36:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char name[80];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acct_usability/acct_usability.c:340:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char dn[128];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.c:40:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static const char *ds_map_generic[2] = {NULL, NULL};
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.c:694:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char acl_info[BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.c:2101:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char res_right_str[128];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.c:2175:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char logbuf[1024];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.c:2906:11:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    const char *testRights[2];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.c:4150:11:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    const char *testRight[2];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclinit.c:186:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *attrs[2] = {"aci", NULL};
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acllas.c:255:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char ip_str[256];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acllas.c:362:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char buf[PR_NETDB_BUF_SIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acllas.c:523:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char ebuf[BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acllas.c:611:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                char line[200];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acllas.c:782:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char ebuf[BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acllas.c:1005:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char ebuf[BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acllas.c:1141:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *attrs[2] = {LDAP_ALL_USER_ATTRS, NULL};
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acllas.c:1212:45:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
                    levels[numOflevels++] = atoi(word);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acllas.c:1307:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                    char ebuf[BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acllas.c:1425:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *attrs[2] = {LDAP_ALL_USER_ATTRS, NULL};
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acllas.c:1476:45:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
                    levels[numOflevels++] = atoi(word);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acllas.c:1876:13:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
            strcat(buf, "<nil>");
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acllas.c:1878:9:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
        strcat(buf, "->");
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acllas.c:1886:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[1024];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acllas.c:1898:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf(&(buf[len]), "\nmemberinfo[%d]-[%d]:", info->c_idx, info->lu_idx);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acllas.c:1902:17:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
                sprintf(&buf[len], "\n  [%d]: ", i);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acllas.c:1907:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf(buf, "evaluated candidate [%d]=", idx);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acllas.c:1910:13:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
            strcat(buf, "ACL_TRUE\n");
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acllas.c:1913:13:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
            strcat(buf, "ACL_FALSE\n");
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acllas.c:1916:13:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
            strcat(buf, "ACL_DONT_KNOW\n");
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acllas.c:1920:13:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
            sprintf(&(buf[len]), "%d\n", info->result);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acllas.c:1957:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *attrs[5];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acllas.c:2623:49:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
                        levels[numOflevels++] = atoi(word);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acllas.c:2703:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                char *attrs[2];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acllas.c:2876:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char *attrs[3];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acllas.c:2950:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                char ebuf[BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acllas.c:3007:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char ebuf[BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acllas.c:3569:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(hostport, tmpp, hostport_len);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acllas.c:4480:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char ebuf[BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acllist.c:725:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(aclpb->aclpb_handles_index, aclpb->aclpb_base_handles_index,
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclparse.c:904:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(acestr, tmp_str, len);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclparse.c:944:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(acestr, d_rule, len);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclparse.c:945:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(acestr + len, tmp_str, strlen(tmp_str));
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclparse.c:1641:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                char line[100];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclparse.c:1845:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(str, start, len);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclutil.c:92:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(ptr, src, slen);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclutil.c:107:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char msgbuf[ACLUTIL_ACLLIB_MSGBUF_LEN];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclutil.c:126:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char str[BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclutil.c:163:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char ebuf[BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclutil.c:168:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char line[BUFSIZ + 200];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclutil.c:169:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char str[1024];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclutil.c:207:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf(lineptr, "ACL Internal Error(%d): "
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclutil.c:276:9:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
        strcpy(p, "compare ");
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclutil.c:280:9:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
        strcpy(p, "search ");
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclutil.c:284:9:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
        strcpy(p, "read ");
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclutil.c:288:9:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
        strcpy(p, "write ");
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclutil.c:292:9:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
        strcpy(p, "delete ");
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclutil.c:296:9:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
        strcpy(p, "add ");
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclutil.c:300:9:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
        strcpy(p, "self ");
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclutil.c:304:9:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
        strcpy(p, "proxy ");
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclutil.c:322:9:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
        strcpy(p, "target_DN ");
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclutil.c:326:9:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
        strcpy(p, "target_attr ");
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclutil.c:330:9:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
        strcpy(p, "target_patt ");
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclutil.c:334:9:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
        strcpy(p, "targetattrfilters ");
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclutil.c:338:9:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
        strcpy(p, "target_filter ");
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclutil.c:342:9:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
        strcpy(p, "acltxt ");
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclutil.c:346:9:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
        strcpy(p, "target_not ");
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclutil.c:350:9:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
        strcpy(p, "target_attr_not ");
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclutil.c:354:9:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
        strcpy(p, "target_filter_not ");
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclutil.c:359:9:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
        strcpy(p, "allow_rule ");
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclutil.c:363:9:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
        strcpy(p, "deny_rule ");
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclutil.c:374:9:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
        strcpy(p, "userdn ");
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclutil.c:378:9:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
        strcpy(p, "userdnattr ");
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclutil.c:382:9:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
        strcpy(p, "userattr ");
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclutil.c:386:9:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
        strcpy(p, "groupdn ");
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclutil.c:390:9:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
        strcpy(p, "groupdnattr ");
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclutil.c:394:9:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
        strcpy(p, "roledn ");
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclutil.c:398:9:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
        strcpy(p, "ip ");
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclutil.c:402:9:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
        strcpy(p, "dns ");
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclutil.c:406:9:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
        strcpy(p, "timeofday ");
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclutil.c:410:9:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
        strcpy(p, "dayofweek ");
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclutil.c:414:9:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
        strcpy(p, "authmethod ");
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclutil.c:418:9:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
        strcpy(p, "paramdn ");
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclutil.c:422:9:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
        strcpy(p, "paramAttr ");
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclutil.c:426:9:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
        strcpy(p, "ssf ");
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclutil.c:479:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char str[BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclutil.c:1344:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(ret_comp, &dn[start_next], i - start_next);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclutil.c:1377:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(ret_comp, &dn[*index], i - *index);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/automember/automember.c:1628:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *vals[2];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/automember/automember.c:2087:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char errtxt[SLAPI_DSE_RETURNTEXT_SIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/automember/automember.c:2953:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char errtxt[SLAPI_DSE_RETURNTEXT_SIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/chainingdb/cb_config.c:36:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char entry_string[CB_BUFSIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/chainingdb/cb_config.c:74:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char defaultDn[CB_BUFSIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/chainingdb/cb_config.c:379:38:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                config_attr_value = (char *)mods[i]->mod_bvalues[j]->bv_val;
data/389-ds-base-1.4.4.8/ldap/servers/plugins/chainingdb/cb_config.c:417:38:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                config_attr_value = (char *)mods[i]->mod_bvalues[j]->bv_val;
data/389-ds-base-1.4.4.8/ldap/servers/plugins/chainingdb/cb_config.c:460:46:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                        config_attr_value = (char *)mods[i]->mod_bvalues[j]->bv_val;
data/389-ds-base-1.4.4.8/ldap/servers/plugins/chainingdb/cb_config.c:499:50:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                            config_attr_value = (char *)mods[i]->mod_bvalues[j]->bv_val;
data/389-ds-base-1.4.4.8/ldap/servers/plugins/chainingdb/cb_conn_stateless.c:422:57:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
                                int password_expiring = atoi(serverctrls[i]->ldctl_value.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/chainingdb/cb_instance.c:141:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char err_buf[SLAPI_DSE_RETURNTEXT_SIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/chainingdb/cb_instance.c:374:38:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                config_attr_value = (char *)mods[i]->mod_bvalues[j]->bv_val;
data/389-ds-base-1.4.4.8/ldap/servers/plugins/chainingdb/cb_instance.c:407:38:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                config_attr_value = (char *)mods[i]->mod_bvalues[j]->bv_val;
data/389-ds-base-1.4.4.8/ldap/servers/plugins/chainingdb/cb_instance.c:498:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char retmsg[CB_BUFSIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/chainingdb/cb_instance.c:542:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char err_buf[SLAPI_DSE_RETURNTEXT_SIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/chainingdb/cb_instance.c:1615:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf(buf, "%d", (int)((uintptr_t)config->config_get_fn(arg)));
data/389-ds-base-1.4.4.8/ldap/servers/plugins/chainingdb/cb_instance.c:1618:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf(buf, "%o", (int)((uintptr_t)config->config_get_fn(arg)));
data/389-ds-base-1.4.4.8/ldap/servers/plugins/chainingdb/cb_instance.c:1621:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf(buf, "%ld", (long)((uintptr_t)config->config_get_fn(arg)));
data/389-ds-base-1.4.4.8/ldap/servers/plugins/chainingdb/cb_instance.c:1662:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[CB_BUFSIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/chainingdb/cb_monitor.c:57:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[CB_BUFSIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/chainingdb/cb_monitor.c:107:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(buf, "%lu", addcount);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/chainingdb/cb_monitor.c:112:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(buf, "%lu", deletecount);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/chainingdb/cb_monitor.c:117:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(buf, "%lu", modifycount);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/chainingdb/cb_monitor.c:122:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(buf, "%lu", modrdncount);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/chainingdb/cb_monitor.c:127:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(buf, "%lu", searchbasecount);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/chainingdb/cb_monitor.c:132:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(buf, "%lu", searchonelevelcount);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/chainingdb/cb_monitor.c:137:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(buf, "%lu", searchsubtreecount);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/chainingdb/cb_monitor.c:142:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(buf, "%lu", abandoncount);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/chainingdb/cb_monitor.c:147:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(buf, "%lu", bindcount);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/chainingdb/cb_monitor.c:152:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(buf, "%lu", unbindcount);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/chainingdb/cb_monitor.c:157:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(buf, "%lu", comparecount);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/chainingdb/cb_monitor.c:162:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(buf, "%u", outgoingconn);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/chainingdb/cb_monitor.c:167:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(buf, "%u", outgoingbindconn);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/chainingdb/cb_utils.c:251:13:  [2] (integer) atol:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
    return (atol(str) * multiplier);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/collation/collate.c:78:21:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            switch (atoi(cargv[4])) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/collation/collate.c:97:21:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            switch (atoi(cargv[5])) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/collation/collate.c:115:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                char descStr[256];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/collation/collate.c:116:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                char nameOrder[256];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/collation/collate.c:117:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                char nameSubstring[256];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/collation/collate.c:118:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                char oidString[256];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/collation/collate.c:123:21:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
                    strcpy(nameOrder, "caseIgnoreOrderingMatch");
data/389-ds-base-1.4.4.8/ldap/servers/plugins/collation/collate.c:124:21:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
                    strcpy(nameSubstring, "caseIgnoreSubstringMatch");
data/389-ds-base-1.4.4.8/ldap/servers/plugins/collation/collate.c:126:21:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
                    strcpy(nameOrder, "caseExactOrderingMatch");
data/389-ds-base-1.4.4.8/ldap/servers/plugins/collation/collate.c:127:21:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
                    strcpy(nameSubstring, "caseExactSubstringMatch");
data/389-ds-base-1.4.4.8/ldap/servers/plugins/collation/collate.c:297:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char keyBuffer[128]; /* try to use static space buffer to avoid malloc */
data/389-ds-base-1.4.4.8/ldap/servers/plugins/collation/collate.c:340:25:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                        memcpy(bk->bv_val, prefix->bv_val, prefixLen);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/collation/collate.c:342:21:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                    memcpy(bk->bv_val + prefixLen, key, realLen);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/collation/config.c:94:8:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static char buf[BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/collation/config.c:154:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *cargv[MAXARGS];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/collation/config.c:157:10:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    fp = fopen(fname, "r");
data/389-ds-base-1.4.4.8/ldap/servers/plugins/collation/orfilter.c:366:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(val->bv_val, s, len);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/collation/orfilter.c:466:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(key->bv_val, keys[0]->bv_val, keys[0]->bv_len);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/collation/orfilter.c:542:22:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
                op = atoi(mrOID + oidlen - 1);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/collation/orfilter.c:554:25:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                        memcpy(&bv, mrVALUE, sizeof(struct berval));
data/389-ds-base-1.4.4.8/ldap/servers/plugins/collation/orfilter.c:766:21:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                    memcpy(&(substrings[substringsLen - 1]), &substring, sizeof(struct berval));
data/389-ds-base-1.4.4.8/ldap/servers/plugins/collation/orfilter.c:841:21:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                    memcpy(&(substrings[substringsLen - 1]), &substring, sizeof(struct berval));
data/389-ds-base-1.4.4.8/ldap/servers/plugins/collation/orfilter.c:925:21:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                    memcpy(or->or_oid, or->or_indexer->ix_oid, len);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/collation/orfilter.c:926:21:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
                    sprintf(or->or_oid + len, ".%1i", SLAPI_OP_SUBSTRING);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/collation/orfilter.c:982:17:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
                atoi(mrOID + oidlen - 1) == SLAPI_OP_SUBSTRING) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/collation/orfilter.c:991:21:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                    memcpy(ss->ss_oid, ix->ix_oid, oidlen);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/collation/orfilter.c:992:21:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
                    sprintf(ss->ss_oid + oidlen, ".%1i", SLAPI_OP_SUBSTRING);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/cos/cos_cache.c:612:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *attrs[2];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/cos/cos_cache.c:1926:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                char tmpGrade[BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/cos/cos_cache.c:1930:21:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
                    strcat(tmpGrade, "-default");
data/389-ds-base-1.4.4.8/ldap/servers/plugins/cos/cos_cache.c:1963:36:  [2] (integer) atol:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            theTemp->cosPriority = atol(cosPriority->val);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/cos/cos_cache.c:2616:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char **pppAttrs[2];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/cos/cos_cache.c:3353:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *attrs[2];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/deref/deref.c:710:15:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        const char *attrs[2];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/dna/dna.c:1183:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char *attrs[2];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/dna/dna.c:1540:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *attrs[4];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/dna/dna.c:1809:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *attrs[7];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/dna/dna.c:2469:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *replace_val[2];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/dna/dna.c:2471:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char next_value[22] = {0};
data/389-ds-base-1.4.4.8/ldap/servers/plugins/dna/dna.c:2624:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char *replace_val[2];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/dna/dna.c:2626:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char remaining_vals[22];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/dna/dna.c:2658:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                char bind_meth[DNA_REMOTE_BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/dna/dna.c:2659:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                char conn_prot[DNA_REMOTE_BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/dna/dna.c:2725:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *replace_val[2];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/dna/dna.c:2727:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char nextrange_value[44];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/dna/dna.c:2792:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *maxval_vals[2];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/dna/dna.c:2793:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *nextval_vals[2];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/dna/dna.c:2794:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *nextrange_vals[1];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/dna/dna.c:2796:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char maxval_val[22];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/dna/dna.c:2797:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char nextval_val[22];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/dna/dna.c:2879:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *attrs[3];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/dna/dna.c:2969:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *attrs[6];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/dna/dna.c:4447:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char lowstr[22];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/dna/dna.c:4448:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char highstr[22];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/dna/dna.c:4552:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char *replace_val[2];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/dna/dna.c:4554:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char max_value[22];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/http/http_impl.c:213:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char buf[PR_NETDB_BUF_SIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/http/http_impl.c:328:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char tmp[HTTP_DEFAULT_BUFFER_SIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/http/http_impl.c:336:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char name[HTTP_DEFAULT_BUFFER_SIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/http/http_impl.c:337:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char value[HTTP_DEFAULT_BUFFER_SIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/http/http_impl.c:387:15:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
    retcode = atoi(tmp);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/http/http_impl.c:548:5:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
    strcat(reqBUF, "\r\n\r\n\0");
data/389-ds-base-1.4.4.8/ldap/servers/plugins/http/http_impl.c:589:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char body_len_str[20];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/http/http_impl.c:632:5:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
    strcat(reqBUF, "\r\n");
data/389-ds-base-1.4.4.8/ldap/servers/plugins/http/http_impl.c:636:5:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
    strcat(reqBUF, "\r\n");
data/389-ds-base-1.4.4.8/ldap/servers/plugins/http/http_impl.c:638:5:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
    strcat(reqBUF, "\r\n");
data/389-ds-base-1.4.4.8/ldap/servers/plugins/http/http_impl.c:644:9:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
        strcat(reqBUF, ": ");
data/389-ds-base-1.4.4.8/ldap/servers/plugins/http/http_impl.c:647:9:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
        strcat(reqBUF, "\r\n");
data/389-ds-base-1.4.4.8/ldap/servers/plugins/http/http_impl.c:650:5:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
    strcat(reqBUF, "\r\n");
data/389-ds-base-1.4.4.8/ldap/servers/plugins/linkedattrs/fixup_task.c:342:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *val[1];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/linkedattrs/fixup_task.c:388:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *val[2];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/linkedattrs/fixup_task.c:413:27:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char *targetdn = (char *)targets[i];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/linkedattrs/linked_attrs.c:1410:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *val[2];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/memberof/memberof.c:565:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *groupattrs[2] = {0, 0};
data/389-ds-base-1.4.4.8/ldap/servers/plugins/memberof/memberof.c:592:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *val[2];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/memberof/memberof.c:1003:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *groupattrs[2] = {0, 0};
data/389-ds-base-1.4.4.8/ldap/servers/plugins/memberof/memberof.c:1037:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *delval[2];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/memberof/memberof.c:1038:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *addval[2];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/memberof/memberof.c:1108:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char returntext[SLAPI_DSE_RETURNTEXT_SIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/memberof/memberof.c:1474:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *val[2];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/memberof/memberof.c:1475:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *replace_val[2];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/memberof/memberof.c:2441:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *attrs[2] = {config->memberof_attr, 0};
data/389-ds-base-1.4.4.8/ldap/servers/plugins/memberof/memberof.c:3292:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *val[2];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/memberof/memberof_config.c:100:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char returntext[SLAPI_DSE_RETURNTEXT_SIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/memberof/memberof_config.c:886:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char returntext[SLAPI_DSE_RETURNTEXT_SIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/mep/mep.c:1437:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char *oc_vals[2];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/mep/mep.c:1438:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char *pointer_vals[2];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/mep/mep.c:1520:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *vals[2];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/mep/mep.c:2518:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                char errtxt[SLAPI_DSE_RETURNTEXT_SIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/mep/mep.c:2689:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char *vals[2];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/mep/mep.c:2710:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char *vals2[2];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/mep/mep.c:2906:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                char errtxt[SLAPI_DSE_RETURNTEXT_SIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/pam_passthru/pam_ptimpl.c:29:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char fixbuf[MY_STATIC_BUF_SIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/pam_passthru/pam_ptimpl.c:132:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(str, bv->bv_val, bv->bv_len);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/pam_passthru/pam_ptpreop.c:533:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char returntext[SLAPI_DSE_RETURNTEXT_SIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/posix-winsync/posix-winsync-config.c:149:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char returntext[SLAPI_DSE_RETURNTEXT_SIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/posix-winsync/posix-winsync.c:276:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char acctvalstr[32];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/pwdstorage/crypt_pwd.c:69:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char salt[3];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/pwdstorage/md5.h:60:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char buffer[64]; /* input buffer */
data/389-ds-base-1.4.4.8/ldap/servers/plugins/pwdstorage/md5_pwd.c:37:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char hash_out[MD5_HASH_LEN];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/pwdstorage/md5_pwd.c:38:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char b2a_out[MD5_HASH_LEN * 2]; /* conservative */
data/389-ds-base-1.4.4.8/ldap/servers/plugins/pwdstorage/md5_pwd.c:75:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char hash_out[MD5_HASH_LEN];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/pwdstorage/md5_pwd.c:76:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char b2a_out[MD5_HASH_LEN * 2]; /* conservative */
data/389-ds-base-1.4.4.8/ldap/servers/plugins/pwdstorage/md5c.c:67:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static unsigned char PADDING[64] = {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/pwdstorage/md5c.c:167:45:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void mta_MD5Final(digest, context) unsigned char digest[16]; /* message digest */
data/389-ds-base-1.4.4.8/ldap/servers/plugins/pwdstorage/md5c.c:170:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char bits[8];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/pwdstorage/md5c.c:197:16:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
const unsigned char block[64];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/pwdstorage/md5c.c:341:11:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        ((char *)output)[i] = (char)value;
data/389-ds-base-1.4.4.8/ldap/servers/plugins/pwdstorage/ns-mta-md5_pwd.c:55:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char digest[16];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/pwdstorage/ns-mta-md5_pwd.c:76:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char mta_hash[33];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/pwdstorage/ns-mta-md5_pwd.c:77:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char mta_salt[33];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/pwdstorage/ns-mta-md5_pwd.c:78:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buffer[65];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/pwdstorage/pbkdf2_pwd.c:82:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(iterations, hash_in, PBKDF2_ITERATIONS_LENGTH);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/pwdstorage/pbkdf2_pwd.c:129:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(hash_out, result->data, result->len);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/pwdstorage/pbkdf2_pwd.c:147:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char hash[PBKDF2_TOTAL_LENGTH];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/pwdstorage/pbkdf2_pwd.c:153:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char salt[PBKDF2_SALT_LENGTH];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/pwdstorage/pbkdf2_pwd.c:171:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(hash, &iterations, PBKDF2_ITERATIONS_LENGTH);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/pwdstorage/pbkdf2_pwd.c:173:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(hash + PBKDF2_ITERATIONS_LENGTH, saltItem.data, PBKDF2_SALT_LENGTH);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/pwdstorage/pbkdf2_pwd.c:204:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char dbhash[PBKDF2_TOTAL_LENGTH] = {0};
data/389-ds-base-1.4.4.8/ldap/servers/plugins/pwdstorage/pbkdf2_pwd.c:205:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char userhash[PBKDF2_HASH_LENGTH] = {0};
data/389-ds-base-1.4.4.8/ldap/servers/plugins/pwdstorage/pbkdf2_pwd.c:244:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *results[PBKDF2_BENCH_LOOP] = {0};
data/389-ds-base-1.4.4.8/ldap/servers/plugins/pwdstorage/sha_pwd.c:49:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char userhash[MAX_SHA_HASH_SIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/pwdstorage/sha_pwd.c:50:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char quick_dbhash[MAX_SHA_HASH_SIZE + SHA_SALT_LENGTH + 3];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/pwdstorage/sha_pwd.c:140:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char hash[MAX_SHA_HASH_SIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/pwdstorage/smd5_pwd.c:38:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char userhash[MD5_LENGTH];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/pwdstorage/smd5_pwd.c:40:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char quick_dbhash[MD5_LENGTH + MD5_DEFAULT_SALT_LENGTH + 1];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/pwdstorage/smd5_pwd.c:99:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char hash_out[MD5_LENGTH + MD5_DEFAULT_SALT_LENGTH];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/pwdstorage/smd5_pwd.c:100:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char b2a_out[(MD5_LENGTH * 2) + (MD5_MAX_SALT_LENGTH * 2)]; /* conservative */
data/389-ds-base-1.4.4.8/ldap/servers/plugins/pwdstorage/ssha_pwd.c:85:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char hash[MAX_SHA_HASH_SIZE + SHA_SALT_LENGTH];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/referint/referint.c:376:33:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            tmp_config->delay = atoi(argv[0]);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/referint/referint.c:744:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *values_del[2];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/referint/referint.c:745:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *values_add[2];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/referint/referint.c:938:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char *values_del[2];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/referint/referint.c:1083:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *attrs[2];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/referint/referint.c:1365:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char thisline[MAX_LINE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/referint/referint.c:1484:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static char buf[READ_BUFSIZE] = {0};
data/389-ds-base-1.4.4.8/ldap/servers/plugins/referint/referint.c:1552:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buffer[MAX_LINE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_api.c:1423:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char s[CSN_STRSIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_api.c:1509:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(pos, &t, sizeof(t));
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_api.c:1591:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char s[CSN_STRSIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_api.c:1623:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy((char *)&thetime, pos, sizeof(thetime));
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_api.c:1768:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(*buff, &count, sizeof(count));
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_api.c:1812:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(pos, &count, sizeof(count));
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_api.c:1879:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy((char *)&mod_count, *buff, sizeof(mod_count));
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_api.c:1922:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy((char *)&val_count, pos, sizeof(val_count));
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_api.c:1944:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char encstr[128];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_api.c:1950:17:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
                sprintf(ptr, "%x", 0xff & bv.bv_val[i]);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_api.c:1953:17:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
                sprintf(ptr, "...");
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_api.c:2035:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy((char *)&net_length, *buff, sizeof(net_length));
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_api.c:2042:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(bv->bv_val, *buff, bv->bv_len);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_api.c:2058:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(*buff, &net_length, sizeof(net_length));
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_api.c:2060:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(*buff, bv->bv_val, length);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_api.c:2077:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy((char *)&count, pos, sizeof(count));
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_api.c:2129:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(pos, &net_count, sizeof(net_count));
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_api.c:2145:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char csnStr[CSN_STRSIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_api.c:2594:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char strCSN[CSN_STRSIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_api.c:2762:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char csnStr[CSN_STRSIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_api.c:2832:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char csnStr[CSN_STRSIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_api.c:3129:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char csnStr[CSN_STRSIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_api.c:3188:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char csnStr[CSN_STRSIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_api.c:3253:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char strCSN[CSN_STRSIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_api.c:3536:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char csnStr[CSN_STRSIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_api.c:3554:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char s[CSN_STRSIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_api.c:3632:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char s[CSN_STRSIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_api.c:3904:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char csnStr[CSN_STRSIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_api.c:4173:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char csnStr[CSN_STRSIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_api.c:4510:12:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    return open;
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_clcache.c:626:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                char prevmax[CSN_STRSIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_clcache.c:627:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                char local[CSN_STRSIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_clcache.c:628:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                char curr[CSN_STRSIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_clcache.c:629:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                char conmaxcsn[CSN_STRSIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_clcache.c:686:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                char prevmax[CSN_STRSIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_clcache.c:687:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                char local[CSN_STRSIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_clcache.c:688:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                char curr[CSN_STRSIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_clcache.c:689:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                char conmaxcsn[CSN_STRSIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_clcache.c:748:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf_cur_csn_str[CSN_STRSIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_clcache.c:847:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char consumer[24] = {'\0'};
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_clcache.c:848:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char local[24] = {'\0'};
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_clcache.c:849:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char current[24] = {'\0'};
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_config.c:268:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                config_attr = (char *)mods[i]->mod_type;
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_config.c:269:38:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                config_attr_value = (char *)mods[i]->mod_bvalues[j]->bv_val;
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_config.c:278:45:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
                        config.maxEntries = atoi(config_attr_value);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_config.c:413:30:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        config->maxEntries = atoi(arg);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_init.c:180:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char fullpath[MAXPATHLEN];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_test.c:110:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char bkDir[MAXPATHLEN];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_test.c:356:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char ldifFile[MAXPATHLEN];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_test.c:571:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char cl_dir[256];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_test.c:643:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char dn[DN_SIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_test.c:685:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char dn[DN_SIZE], newrdn[64];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/csnpl.c:112:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char csn_str[CSN_STRSIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/csnpl.c:147:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char s[CSN_STRSIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/csnpl.c:162:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char csn_str[CSN_STRSIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/csnpl.c:272:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char csn_str[CSN_STRSIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/csnpl.c:296:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char csn_str[CSN_STRSIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/csnpl.c:419:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char csn_str[CSN_STRSIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/csnpl.c:420:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char primcsn_str[CSN_STRSIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/profile.c:38:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char filename[MAX_FILENAME];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_agmt.c:99:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char last_update_status[STATUS_LEN];   /* Status of last update. Format = numeric code <space> textual description */
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_agmt.c:100:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char last_update_status_json[STATUS_LEN];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_agmt.c:105:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char last_init_status[STATUS_LEN]; /* Status of last total init. Format = numeric code <space> textual description */
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_agmt.c:106:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char last_init_status_json[STATUS_LEN];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_agmt.c:258:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char errormsg[SLAPI_DSE_RETURNTEXT_SIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_agmt.c:471:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char hostname[128];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_agmt.c:706:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *attrs[2];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_agmt.c:799:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                    char buf[BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_agmt.c:800:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                    char unavail_buf[BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_agmt.c:1012:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(return_value->bv_val, ra->creds->bv_val, ra->creds->bv_len);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_agmt.c:1027:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(return_value->bv_val, ra->bootstrapCreds->bv_val, ra->bootstrapCreds->bv_len);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_agmt.c:1592:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *attrs[2];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_agmt.c:2609:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char ts[SLAPI_TIMESTAMP_BUFSIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_agmt.c:2692:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char ts[SLAPI_TIMESTAMP_BUFSIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_agmt.c:2708:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char unknown_connrc[100] = {0};
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_agmt.c:2842:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char tmp_buf[32]; /* 5 digit RID, 10 digit each replayed and skipped */
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_agmt.c:2868:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char changecount_string[BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_agmt.c:2912:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char status_msg[STATUS_LEN];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_agmt.c:2913:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char ts[SLAPI_TIMESTAMP_BUFSIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_agmt.c:2984:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(ridstr, bvals[0]->bv_val, bvals[0]->bv_len);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_agmt.c:2986:33:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            agmt->consumerRID = atoi(ridstr);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_agmt.c:3232:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char maxcsn[CSN_STRSIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_agmt.c:3355:15:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        rid = atoi(token);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_agmt.c:3373:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *attrs[2];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_agmt.c:3438:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                    char buf[BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_agmt.c:3439:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                    char unavail_buf[BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_agmtlist.c:253:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buff[SLAPI_DSE_RETURNTEXT_SIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_agmtlist.c:590:32:  [2] (integer) atol:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
                    ptimeout = atol(val);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_connection.c:901:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *attrs[2];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_connection.c:1614:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char localcsnstr[CSN_STRSIZE + 1] = {0};
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_connection.c:1615:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char remotecnsstr[CSN_STRSIZE + 1] = {0};
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_connection.c:1668:25:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                        char remotecsnstr[CSN_STRSIZE + 1] = {0};
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_connection.c:1669:25:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                        memcpy(remotecsnstr, remote_schema_csn_bervals[0]->bv_val,
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_connection.c:1697:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char *csnvalues[2];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_connection.c:1913:49:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
                        int password_expiring = atoi(ctrls[i]->ldctl_value.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_connection.c:1964:27:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        s_debug_timeout = atoi(val);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_connection.c:1966:29:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            s_debug_level = atoi(p + 1);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_connection.c:2002:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[20];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_connection.c:2010:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf(buf, "%d", 0);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_connection.c:2020:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[20];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_connection.c:2023:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(buf, "%d", s_debug_level);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_inc_protocol.c:64:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char csn_str[CSN_STRSIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_inc_protocol.c:65:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char uniqueid[UIDSTR_SIZE + 1];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_inc_protocol.c:1281:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char csn_str[CSN_STRSIZE]; /* For logging only */
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_inc_protocol.c:1676:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char csn_str[CSN_STRSIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_init.c:221:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char opcsnstr[CSN_STRSIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_init.c:660:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char entry_string[1024];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_plugins.c:91:27:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char *host = (char *)slapi_entry_attr_get_ref(entries[0], "nsslapd-localhost");
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_plugins.c:92:27:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char *port = (char *)slapi_entry_attr_get_ref(entries[0], "nsslapd-port");
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_plugins.c:93:30:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char *sslport = (char *)slapi_entry_attr_get_ref(entries[0], "nsslapd-secureport");
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_plugins.c:151:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char sessionid[REPL_SESSION_ID_SIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_plugins.c:247:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char sessionid[REPL_SESSION_ID_SIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_plugins.c:321:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char sessionid[REPL_SESSION_ID_SIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_plugins.c:398:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char sessionid[REPL_SESSION_ID_SIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_plugins.c:561:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                char csn_str[CSN_STRSIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_plugins.c:1065:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char csn_str[CSN_STRSIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_plugins.c:1102:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char csn_str[CSN_STRSIZE] = {'\0'};
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_plugins.c:1161:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char sessionid[REPL_SESSION_ID_SIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_plugins.c:1234:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char csn_str[CSN_STRSIZE] = {'\0'};
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_plugins.c:1361:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char sessionid[REPL_SESSION_ID_SIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_plugins.c:1416:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char sessionid[REPL_SESSION_ID_SIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_replica.c:125:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char errorbuf[SLAPI_DSE_RETURNTEXT_SIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_replica.c:491:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[SLAPI_TIMESTAMP_BUFSIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_replica.c:828:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char csn_str[CSN_STRSIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_replica.c:1791:11:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    const char *attrs[4];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_replica.c:1845:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[SLAPI_DSE_RETURNTEXT_SIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_replica.c:2179:23:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
                rid = atoi(token);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_replica.c:2207:22:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
                if (!atoi(token)) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_replica.c:2290:23:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
                rid = atoi(token);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_replica.c:2310:22:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
                if (!atoi(token)) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_replica.c:2467:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *attrs[2];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_replica.c:3036:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char deletion_csn_str[CSN_STRSIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_replica.c:3037:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char purge_csn_str[CSN_STRSIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_replica.c:3146:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char deletion_csn_str[CSN_STRSIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_replica.c:3147:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char tombstone_filter[128];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_replica.c:3335:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char csnstr[CSN_STRSIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_replica.c:3430:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char csn_str[CSN_STRSIZE]; /* For logging only */
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_replica.c:3991:25:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                        char opcsnstr[CSN_STRSIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_replica.c:3992:25:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                        char basecsnstr[CSN_STRSIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_replica.c:3993:25:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                        char opcsn2str[CSN_STRSIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_replica_config.c:329:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[SLAPI_DSE_RETURNTEXT_SIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_replica_config.c:390:28:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            config_attr = (char *)mods[i]->mod_type;
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_replica_config.c:449:38:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                config_attr_value = (char *)mods[i]->mod_bvalues[0]->bv_val;
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_replica_config.c:656:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[SLAPI_DSE_RETURNTEXT_SIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_replica_config.c:712:28:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            config_attr = (char *)mods[i]->mod_type;
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_replica_config.c:735:38:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                config_attr_value = (char *)mods[i]->mod_bvalues[0]->bv_val;
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_replica_config.c:902:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char val[64];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_replica_config.c:928:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(val, "%d", changeCount);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_replica_config.c:954:16:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        type = atoi(new_type);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_replica_config.c:972:23:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        int temprid = atoi(new_id);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_replica_config.c:1070:17:  [2] (integer) atol:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        flags = atol(new_flags);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_replica_config.c:1101:23:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        int temprid = atoi(&(task_name[CLEANRUVLEN]));
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_replica_config.c:1112:23:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        int temprid = atoi(&(task_name[CLEANALLRUVLEN]));
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_replica_config.c:1199:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char fName[MAXPATHLEN];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_replica_config.c:1253:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char fName[MAXPATHLEN];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_replica_config.c:1497:11:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
    rid = atoi(rid_str);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_replica_config.c:1585:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char csnstr[CSN_STRSIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_replica_config.c:1727:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char csnstr[CSN_STRSIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_replica_config.c:2124:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char csnstr[CSN_STRSIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_replica_config.c:2462:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char data[15];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_replica_config.c:2737:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(aborted_rids, new_abort_rids, sizeof(new_abort_rids));
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_replica_config.c:2830:27:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
                    rid = atoi(ldap_utf8strtok_r(attr_val[ii], ":", &iter));
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_replica_config.c:2896:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(cleaned_rids, new_cleaned_rids, sizeof(new_cleaned_rids));
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_replica_config.c:2906:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(pre_cleaned_rids, new_pre_cleaned_rids, sizeof(new_pre_cleaned_rids));
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_replica_config.c:2957:11:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
    rid = atoi(rid_str);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_replica_config.c:3468:44:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
                        cleanruv_log(task, atoi(rid_text), CLEANALLRUV_ID, SLAPI_LOG_NOTICE,
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_replica_config.c:3684:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *attrs[2];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_ruv.c:612:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char csn1[CSN_STRSIZE + 1];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_ruv.c:613:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char csn2[CSN_STRSIZE + 1];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_ruv.c:1008:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char csnStr1[CSN_STRSIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_ruv.c:1009:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char csnStr2[CSN_STRSIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_ruv.c:1174:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char buf[B_SIZ];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_ruv.c:1209:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char buf[B_SIZ];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_ruv.c:1320:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                char csnstra[CSN_STRSIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_ruv.c:1321:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                char csnstrb[CSN_STRSIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_ruv.c:1322:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                char ruvelem[1024];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_ruv.c:1403:52:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        if (0 == slapi_utf8casecmp(purl, (unsigned char *)refs[j]))
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_ruv.c:1446:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char csnstr1[CSN_STRSIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_ruv.c:1447:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char csnstr2[CSN_STRSIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_ruv.c:1448:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buff[RUVSTR_SIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_ruv.c:1499:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char csn_str[CSN_STRSIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_ruv.c:1709:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char csn_str[CSN_STRSIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_ruv.c:1942:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(ret_string, &bval->bv_val[index], ret_len);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_ruv.c:1963:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char ridbuff[RIDSTR_SIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_ruv.c:1991:15:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        rid = atoi(ridbuff);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_ruv.c:2004:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(purl, &bval->bv_val[urlbegin], urlend - urlbegin);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_ruv.c:2029:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                char mincsnstr[CSN_STRSIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_ruv.c:2030:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                char maxcsnstr[CSN_STRSIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_ruv.c:2034:17:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                memcpy(mincsnstr, &bval->bv_val[mincsnbegin], _CSN_VALIDCSN_STRLEN);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_ruv.c:2035:17:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                memcpy(maxcsnstr, &bval->bv_val[mincsnbegin + _CSN_VALIDCSN_STRLEN + 1], _CSN_VALIDCSN_STRLEN);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_ruv.c:2250:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char csnStr[CSN_STRSIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_ruv.c:2302:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char csnstr1[CSN_STRSIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_ruv.c:2303:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char csnstr2[CSN_STRSIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_ruv.c:2326:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char csnstr[CSN_STRSIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_schedule.c:570:9:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    int open;
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_schedule.c:580:19:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
                  open ? "open" : "closed");
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_schedule.c:586:41:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    sch->callback_fn(sch->callback_arg, open);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_tot_protocol.c:317:27:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
    entryid = (u_int32_t) atoi(entryid_str);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_total.c:214:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char csn_str[CSN_STRSIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_total.c:415:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char csnstring[CSN_STRSIZE + 1];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_updatedn_list.c:178:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *attrs[4];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl_controls.c:48:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char csn_str[CSN_STRSIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl_extop.c:141:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char s[CSN_STRSIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl_extop.c:143:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char *local_replica_referral[2] = {0};
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl_extop.c:539:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char locking_session[42] = {0};
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl_extop.c:893:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char purlstr[1024] = {0};
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl_extop.c:1317:11:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
    rid = atoi(ldap_utf8strtok_r(payload, ":", &iter));
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl_extop.c:1435:11:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
    rid = atoi(ldap_utf8strtok_r(payload, ":", &iter));
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl_extop.c:1526:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                char csnstr[CSN_STRSIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl_extop.c:1614:11:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
    rid = atoi(ldap_utf8strtok_r(payload, ":", &iter));
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/replutil.c:48:8:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static char *cleattrs[10] = {NULL, NULL, NULL, NULL, NULL, NULL,
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/replutil.c:110:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(s, from->bv_val, from->bv_len);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/replutil.c:159:23:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
#define OPEN_FUNCTION open
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/tests/dnp_sim.c:189:28:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
                int runs = atoi(argv[i + 1]);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/tests/dnp_sim.c:200:27:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
                FILE *f = fopen(argv[i + 1], "w");
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/tests/dnp_sim.c:247:18:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    FILE *file = fopen(name, "r");
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/tests/dnp_sim.c:248:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char line[256];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/tests/dnp_sim.c:261:28:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            sim.op_count = atoi(line);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/tests/dnp_sim.c:577:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(*perm_table, elements, element_count * sizeof(int));
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/tests/dnp_sim.c:583:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(elements_copy, elements, element_count * sizeof(int));
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/tests/dnp_sim.c:688:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(&(value->non_distinguished_csns[index + 1]),
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/tests/dnp_sim.c:726:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(value->non_distinguished_csns, &value->non_distinguished_csns[index + 1],
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/tests/dnp_sim2.c:192:28:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
                int runs = atoi(argv[i + 1]);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/tests/dnp_sim2.c:203:27:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
                FILE *f = fopen(argv[i + 1], "w");
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/tests/dnp_sim2.c:252:18:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    FILE *file = fopen(name, "r");
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/tests/dnp_sim2.c:253:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char line[256];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/tests/dnp_sim2.c:266:28:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            sim.op_count = atoi(line);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/tests/dnp_sim2.c:568:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(*perm_table, elements, element_count * sizeof(int));
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/tests/dnp_sim2.c:574:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(elements_copy, elements, element_count * sizeof(int));
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/tests/dnp_sim2.c:813:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(&(entry->dn_csns[i + 1]), &(entry->dn_csns[i]),
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/tests/dnp_sim3.c:238:28:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
                int runs = atoi(argv[i + 1]);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/tests/dnp_sim3.c:249:27:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
                FILE *f = fopen(argv[i + 1], "w");
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/tests/dnp_sim3.c:297:18:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    FILE *file = fopen(name, "r");
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/tests/dnp_sim3.c:298:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char line[256];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/tests/dnp_sim3.c:311:28:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            sim.op_count = atoi(line);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/tests/dnp_sim3.c:340:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buff[64];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/tests/dnp_sim3.c:719:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(*perm_table, elements, element_count * sizeof(int));
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/tests/dnp_sim3.c:725:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(elements_copy, elements, element_count * sizeof(int));
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/tests/dnp_sim3.c:958:21:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                    memcpy(&entry->sv_attr.current_value, entry->sv_attr.pending_value,
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/tests/dnp_sim3.c:976:25:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                        memcpy(entry->sv_attr.pending_value, &entry->sv_attr.current_value,
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/tests/dnp_sim3.c:980:21:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                    memcpy(&entry->sv_attr.current_value, value, sizeof(Value_State));
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/tests/dnp_sim3.c:988:21:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                    memcpy(&entry->sv_attr.current_value, value, sizeof(Value_State));
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/tests/dnp_sim3.c:994:29:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                            memcpy(entry->sv_attr.pending_value, value, sizeof(Value_State));
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/tests/dnp_sim3.c:998:25:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                        memcpy(entry->sv_attr.pending_value, value, sizeof(Value_State));
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/tests/dnp_sim3.c:1234:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(&(entry->dn_csns[i + 1]), &(entry->dn_csns[i]),
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/urp.c:55:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char sessionid[REPL_SESSION_ID_SIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/urp.c:102:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char sessionid[REPL_SESSION_ID_SIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/urp.c:257:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char sessionid[REPL_SESSION_ID_SIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/urp.c:559:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char sessionid[REPL_SESSION_ID_SIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/urp.c:698:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char sessionid[REPL_SESSION_ID_SIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/urp.c:750:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char sessionid[REPL_SESSION_ID_SIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/urp.c:811:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char sessionid[REPL_SESSION_ID_SIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/urp.c:868:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char csnstr[CSN_STRSIZE+1];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/urp.c:1340:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char buf[BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/urp.c:1341:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char csnstr[CSN_STRSIZE+1];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/urp.c:2178:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/urp.c:2205:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char csnstr[CSN_STRSIZE+1] = {0};
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/urp_tombstone.c:257:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char csnstr[CSN_STRSIZE + 1];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/urp_tombstone.c:258:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/windows_connection.c:988:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *attrs[2];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/windows_connection.c:1684:49:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
                        int password_expiring = atoi(ctrls[i]->ldctl_value.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/windows_connection.c:1835:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[20];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/windows_connection.c:1845:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf(buf, "%d", 0);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/windows_connection.c:1857:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[20];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/windows_connection.c:1862:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(buf, "%d", s_debug_level);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/windows_inc_protocol.c:1153:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char csn_str[CSN_STRSIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/windows_private.c:1192:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(dp->dirsync_cookie, serverCookie->bv_val, serverCookie->bv_len);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/windows_private.c:1353:17:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                memcpy(dp->dirsync_cookie, (vals[0]->bv_val), (vals[0])->bv_len + 1);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/windows_private.c:1507:34:  [2] (integer) atol:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
    if (str && (tmpval = (time_t)atol(str))) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/windows_protocol_util.c:884:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char acctvalstr[32];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/windows_protocol_util.c:5015:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *attrs[3];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/retrocl/retrocl.c:207:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char errbuf[SLAPI_DSE_RETURNTEXT_SIZE];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/retrocl/retrocl.c:314:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                    char *val[2];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/retrocl/retrocl_po.c:155:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char chnobuf[22] = {0};
data/389-ds-base-1.4.4.8/ldap/servers/plugins/retrocl/retrocl_po.c:298:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(chnobuf, "%lu", changenum);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/retrocl/retrocl_rootdse.c:46:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char buf[BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/retrocl/retrocl_rootdse.c:58:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf(buf, "%lu", cnum);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/retrocl/retrocl_rootdse.c:65:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf(buf, "%lu", cnum);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/retrocl/retrocl_trim.c:31:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static const char *cleattrs[10] = {NULL, NULL, NULL, NULL, NULL, NULL,
data/389-ds-base-1.4.4.8/ldap/servers/plugins/retrocl/retrocl_trim.c:190:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char fstr[16 + CNUMSTR_LEN + 2];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/rever/pbe.c:341:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(store->params->data, (unsigned char *)cryptoMech.pParameter, cryptoMech.ulParameterLen);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/rever/pbe.c:403:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(cipher_with_padding, cipher, len);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/roles/roles_cache.c:839:31:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                    string = (char *)slapi_value_get_string(va[i]);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/roles/roles_cache.c:1247:27:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                string = (char *)slapi_value_get_string(va[i]);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/rootdn_access/rootdn_access.c:218:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char hour[3], min[3];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/rootdn_access/rootdn_access.c:277:20:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            time = atoi(openTime);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/rootdn_access/rootdn_access.c:297:34:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            open_time = (time_t)(atoi(hour) * 3600) + (atoi(min) * 60);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/rootdn_access/rootdn_access.c:297:56:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            open_time = (time_t)(atoi(hour) * 3600) + (atoi(min) * 60);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/rootdn_access/rootdn_access.c:308:20:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            time = atoi(closeTime);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/rootdn_access/rootdn_access.c:328:35:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            close_time = (time_t)(atoi(hour) * 3600) + (atoi(min) * 60);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/rootdn_access/rootdn_access.c:328:57:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            close_time = (time_t)(atoi(hour) * 3600) + (atoi(min) * 60);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/rootdn_access/rootdn_access.c:501:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char day[4] = {0};
data/389-ds-base-1.4.4.8/ldap/servers/plugins/rootdn_access/rootdn_access.c:520:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char buf[PR_NETDB_BUF_SIZE] = {0};
data/389-ds-base-1.4.4.8/ldap/servers/plugins/rootdn_access/rootdn_access.c:606:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char ip_str[256] = {0};
data/389-ds-base-1.4.4.8/ldap/servers/plugins/sync/sync_refresh.c:641:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *syncUUIDs[SYNC_MAX_DELETED_UUID_BATCH + 1] = {0};
data/389-ds-base-1.4.4.8/ldap/servers/plugins/sync/sync_util.c:85:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char u[17];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/sync/sync_util.c:110:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(uuid, u, sizeof(u));
data/389-ds-base-1.4.4.8/ldap/servers/plugins/sync/sync_util.c:239:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char buf[16] = {0};
data/389-ds-base-1.4.4.8/ldap/servers/plugins/syntaxes/bin.c:341:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(tmpval->bv.bv_val, slapi_value_get_string(bval), len);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/syntaxes/phonetic.c:119:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char phoneme[MAXPHONEMELEN + 1];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/syntaxes/phonetic.c:198:8:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static char vsvfn[26] = {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/syntaxes/phonetic.c:228:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char ntrans[42];           /* word with uppercase letters */
data/389-ds-base-1.4.4.8/ldap/servers/plugins/syntaxes/phonetic.c:230:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[MAXPHONEMELEN + 2];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/syntaxes/string.c:132:15:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        w2 = (char *)slapi_value_get_string(bvals[i]); /* JCM cast */
data/389-ds-base-1.4.4.8/ldap/servers/plugins/syntaxes/string.c:195:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char pat[BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/syntaxes/string.c:196:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/syntaxes/string.c:319:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char ebuf[BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/syntaxes/string.c:378:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char ebuf[BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/syntaxes/string.c:661:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(tmpval->bv.bv_val, slapi_value_get_string(val), len);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/syntaxes/syntax_common.c:25:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char *argv[2];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/syntaxes/value.c:219:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char little_buffer[64];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/uiduniq/uid.c:510:9:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
        strcpy(fp, "(&(objectClass=");
data/389-ds-base-1.4.4.8/ldap/servers/plugins/uiduniq/uid.c:535:9:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
        strcpy(fp, "(|");
data/389-ds-base-1.4.4.8/ldap/servers/plugins/uiduniq/uid.c:1578:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static char hexchars[16] = "0123456789abcdef";
data/389-ds-base-1.4.4.8/ldap/servers/plugins/uiduniq/utils.c:132:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *attrs[2];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/uiduniq/utils.c:181:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *attrs[2];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/usn/usn.c:354:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char counter_buf[USN_COUNTER_BUF_LEN];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/usn/usn.c:681:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char counter_buf[USN_COUNTER_BUF_LEN];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/views/views.c:57:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char includeAncestorFiltersFilter_str[1024];       /* the filter with all ancestor filters */
data/389-ds-base-1.4.4.8/ldap/servers/plugins/views/views.c:58:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char excludeAllButDescendentViewsFilter_str[1024]; /* for building the view of views */
data/389-ds-base-1.4.4.8/ldap/servers/plugins/views/views.c:59:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char excludeChildFiltersFilter_str[1024];          /* NOT all children views, for one level searches */
data/389-ds-base-1.4.4.8/ldap/servers/plugins/views/views.c:60:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char excludeGrandChildViewsFilter_str[1024];       /* view filter for one level searches */
data/389-ds-base-1.4.4.8/ldap/servers/plugins/views/views.c:61:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char includeChildViewsFilter_str[1024];            /* view filter for subtree searches */
data/389-ds-base-1.4.4.8/ldap/servers/plugins/views/views.c:1033:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *attrs[2];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/views/views.c:1548:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char outFilter_str[1024];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/views/views.c:1549:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char clientFilter_str[1024];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/views/views.c:1550:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char includeAncestorFiltersFilter_str[1024];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/views/views.c:1551:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char excludeChildFiltersFilter_str[1024];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/views/views.c:1552:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char excludeGrandChildViewsFilter_str[1024];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/views/views.c:1553:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char includeChildViewsFilter_str[1024];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/add.c:163:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char ebuf[SLAPI_DSE_RETURNTEXT_SIZE];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/add.c:493:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char errorbuf[SLAPI_DSE_RETURNTEXT_SIZE];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/add.c:826:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[SLAPI_TIMESTAMP_BUFSIZE];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/add.c:1055:79:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        if ((strcasecmp(normtype, "objectclass") == 0) && (strncasecmp((const char *)vals[n]->bv_val, "ldapsubentry", vals[n]->bv_len) == 0)) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/agtmmap.c:99:19:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        if ((fd = open(path, O_RDONLY)) < 0) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/agtmmap.c:131:14:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        fd = open(path,
data/389-ds-base-1.4.4.8/ldap/servers/slapd/agtmmap.h:70:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char dsVersion[SNMP_FIELD_LENGTH];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/agtmmap.h:71:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char dsName[SNMP_FIELD_LENGTH];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/agtmmap.h:72:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char dsDescription[SNMP_FIELD_LENGTH];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/agtmmap.h:73:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char dsOrganization[SNMP_FIELD_LENGTH];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/agtmmap.h:74:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char dsLocation[SNMP_FIELD_LENGTH];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/agtmmap.h:75:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char dsContact[SNMP_FIELD_LENGTH];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/agtmmap.h:131:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char dsName[SNMP_FIELD_LENGTH];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/agtmmap.h:138:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char dsURL[SNMP_FIELD_LENGTH];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/attr.c:276:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[SLAPD_TYPICAL_ATTRIBUTE_NAME_MAX_LENGTH];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/attr.c:308:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char buf[SLAPD_TYPICAL_ATTRIBUTE_NAME_MAX_LENGTH];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/attr.c:869:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char bvvalcopy[BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/attrsyntax.c:962:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *names[2];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/attrsyntax.c:1098:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[SLAPD_TYPICAL_ATTRIBUTE_NAME_MAX_LENGTH];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/attrsyntax.c:1549:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *names[2];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/auditlog.c:38:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static const char *modrdn_changes[4];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/auditlog.c:320:20:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        newrdn = ((char **)change)[0];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/auditlog.c:331:15:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        if (((char **)change)[2]) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/auditlog.c:332:35:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char *newsuperior = ((char **)change)[2];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/auditlog.c:338:15:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        if (((char **)change)[1]) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/auditlog.c:339:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char *modifier = ((char **)change)[1];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/auth.c:89:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                char fbuf[BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/auth.c:95:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char fbuf[BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/auth.c:363:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char sbuf[BUFSIZ], ibuf[BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/auth.c:405:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char sslversion[64];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/auth.c:460:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char sbuf[BUFSIZ], ibuf[BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ancestorid.c:32:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char keybuf[24];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ancestorid.c:381:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char keybuf[24];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/cache.c:270:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char ep_id[16];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/cache.c:271:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char ep_ids[80];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/cache.c:935:13:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
            sprintf(*out + strlen(*out), "; ");
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/cache.c:963:13:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
            sprintf(*out + strlen(*out), "%d[%d] ", j, slot_stats[j]);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_config.c:109:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char entry_string[512];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_config.c:111:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char ebuf[BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_config.c:1418:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char err_buf[SLAPI_DSE_RETURNTEXT_SIZE];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_config.c:1772:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_config.c:1882:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char buf[BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_config.c:2089:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char err_buf[SLAPI_DSE_RETURNTEXT_SIZE];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_config.c:2213:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char err_buf[SLAPI_DSE_RETURNTEXT_SIZE];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_config.c:2244:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char err_buf[SLAPI_DSE_RETURNTEXT_SIZE];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_import.c:570:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char keybuf[24];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_import.c:776:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char keybuf[24];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_import.c:1017:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char value_buffer[22] = {0}; /* enough digits for 2^64 children */
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_import.c:1033:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(value_buffer, "%lu", (long unsigned int)sub_count);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_import.c:1088:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char value_buffer[20]; /* enough digits for 2^64 children */
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_import.c:1110:13:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
            sprintf(value_buffer, "%lu", (u_long)current->id);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_import.c:1220:28:  [2] (integer) atol:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            parentid = (ID)atol(idptr);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_import.c:1855:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char buffer[256], *p = buffer;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_import.c:1858:18:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
            p += sprintf(p, "Processed %lu entries ", (u_long)job->ready_ID);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_import.c:1860:22:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
                p += sprintf(p, "(pass %d) ", job->total_pass);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_import.c:1862:18:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
            p += sprintf(p, "-- average rate %.1f/sec, ",
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_import.c:1864:18:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
            p += sprintf(p, "recent rate %.1f/sec, ",
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_import.c:1866:18:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
            p += sprintf(p, "hit ratio %.0f%%", job->cache_hit_ratio * 100.0);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_import.c:2157:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char inst_dir[MAXPATHLEN * 2];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_import_threads.c:91:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char tombstone_csnstr[CSN_STRSIZE];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_import_threads.c:284:30:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
                my_version = atoi(value.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_import_threads.c:307:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[SLAPI_TIMESTAMP_BUFSIZE];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_import_threads.c:1311:47:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        conflict[i] = (ID *)slapi_ch_realloc((char *)conflict[i],
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_import_threads.c:1570:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(ecopy, data.dptr, data.dsize);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_import_threads.c:1722:38:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
                    job->upgradefd = fopen(path, "w");
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_import_threads.c:1734:38:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
                    job->upgradefd = fopen(path, "r");
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_import_threads.c:1780:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                    char buf[BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_import_threads.c:2273:28:  [2] (integer) atol:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            ID parent_id = atol(attr_value);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_import_threads.c:3024:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                char tomb_csnstr[CSN_STRSIZE];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_import_threads.c:3531:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char tmpbuf[BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_import_threads.c:3943:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static char counter_buf[USN_COUNTER_BUF_LEN] = {0};
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_instance_config.c:149:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char inst_dir[MAXPATHLEN * 2];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_instance_config.c:219:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_instance_config.c:258:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char inst_dir[MAXPATHLEN];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_layer.c:24:29:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
            (rval) = ((db)->open)((db), (txnid), (file), (database), (type), (flags) | DB_AUTO_COMMIT, (mode)); \
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_layer.c:26:29:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
            (rval) = ((db)->open)((db), (txnid), (file), (database), (type), (flags), (mode));                  \
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_layer.c:467:12:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    return open(path, oflag, mode);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_layer.c:614:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char filename[MAXPATHLEN];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_layer.c:703:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char id2entry_file[MAXPATHLEN];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_layer.c:850:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char filename[MAXPATHLEN];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_layer.c:1079:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                char file_pattern[MAXPATHLEN];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_layer.c:1212:43:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        return_value = (pEnv->bdb_DB_ENV->open)(
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_layer.c:1261:43:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        return_value = (pEnv->bdb_DB_ENV->open)(
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_layer.c:1350:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char s[64]; /* big enough to hold %ld */
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_layer.c:1421:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char inst_dir[MAXPATHLEN];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_layer.c:1574:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char *data_directories[2] = {0, 0};
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_layer.c:1627:49:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
            return_value = (mypEnv->bdb_DB_ENV->open)(mypEnv->bdb_DB_ENV,
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_layer.c:1798:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char inst_dir[MAXPATHLEN];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_layer.c:1800:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *data_directories[2] = {0, 0};
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_layer.c:1831:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(conf, oconf, sizeof(bdb_config));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_layer.c:1885:37:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        rval = (mypEnv->bdb_DB_ENV->open)(mypEnv->bdb_DB_ENV,
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_layer.c:1969:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char inst_dir[MAXPATHLEN];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_layer.c:2302:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char inst_dir[MAXPATHLEN];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_layer.c:2533:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char dbName[MAXPATHLEN] = {0};
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_layer.c:3108:51:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
    cfg->hold_msec = getenv(TXN_TEST_HOLD_MSEC) ? atoi(getenv(TXN_TEST_HOLD_MSEC)) : 200;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_layer.c:3109:51:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
    cfg->loop_msec = getenv(TXN_TEST_LOOP_MSEC) ? atoi(getenv(TXN_TEST_LOOP_MSEC)) : 10;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_layer.c:3138:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char keybuf[8192];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_layer.c:3139:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char databuf[8192];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_layer.c:3737:25:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                        char new_filename[MAXPATHLEN];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_layer.c:3937:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char filename[MAXPATHLEN];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_layer.c:3938:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char line[DB_LINE_LENGTH * 2];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_layer.c:3977:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char filename[MAXPATHLEN];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_layer.c:3986:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char attribute[513];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_layer.c:3987:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char value[129], delimiter;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_layer.c:4042:26:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
                number = atoi(value);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_layer.c:4046:26:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
                number = atoi(value);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_layer.c:4139:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char filename[MAXPATHLEN];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_layer.c:4187:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char filename[MAXPATHLEN];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_layer.c:4191:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char inst_dir[MAXPATHLEN];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_layer.c:4323:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char filename[MAXPATHLEN];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_layer.c:4438:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char filename[MAXPATHLEN];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_layer.c:4558:23:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
#define OPEN_FUNCTION open
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_layer.c:4672:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char inst_dir[MAXPATHLEN];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_layer.c:4865:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char inst_dir[MAXPATHLEN];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_layer.c:5165:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char filename1[MAXPATHLEN];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_layer.c:5230:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char filename1[MAXPATHLEN];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_layer.c:5231:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char filename2[MAXPATHLEN];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_layer.c:5769:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char inst_dir[MAXPATHLEN];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_ldif2db.c:643:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char idstr[32];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_ldif2db.c:645:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf(idstr, "# entry-id: %lu\n", (u_long)expargs->ep->ep_id);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_ldif2db.c:987:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char vstr[64];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_ldif2db.c:993:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf(vstr, "version: %d\n\n", myversion);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_ldif2db.c:1846:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char deletion_csn_str[CSN_STRSIZE];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_ldif2db.c:2283:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char inst_dir[MAXPATHLEN];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_ldif2db.c:2662:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char fullpath[MAXPATHLEN];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_ldif2db.c:2664:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char inst_dir[MAXPATHLEN];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_misc.c:118:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char inst_dir[MAXPATHLEN], *inst_dirp = NULL;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_misc.c:160:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char size_to_str[32]; /* big enough to hold %ld */
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_monitor.c:28:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char tmp_atype[37];                                \
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_monitor.c:47:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_monitor.c:175:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf(buf, "%lu", (unsigned long)mpfstat[i]->st_cache_hit);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_monitor.c:177:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf(buf, "%lu", (unsigned long)mpfstat[i]->st_cache_miss);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_monitor.c:179:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf(buf, "%lu", (unsigned long)mpfstat[i]->st_page_in);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_monitor.c:181:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf(buf, "%lu", (unsigned long)mpfstat[i]->st_page_out);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_monitor.c:202:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_monitor.c:229:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(buf, "%lu", (unsigned long)mpstat->st_cache_hit);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_monitor.c:238:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(buf, "%lu", (unsigned long)(100.0 * (double)mpstat->st_cache_hit / (double)(cache_tries > 0 ? cache_tries : 1)));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_monitor.c:241:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(buf, "%lu", (unsigned long)mpstat->st_page_in);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_monitor.c:243:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(buf, "%lu", (unsigned long)mpstat->st_page_out);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_monitor.c:245:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(buf, "%lu", (unsigned long)mpstat->st_ro_evict);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_monitor.c:247:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(buf, "%lu", (unsigned long)mpstat->st_rw_evict);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_monitor.c:266:13:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
            sprintf(buf, "%d", -1);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_upgrade.c:201:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char inst_dir[MAXPATHLEN * 2];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_verify.c:20:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char dbdir[MAXPATHLEN];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_version.c:42:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char filename[MAXPATHLEN * 2];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_version.c:62:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char buf[LDBM_VERSION_MAXBUF];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_version.c:117:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char filename[MAXPATHLEN * 2];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_version.c:145:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char buf[LDBM_VERSION_MAXBUF] = {0};
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_version.c:188:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char filename[MAXPATHLEN * 2];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/dblayer.c:73:29:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
            (rval) = ((db)->open)((db), (txnid), (file), (database), (type), (flags) | DB_AUTO_COMMIT, (mode)); \
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/dblayer.c:75:29:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
            (rval) = ((db)->open)((db), (txnid), (file), (database), (type), (flags), (mode));                  \
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/dblayer.c:1265:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char full_name[MAXPATHLEN];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/dblayer.c:1309:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char inst_dir[MAXPATHLEN];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/filterindex.c:203:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char buf[BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/filterindex.c:289:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char buf[1024];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/filterindex.c:700:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *tpairs[2] = {NULL, NULL};
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/filterindex.c:1053:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char buf[BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/id2entry.c:34:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char temp_id[sizeof(ID)];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/id2entry.c:211:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char temp_id[sizeof(ID)];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/id2entry.c:260:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char temp_id[sizeof(ID)];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/idl.c:386:48:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        SAFEMEMCPY((char *)&idl->b_ids[nids], (char *)tmp[i]->b_ids,
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/idl_common.c:164:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(new, idl, idl_sizeof(idl));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/idl_new.c:143:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buffer[BULK_FETCH_BUFFER_SIZE];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/idl_new.c:237:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(&id, dataret.data, sizeof(ID));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/idl_new.c:369:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buffer[BULK_FETCH_BUFFER_SIZE];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/idl_new.c:435:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(cur_key.data, lowerkey->data, lowerkey->size);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/idl_new.c:514:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(&id, dataret.data, sizeof(ID));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/import.c:45:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buffer[LOG_BUFFER];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/index.c:35:8:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static char prefix_PRESENCE[2] = {PRES_PREFIX, 0};
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/index.c:36:8:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static char prefix_EQUALITY[2] = {EQ_PREFIX, 0};
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/index.c:37:8:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static char prefix_APPROX[2] = {APPROX_PREFIX, 0};
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/index.c:38:8:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static char prefix_SUB[2] = {SUB_PREFIX, 0};
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/index.c:321:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(bin->key.data, key->data, key->size);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/index.c:368:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char deletion_csn_str[CSN_STRSIZE];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/index.c:515:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[SLAPD_TYPICAL_ATTRIBUTE_NAME_MAX_LENGTH];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/index.c:806:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
const char *
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/index.c:807:35:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
encode(const struct berval *data, char buf[BUFSIZ])
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/index.c:824:21:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                    memcpy(bufNext, first, s - first);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/index.c:834:25:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                        memcpy(bufNext, "..", 2);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/index.c:842:25:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
                        sprintf(bufNext, "%02x", (unsigned)*(unsigned char *)s);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/index.c:863:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static const char *
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/index.c:864:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
encoded(DBT *d, char buf[BUFSIZ])
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/index.c:912:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/index.c:913:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char typebuf[SLAPD_TYPICAL_ATTRIBUTE_NAME_MAX_LENGTH];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/index.c:1042:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(realbuf, prefix, plen);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/index.c:1043:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(realbuf + plen, val->bv_val, vlen);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/index.c:1492:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(realbuf, prefix, plen);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/index.c:1493:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(realbuf + plen, val->bv_val, vlen);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/index.c:1516:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(tmpbuf, prefix, plen + 1);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/index.c:1554:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(nextrealbuf, prefix, plen);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/index.c:1555:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(nextrealbuf + plen, nextval->bv_val, vlen);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/index.c:1704:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                    char encbuf[BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/index.c:1898:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(realbuf, prefix, plen);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/index.c:1899:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(realbuf + plen, bvp->bv_val, vlen);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/index.c:1916:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char encbuf[BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/index.c:2011:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[SLAPD_TYPICAL_ATTRIBUTE_NAME_MAX_LENGTH];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/index.c:2244:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(p + 1, indextype, len);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_add.c:736:25:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                        char tombstone_csnstr[CSN_STRSIZE];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_add.c:952:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char deletion_csn_str[CSN_STRSIZE];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_add.c:1456:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[40]; /* Enough for an EntryID */
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_add.c:1467:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf(buf, "%lu", (u_long)pid);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_add.c:1474:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(buf, "%lu", (u_long)ep->ep_id);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_attr.c:144:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(a->ai_substr_lens, b->ai_substr_lens, substrlen);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_attr.c:207:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char staticfiltstrbuf[1024];                     /* for small filter strings */
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_attr.c:677:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char myreturntext[SLAPI_DSE_RETURNTEXT_SIZE];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_attr.c:1131:30:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
                rhs_number = atoi(rhs);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_attr.c:1166:23:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            rhs_num = atoi(rhs);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_attrcrypt.c:659:22:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        print_ptr += sprintf(print_ptr, "%02x ", bytes[x]);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_attrcrypt_config.c:270:30:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char *config_attr = (char *)mods[i]->mod_type;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_config.c:104:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char entry_string[512];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_config.c:106:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char ebuf[BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_config.c:167:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf(buf, "%d", (int)((uintptr_t)val));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_config.c:170:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf(buf, "%o", (int)((uintptr_t)val));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_config.c:173:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf(buf, "%ld", (long)val);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_config.c:186:13:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
            sprintf(buf, "on");
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_config.c:188:13:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
            sprintf(buf, "off");
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_config.c:421:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char tmpbuf[BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_config.c:982:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char err_buf[SLAPI_DSE_RETURNTEXT_SIZE];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_config.c:1224:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_config.c:1335:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char buf[BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_config.c:1518:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char err_buf[SLAPI_DSE_RETURNTEXT_SIZE];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_config.c:1682:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char err_buf[SLAPI_DSE_RETURNTEXT_SIZE];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_delete.c:76:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char deletion_csn_str[CSN_STRSIZE];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_entryrdn.c:57:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char rdn_elem_id[sizeof(ID)];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_entryrdn.c:58:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char rdn_elem_nrdn_len[2]; /* ushort; length including '\0' */
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_entryrdn.c:59:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char rdn_elem_rdn_len[2];  /* ushort; length including '\0' */
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_entryrdn.c:60:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char rdn_elem_nrdn_rdn[1]; /* "normalized rdn" '\0' "rdn" '\0' */
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_entryrdn.c:1542:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(*new, raw, elem_len);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_entryrdn.c:1699:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buffer[RDN_BULK_FETCH_BUFFER_SIZE];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_entryrdn.c:2031:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buffer[RDN_BULK_FETCH_BUFFER_SIZE];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_entryrdn.c:2662:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buffer[RDN_BULK_FETCH_BUFFER_SIZE];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_entryrdn.c:3223:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char buffer[RDN_BULK_FETCH_BUFFER_SIZE];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_entryrdn.c:3326:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buffer[RDN_BULK_FETCH_BUFFER_SIZE];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_instance_config.c:512:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char err_buf[SLAPI_DSE_RETURNTEXT_SIZE];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_instance_config.c:743:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_modify.c:392:41:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                if  (strncasecmp((const char *)mods[i]->mod_bvalues[j]->bv_val,
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_modrdn.c:781:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                char buf[40]; /* Enough for an ID */
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_modrdn.c:784:21:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
                    sprintf(buf, "%lu", (u_long)parententry->ep_id);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_modrdn.c:788:21:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
                    sprintf(buf, "%lu", (u_long)newparententry->ep_id);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_modrdn.c:943:49:  [2] (integer) atol:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
                                    sub_count = atol(bval->bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_modrdn.c:1988:9:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
        strcat(newdn, ", ");
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_modrdn.c:1994:13:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
            strcat(newdn, ", ");
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_modrdn.c:2133:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char filterstr[20];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_modrdn.c:2161:9:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
        strcpy(filterstr, "objectclass=*");
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_search.c:207:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char pat[BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_search.c:267:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char ebuf[BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_search.c:452:25:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                        char dn[128];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_search.c:454:25:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                        char *dummyAttrs[2] = {NULL, NULL};
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_search.c:1092:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[40];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_search.c:1098:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(buf, "parentid=%lu", (u_long)(baseEntry != NULL ? baseEntry->ep_id : 0));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/misc.c:43:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buffer[200];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/misc.c:291:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char fullpath[MAXPATHLEN];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/misc.c:506:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(*value, bvvalue.bv_val, bvvalue.bv_len);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/misc.c:593:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(value, bvvalue.bv_val, bvvalue.bv_len);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/parents.c:55:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char value_buffer[22] = {0}; /* enough digits for 2^64 children */
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/parents.c:87:37:  [2] (integer) atol:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
                current_sub_count = atol(bval->bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/parents.c:134:13:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
            sprintf(value_buffer, "%lu", (long unsigned int)current_sub_count);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/parents.c:158:41:  [2] (integer) atol:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
                    current_sub_count = atol(bval->bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/parents.c:170:17:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
                sprintf(value_buffer, "%lu", (long unsigned int)current_sub_count);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/parents.c:183:13:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
            sprintf(value_buffer, "%lu", (long unsigned int)current_sub_count);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/proto-back-ldbm.h:281:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
const char *encode(const struct berval *data, char buf[BUFSIZ]);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/proto-back-ldbm.h:281:47:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
const char *encode(const struct berval *data, char buf[BUFSIZ]);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/seq.c:118:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char little_buffer[SEQ_LITTLE_BUFFER_SIZE];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/sort.c:85:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char stack_buffer[SORT_LOG_BSZ + SORT_LOG_PAD];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/sort.c:91:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char candidate_buffer[32]; /* store u_long value; max 20 digits */
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/start.c:163:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                char dbcachesize[BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/vlv.c:1730:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char stack_buffer[VLV_LOG_BS];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/vlv.c:1738:10:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    p += sprintf(p, "VLV ");
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/vlv.c:1741:14:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        p += sprintf(p, "%d:%d:%d:%d",
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/vlv.c:1749:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char stack_string[VLV_LOG_SS];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/vlv.c:1766:10:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    p += sprintf(p, " %d:%d (%d)",
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/vlv_key.c:59:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(((char *)p->key.data) + p->key.size, val->bv_val, val->bv_len);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/vlv_srch.c:362:9:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
        strcpy(text, "none");
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/vlv_srch.c:419:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *attrs[2] = {NULL, NULL};
data/389-ds-base-1.4.4.8/ldap/servers/slapd/backend_manager.c:145:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(*cookie, &i, sizeof(int));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/backend_manager.c:174:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(cookie, &i, sizeof(int));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/bind.c:72:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char errorbuf[SLAPI_DSE_RETURNTEXT_SIZE] = {0};
data/389-ds-base-1.4.4.8/ldap/servers/slapd/bind.c:74:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char authtypebuf[256]; /* >26 (strlen(SLAPD_AUTH_SASL)+SASL_MECHNAMEMAX+1) */
data/389-ds-base-1.4.4.8/ldap/servers/slapd/charray.c:120:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(dupa, *a, sizeof(char *) * n);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/compare.c:46:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char errorbuf[SLAPI_DSE_RETURNTEXT_SIZE];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/config.c:139:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char configfile[MAXPATHLEN + 1];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/config.c:145:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char returntext[SLAPI_DSE_RETURNTEXT_SIZE] = {0};
data/389-ds-base-1.4.4.8/ldap/servers/slapd/config.c:149:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char tmpfile[MAXPATHLEN + 1];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/config.c:149:10:  [2] (tmpfile) tmpfile:
  Function tmpfile() has a security flaw on some systems (e.g., older System
  V systems) (CWE-377).
    char tmpfile[MAXPATHLEN + 1];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/config.c:157:17:  [2] (tmpfile) tmpfile:
  Function tmpfile() has a security flaw on some systems (e.g., older System
  V systems) (CWE-377).
    PR_snprintf(tmpfile, sizeof(tmpfile), "%s/%s.bak", configdir, CONFIG_FILENAME);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/config.c:157:33:  [2] (tmpfile) tmpfile:
  Function tmpfile() has a security flaw on some systems (e.g., older System
  V systems) (CWE-377).
    PR_snprintf(tmpfile, sizeof(tmpfile), "%s/%s.bak", configdir, CONFIG_FILENAME);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/config.c:158:37:  [2] (tmpfile) tmpfile:
  Function tmpfile() has a security flaw on some systems (e.g., older System
  V systems) (CWE-377).
    rc = dse_check_file(configfile, tmpfile);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/config.c:193:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char workpath[MAXPATHLEN + 1];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/config.c:194:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char loglevel[BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/config.c:195:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char maxdescriptors[BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/config.c:196:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char val[BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/config.c:197:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char _localuser[BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/config.c:198:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char logenabled[BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/config.c:199:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char schemacheck[BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/config.c:200:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char syntaxcheck[BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/config.c:201:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char syntaxlogging[BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/config.c:202:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char plugintracking[BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/config.c:203:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char dn_validate_strict[BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/config.c:204:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char moddn_aci[BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/config.c:215:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                char errorbuf[SLAPI_DSE_RETURNTEXT_SIZE];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/configdse.c:236:23:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        val.bv_val = (char *)requires_restart[i];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/configdse.c:392:28:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            config_attr = (char *)mods[i]->mod_type;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/configdse.c:615:25:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        *maxdiskspace = atoi((char *)mod->mod_bvalues[0]->bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/configdse.c:620:21:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        *mlogsize = atoi((char *)mod->mod_bvalues[0]->bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/connection.c:265:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf_ldapi[sizeof(from->local.path) + 1] = {0};
data/389-ds-base-1.4.4.8/ldap/servers/slapd/connection.c:266:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf_destldapi[sizeof(from->local.path) + 1] = {0};
data/389-ds-base-1.4.4.8/ldap/servers/slapd/connection.c:267:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf_ip[INET6_ADDRSTRLEN + 1] = {0};
data/389-ds-base-1.4.4.8/ldap/servers/slapd/connection.c:268:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf_destip[INET6_ADDRSTRLEN + 1] = {0};
data/389-ds-base-1.4.4.8/ldap/servers/slapd/connection.c:289:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(conn->cin_addr, from, sizeof(PRNetAddr));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/connection.c:293:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(conn->cin_addr, from, sizeof(PRNetAddr));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/connection.c:307:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(conn->cin_addr, from, sizeof(PRNetAddr));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/conntable.c:500:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/conntable.c:501:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char maxthreadbuf[BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/conntable.c:524:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char buf2[SLAPI_TIMESTAMP_BUFSIZE+1];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/conntable.c:662:12:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    file = fopen("/tmp/slapd.conn", "a+");
data/389-ds-base-1.4.4.8/ldap/servers/slapd/control.c:565:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(rctrl->ldctl_value.bv_val, ctrl->ldctl_value.bv_val,
data/389-ds-base-1.4.4.8/ldap/servers/slapd/counters.c:125:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char value[40];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/counters.c:143:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char value[40];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/csn.c:94:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(csn1, csn2, sizeof(CSN));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/csngen.c:519:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(&gen->state, bval->bv_val, bval->bv_len);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/csngen.c:773:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buff[CSN_STRSIZE];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/daemon.c:811:29:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                if ((val = (char *)slapi_entry_attr_get_ref(entries[ii], attrs[i]))) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/daemon.c:819:25:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                        char *replace_val[2];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/daemon.c:1034:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                char addrbuf[256];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/daemon.c:1052:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                char addrbuf[256];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/daemon.c:1285:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char buf[200];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/daemon.c:2204:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char addrbuf[256];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/daemon.c:2288:15:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if ((fp = fopen(get_pid_file(), "w")) != NULL) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/daemon.c:2367:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char addrbuf[256];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/daemon.c:2524:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                    char abuf[256];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/delete.c:228:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char errorbuf[SLAPI_DSE_RETURNTEXT_SIZE];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/detach.c:56:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char errorbuf[SLAPI_DSE_RETURNTEXT_SIZE];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/detach.c:161:19:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        if ((sd = open("/dev/null", O_RDWR)) == -1) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/detach.c:173:19:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        if ((sd = open("/dev/tty", O_RDWR)) != -1) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/dn.c:84:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char key[16];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/dn.c:1254:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(tmpavs, *rdn_avsp,
data/389-ds-base-1.4.4.8/ldap/servers/slapd/dn.c:1351:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char stackbuf1[SLAPI_DNNORM_SMALL_RDN_AV];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/dn.c:1352:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char stackbuf2[SLAPI_DNNORM_SMALL_RDN_AV];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/dn.c:1365:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(buf1, av1->bv_val, len1);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/dn.c:1372:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(buf2, av2->bv_val, len2);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/dn.c:1377:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(av1->bv_val, buf2, av2->bv_len);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/dn.c:1392:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(av2->bv_val, buf1, len1);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/dse.c:490:37:  [2] (integer) atol:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
                current_sub_count = atol(bval->bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/dse.c:526:37:  [2] (integer) atol:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
                current_sub_count = atol(bval->bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/dse.c:561:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char value_buffer[22] = {0}; /* enough digits for 2^64 children */
data/389-ds-base-1.4.4.8/ldap/servers/slapd/dse.c:566:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf(value_buffer, "%lu", (long unsigned int)current_sub_count);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/dse.c:726:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                    char errbuf[256];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/dse.c:731:21:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                    memcpy(errbuf, entrystr, cpylen);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/dse.c:744:25:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                        char returntext[SLAPI_DSE_RETURNTEXT_SIZE] = {0};
data/389-ds-base-1.4.4.8/ldap/servers/slapd/dse.c:1013:21:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
                    open(pdse->dse_configdir, O_PATH | O_DIRECTORY)
data/389-ds-base-1.4.4.8/ldap/servers/slapd/dse.c:1015:21:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
                    open(pdse->dse_configdir, O_RDONLY | O_DIRECTORY)
data/389-ds-base-1.4.4.8/ldap/servers/slapd/dse.c:1045:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char returntext[SLAPI_DSE_RETURNTEXT_SIZE] = "";
data/389-ds-base-1.4.4.8/ldap/servers/slapd/dse.c:1580:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char returntext[SLAPI_DSE_RETURNTEXT_SIZE] = "";
data/389-ds-base-1.4.4.8/ldap/servers/slapd/dse.c:1627:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char returntext[SLAPI_DSE_RETURNTEXT_SIZE] = "";
data/389-ds-base-1.4.4.8/ldap/servers/slapd/dse.c:1802:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char returntext[SLAPI_DSE_RETURNTEXT_SIZE] = "";
data/389-ds-base-1.4.4.8/ldap/servers/slapd/dse.c:2218:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char returntext[SLAPI_DSE_RETURNTEXT_SIZE] = "";
data/389-ds-base-1.4.4.8/ldap/servers/slapd/dse.c:2456:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char returntext[SLAPI_DSE_RETURNTEXT_SIZE] = "";
data/389-ds-base-1.4.4.8/ldap/servers/slapd/dse.c:2459:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *attrs[2] = {NULL, NULL};
data/389-ds-base-1.4.4.8/ldap/servers/slapd/entry.c:353:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                char ebuf[BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/entry.c:371:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                char ebuf[BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/entry.c:886:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                char ebuf[BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/entry.c:1007:21:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                    memcpy(dyn_attrs, stack_attrs,
data/389-ds-base-1.4.4.8/ldap/servers/slapd/entry.c:2727:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(p, bvp->bv_val, bvp->bv_len);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/entry.c:2752:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(p, bvp->bv_val, bvp->bv_len);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/entry.c:2935:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char value[16];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/entry.c:2940:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(value, "%d", l);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/entry.c:2949:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char value[16] = {0};
data/389-ds-base-1.4.4.8/ldap/servers/slapd/entry.c:2954:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(value, "%u", l);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/entry.c:2963:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char value[22] = {0};
data/389-ds-base-1.4.4.8/ldap/servers/slapd/entry.c:2968:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(value, "%ld", l);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/entry.c:2977:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char value[22] = {0};
data/389-ds-base-1.4.4.8/ldap/servers/slapd/entry.c:2982:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(value, "%lld", l);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/entry.c:2991:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char value[22] = {0};
data/389-ds-base-1.4.4.8/ldap/servers/slapd/extendop.c:94:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char *dummyAttrs[2] = {NULL, NULL};
data/389-ds-base-1.4.4.8/ldap/servers/slapd/extendop.c:96:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char dn[128];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/fedse.c:2529:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static const char *easter_egg_photos[NUM_EASTER_EGG_PHOTOS + 1];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/fedse.c:2760:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char eggfilter[64];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/filter.c:1266:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf(buf, "NULL");
data/389-ds-base-1.4.4.8/ldap/servers/slapd/filter.c:1371:13:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
            sprintf(buf, "(%c", f->f_choice == LDAP_FILTER_AND ? '&' : f->f_choice == LDAP_FILTER_OR ? '|' : '!');
data/389-ds-base-1.4.4.8/ldap/servers/slapd/filter.c:1403:13:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
            sprintf(buf, "unsupported type 0x%lX", f->f_choice);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/filterentry.c:276:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char *attrs[2] = {NULL, NULL};
data/389-ds-base-1.4.4.8/ldap/servers/slapd/filterentry.c:285:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char *attrs[2] = {NULL, NULL};
data/389-ds-base-1.4.4.8/ldap/servers/slapd/filterentry.c:336:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char *attrs[2] = {NULL, NULL};
data/389-ds-base-1.4.4.8/ldap/servers/slapd/filterentry.c:344:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char *attrs[2] = {NULL, NULL};
data/389-ds-base-1.4.4.8/ldap/servers/slapd/filterentry.c:387:25:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                        memcpy(type, *ava, type_len);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/filterentry.c:473:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char *attrs[2] = {NULL, NULL};
data/389-ds-base-1.4.4.8/ldap/servers/slapd/filterentry.c:485:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char *attrs[2] = {NULL, NULL};
data/389-ds-base-1.4.4.8/ldap/servers/slapd/filterentry.c:654:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char *attrs[2] = {NULL, NULL};
data/389-ds-base-1.4.4.8/ldap/servers/slapd/filterentry.c:662:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char *attrs[2] = {NULL, NULL};
data/389-ds-base-1.4.4.8/ldap/servers/slapd/filterentry.c:953:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *attrs[2] = {NULL, NULL};
data/389-ds-base-1.4.4.8/ldap/servers/slapd/getsocketpeer.c:86:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char dummy[8];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/ldaputil.c:288:17:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                memcpy(dest, url, src - url);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/ldaputil.c:297:29:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                            memcpy(dest, "%20", 3);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/ldaputil.c:300:29:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                            memcpy(dest, "%3A", 3);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/ldaputil.c:618:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char util_sasl_path[MAXPATHLEN];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/ldaputil.c:1232:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char dnbuf_fixedsize[512], *dnbuf, *dnbuf_dynamic = NULL;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/ldaputil.c:1287:9:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
        strcpy(dnbuf, "dn:");
data/389-ds-base-1.4.4.8/ldap/servers/slapd/ldaputil.c:1558:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char startts[BUFSIZ], endts[BUFSIZ], renewts[BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/ldaputil.c:1784:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char ktname[MAX_KEYTAB_NAME_LEN];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/ldaputil.c:1785:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static char cc_env_name[1024 + 32]; /* size from ccdefname.c */
data/389-ds-base-1.4.4.8/ldap/servers/slapd/ldaputil.c:2244:21:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                    memcpy(rdns[count - 1], rdnstart, len);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/lenstr.c:42:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(l->ls_buf, str, len + 1);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/lenstr.c:51:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(l->ls_buf + l->ls_len, str, len + 1);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/libglobs.c:4313:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(slapdFrontendConfig->localuserinfo, pw, sizeof(struct passwd));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/libglobs.c:7716:11:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
    val = atoi(value);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/libglobs.c:8074:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char initvalbuf[64];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/libglobs.c:8097:47:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                                             (char *)values[ii]->bv_val, errorbuf, apply);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/libglobs.c:8100:50:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                                                (char *)values[ii]->bv_val, cgas->whichlog,
data/389-ds-base-1.4.4.8/ldap/servers/slapd/libglobs.c:8107:46:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                values[ii]->bv_len = strlen((char *)values[ii]->bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/libglobs.c:8439:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char errorbuf[SLAPI_DSE_RETURNTEXT_SIZE];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/libglobs.c:8457:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char errorbuf[SLAPI_DSE_RETURNTEXT_SIZE];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/libglobs.c:8475:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char errorbuf[SLAPI_DSE_RETURNTEXT_SIZE];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/localhost.c:49:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char hostname[MAXHOSTNAMELEN + 1];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/localhost.c:53:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char line[MAXHOSTNAMELEN + 8];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/localhost.c:96:9:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    f = fopen(_PATH_RESCONF, "r"); /* This fopen() will fail on NT, as expected */
data/389-ds-base-1.4.4.8/ldap/servers/slapd/lock.c:31:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[MAXPATHLEN];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/lock.c:35:17:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if ((*lfp = fopen(buf, "w")) == NULL) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/lock.c:50:15:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if ((fp = fopen(fname, type)) == NULL) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/log.c:613:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char buffer[SLAPI_LOG_BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/log.c:1921:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buff[512];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/log.c:2291:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char tbuf[TBUFSIZE];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/log.c:2292:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buffer[SLAPI_LOG_BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/log.c:2368:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buffer[SLAPI_LOG_BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/log.c:2369:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char sev_name[10];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/log.c:2552:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buffer[SLAPI_LOG_BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/log.c:2553:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char vbuf[SLAPI_LOG_BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/log.c:2604:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(&vbuf[vlen-4], "...\n", 4);   /* Replace last characters with three dots and a new line character */
data/389-ds-base-1.4.4.8/ldap/servers/slapd/log.c:2726:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char tbuf[TBUFSIZE];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/log.c:2728:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buffer[BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/log.c:2741:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char newfile[BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/log.c:3005:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buffer[BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/log.c:3006:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char tbuf[TBUFSIZE];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/log.c:3168:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buffer[BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/log.c:3169:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char tbuf[TBUFSIZE];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/log.c:3424:15:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if ((fp = fopen(pathname, "r")) == NULL) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/log.c:3494:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[BUFSIZ], *p;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/log.c:3569:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/log.c:3699:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char buffer[BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/log.c:3731:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/log.c:3732:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char tbuf[TBUFSIZE];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/log.c:3810:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buffer[BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/log.c:3811:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char tbuf[TBUFSIZE] = {0};
data/389-ds-base-1.4.4.8/ldap/servers/slapd/log.c:3988:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buffer[BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/log.c:3989:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char tbuf[TBUFSIZE];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/log.c:4155:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buffer[BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/log.c:4156:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char tbuf[TBUFSIZE];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/log.c:4324:15:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if ((fp = fopen(pathname, "r")) == NULL) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/log.c:4411:15:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if ((fp = fopen(pathname, "r")) == NULL) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/log.c:4498:15:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if ((fp = fopen(pathname, "r")) == NULL) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/log.c:4609:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char tbuf[TBUFSIZE];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/log.c:4611:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buffer[BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/log.c:4638:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char newfile[BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/log.c:4785:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char tbuf[TBUFSIZE];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/log.c:4787:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buffer[BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/log.c:4800:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char newfile[BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/log.c:4918:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char tbuf[TBUFSIZE];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/log.c:4920:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buffer[BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/log.c:4933:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char newfile[BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/log.c:5110:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(insert_point, msg1, size1);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/log.c:5111:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(insert_point + size1, msg2, size2);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/main.c:137:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char file[MAXPATHLEN + 1];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/main.c:207:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(slapdFrontendConfig->localuserinfo, pw, sizeof(struct passwd));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/main.c:288:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char errorbuf[SLAPI_DSE_RETURNTEXT_SIZE];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/main.c:402:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char sbuf[128];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/main.c:424:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(buf, "i386-unknown-solaris");
data/389-ds-base-1.4.4.8/ldap/servers/slapd/main.c:426:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(buf, "unknown-unknown-solaris");
data/389-ds-base-1.4.4.8/ldap/servers/slapd/main.c:434:10:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    fp = fopen("/etc/release", "r");
data/389-ds-base-1.4.4.8/ldap/servers/slapd/main.c:464:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[8192];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/main.c:502:43:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if ((start_pid_file != NULL) && (fp = fopen(start_pid_file, "w")) != NULL) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/main.c:534:19:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        int val = atoi(m);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/main.c:1163:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char errorbuf[SLAPI_DSE_RETURNTEXT_SIZE];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/main.c:1659:43:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            mcfg->ldif2db_removedupvals = atoi(optarg_ext); /* We overload this flag---ok since we always check for dupes in the new code */
data/389-ds-base-1.4.4.8/ldap/servers/slapd/main.c:1980:15:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    if((cn = (char *)slapi_entry_attr_get_ref(entries[0], "cn"))) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/main.c:2770:22:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            level |= atoi(cur);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/main.c:2873:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char errorbuf[SLAPI_DSE_RETURNTEXT_SIZE];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/mapping_tree.c:1504:25:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                        char errorbuf[SLAPI_DSE_RETURNTEXT_SIZE] = {0};
data/389-ds-base-1.4.4.8/ldap/servers/slapd/mapping_tree.c:3680:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static char dump_indent[256];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/modify.c:230:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char ebuf[SLAPI_DSE_RETURNTEXT_SIZE];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/modify.c:607:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char errorbuf[SLAPI_DSE_RETURNTEXT_SIZE];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/modrdn.c:400:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char errorbuf[SLAPI_DSE_RETURNTEXT_SIZE];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/monitor.c:42:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/monitor.c:134:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/operation.c:476:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(sop_new, sop, sizeof(struct slapi_operation_parameters));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/opshared.c:108:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[SLAPI_TIMESTAMP_BUFSIZE];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/opshared.c:239:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char attrlistbuf[1024], *attrliststr, **attrs = NULL;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/opshared.c:329:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char fmtstr[SLAPI_ACCESS_LOG_FMTBUF];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/opshared.c:469:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char errorbuf[SLAPI_DSE_RETURNTEXT_SIZE];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/pagedresults.c:158:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(ptr, cookie.bv_val, cookie.bv_len);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/pblock.c:125:10:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    fp = fopen("/tmp/pblock_stats.csv", "a");
data/389-ds-base-1.4.4.8/ldap/servers/slapd/plugin.c:256:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char returntext[SLAPI_DSE_RETURNTEXT_SIZE] = "";
data/389-ds-base-1.4.4.8/ldap/servers/slapd/plugin.c:295:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char argname[64];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/plugin.c:648:17:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
                strcat(names_list, ", ");
data/389-ds-base-1.4.4.8/ldap/servers/slapd/plugin.c:1164:30:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                    value = (char *)slapi_entry_attr_get_ref(config[plugin_index].e, ATTR_PLUGIN_ENABLED);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/plugin.c:1605:30:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                    value = (char *)slapi_entry_attr_get_ref(config[plugin_index].e, ATTR_PLUGIN_ENABLED);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/plugin.c:2369:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char returntext[SLAPI_DSE_RETURNTEXT_SIZE];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/plugin.c:2738:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char attrname[SLAPD_TYPICAL_ATTRIBUTE_NAME_MAX_LENGTH];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/plugin.c:3051:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char output[1024];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/plugin_acl.c:208:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *attrs[2] = {NULL, NULL};
data/389-ds-base-1.4.4.8/ldap/servers/slapd/plugin_mr.c:41:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *any[2];                   /* at most one value for extensible filter */
data/389-ds-base-1.4.4.8/ldap/servers/slapd/plugin_syntax.c:283:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char errtext[BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/plugin_syntax.c:362:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char errtext[BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/plugin_syntax.c:460:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char errtext[BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/protect_db.c:44:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char lockfile[MAXPATHLEN];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/protect_db.c:61:15:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if ((fd = open(lockfile, O_RDWR | O_CREAT | O_EXCL, 0644)) != -1) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/protect_db.c:84:23:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
            if ((fd = open(lockfile, O_RDWR | O_CREAT | O_EXCL, 0644)) != -1) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/protect_db.c:98:19:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        if ((fd = open(lockfile, O_RDONLY)) != -1) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/protect_db.c:129:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char lockfile[MAXPATHLEN];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/protect_db.c:197:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char file_name[MAXPATHLEN];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/protect_db.c:241:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char file_name[MAXPATHLEN];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/protect_db.c:291:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char file_name[MAXPATHLEN];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/protect_db.c:328:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char import_dir[MAXPATHLEN];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/protect_db.c:329:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char export_dir[MAXPATHLEN];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/protect_db.c:330:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char server_dir[MAXPATHLEN];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/protect_db.c:358:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char import_dir[MAXPATHLEN];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/protect_db.c:359:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char export_dir[MAXPATHLEN];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/protect_db.c:360:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char server_dir[MAXPATHLEN];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/protect_db.c:511:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char server_dir[MAXPATHLEN];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/pw.c:171:31:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        pwsp = pw_val2scheme((char *)slapi_value_get_string(vals[i]), &valpwd, 1);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/pw.c:329:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *end, buf[PWD_MAX_NAME_LEN + 1];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/pw.c:350:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(buf, val + 1, namelen);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/pw.c:417:36:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        if ((pwsp = pw_val2scheme((char *)slapi_value_get_string(vals[i]), NULL, 0)) != NULL) { /* JCM Innards */
data/389-ds-base-1.4.4.8/ldap/servers/slapd/pw.c:421:41:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                enc = (*pwsp->pws_enc)((char *)slapi_value_get_string(vals[i]));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/pw.c:429:43:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        if ((!enc) && ((enc = (*pws_enc)((char *)slapi_value_get_string(vals[i]))) == NULL)) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/pw.c:448:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *end, buf[3 * PWD_MAX_NAME_LEN + 1];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/pw.c:460:17:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                memcpy(buf, cipher + 1, namelen);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/pw.c:467:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                    char algid_buf[256];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/pw.c:470:21:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                    memcpy(algid_buf, delim + 1, (end - delim));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/pw.c:481:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(buf, cipher + 1, namelen);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/pw.c:598:49:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                        prefixOK = checkPrefix((char *)slapi_value_get_string(vals[i]),
data/389-ds-base-1.4.4.8/ldap/servers/slapd/pw.c:612:53:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                        if ((enc = (pwsp->pws_enc)((char *)slapi_value_get_string(vals[i]))) == NULL) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/pw.c:876:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                    char token[11] = {0};
data/389-ds-base-1.4.4.8/ldap/servers/slapd/pw.c:878:21:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                    memcpy(token, new + (i - max_seq), max_seq);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/pw.c:896:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                    char token[11] = {0};
data/389-ds-base-1.4.4.8/ldap/servers/slapd/pw.c:898:21:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                    memcpy(token, new + (i - max_seq), max_seq);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/pw.c:980:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char errormsg[SLAPI_DSE_RETURNTEXT_SIZE] = {0};
data/389-ds-base-1.4.4.8/ldap/servers/slapd/pw.c:1013:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char errormsg[SLAPI_DSE_RETURNTEXT_SIZE] = {0};
data/389-ds-base-1.4.4.8/ldap/servers/slapd/pw.c:1055:31:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        if (slapi_is_encoded((char *)slapi_value_get_string(vals[i]))) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/pw.c:1083:20:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            pwd = (char *)slapi_value_get_string(vals[i]);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/pw.c:1297:39:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                if (slapi_is_encoded((char *)slapi_value_get_string(vals[0]))) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/pw.c:1564:28:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char *h_val = (char *)slapi_value_get_string(history_vals[i]);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/pw.c:1606:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[22] = {0};
data/389-ds-base-1.4.4.8/ldap/servers/slapd/pw.c:1610:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(buf, "%ld", time);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/pw.c:3338:30:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    curpwsp = pw_val2scheme((char *)slapi_value_get_string(password_values[0]), NULL, 1);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/pw_mgmt.c:76:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char graceUserTime[16] = {0};
data/389-ds-base-1.4.4.8/ldap/servers/slapd/pw_mgmt.c:184:13:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
            sprintf(graceUserTime, "%d", pwdGraceUserTime);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/pw_retry.c:129:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char retry_cnt[16] = {0}; /* 1-65535 */
data/389-ds-base-1.4.4.8/ldap/servers/slapd/pw_retry.c:140:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf(retry_cnt, "%d", count);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/referral.c:209:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(urlscopy[i]->bv_val, urls[i]->bv_val, len);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/referral.c:225:13:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
            strcat(urlscopy[i]->bv_val, "??base");
data/389-ds-base-1.4.4.8/ldap/servers/slapd/regex.c:234:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(mydst, substring_start, thislen);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/result.c:100:25:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        PL_strncasecmp((char *)ldap_url[0]->bv_val, REFERRAL_REMOVE_CMD, ldap_url[0]->bv_len) == 0) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/result.c:492:13:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
            strcat(buf, "Referral:");
data/389-ds-base-1.4.4.8/ldap/servers/slapd/result.c:908:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *attrs[2] = {NULL, NULL};
data/389-ds-base-1.4.4.8/ldap/servers/slapd/result.c:972:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *attrs[2] = {NULL, NULL};
data/389-ds-base-1.4.4.8/ldap/servers/slapd/result.c:1908:17:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
                strcpy(p, "notes=");
data/389-ds-base-1.4.4.8/ldap/servers/slapd/result.c:1912:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(p, notemap[i].snp_string, len);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/result.c:1946:17:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
                strcpy(p, " details=\"");
data/389-ds-base-1.4.4.8/ldap/servers/slapd/result.c:1950:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(p, notemap[i].snp_detail, len);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/result.c:1973:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char notes_buf[256] = {0};
data/389-ds-base-1.4.4.8/ldap/servers/slapd/result.c:1976:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char csn_str[CSN_STRSIZE + 5];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/result.c:1977:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char etime[ETIME_BUFSIZ] = {0};
data/389-ds-base-1.4.4.8/ldap/servers/slapd/result.c:1978:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char wtime[ETIME_BUFSIZ] = {0};
data/389-ds-base-1.4.4.8/ldap/servers/slapd/result.c:1979:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char optime[ETIME_BUFSIZ] = {0};
data/389-ds-base-1.4.4.8/ldap/servers/slapd/result.c:2022:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char tmp_csn_str[CSN_STRSIZE];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/rewriters.c:195:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char entry_string[1024] = {0};
data/389-ds-base-1.4.4.8/ldap/servers/slapd/rootdse.c:267:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf(buf, "%u", clsize);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/rootdse.c:343:17:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
                strcpy(returntext, "Modification of these root DSE attributes not allowed");
data/389-ds-base-1.4.4.8/ldap/servers/slapd/sasl_io.c:182:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char buffer[SASL_IO_BUFFER_START_SIZE];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/sasl_io.c:218:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(sp->encrypted_buffer + sp->encrypted_buffer_offset, buffer, ret);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/sasl_io.c:281:22:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            unsigned char mybuf[SASL_IO_BUFFER_SIZE];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/sasl_io.c:305:17:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                memcpy(sp->encrypted_buffer + sp->encrypted_buffer_offset, mybuf, ret);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/sasl_io.c:456:17:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                memcpy(buf, sp->encrypted_buffer, sp->encrypted_buffer_count);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/sasl_io.c:504:21:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                    memcpy(sp->decrypted_buffer, output_buffer, output_length);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/sasl_io.c:524:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(buf, sp->decrypted_buffer + sp->decrypted_buffer_offset, bytes_to_return);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/sasl_map.c:364:20:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        priority = atoi(priority_str);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/sasl_map.c:602:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char escape_base[BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/sasl_map.c:603:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char escape_filt[BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/saslbind.c:372:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(ret, buf, buflen);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/saslbind.c:876:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char authtype[256]; /* >26 (strlen(SLAPD_AUTH_SASL)+SASL_MECHNAMEMAX+1) */
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:323:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(value, attrVal->bv_val, attrVal->bv_len);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:528:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char errtext[BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:606:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char ebuf[BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:828:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char errtext[BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:897:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char errtext[BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:898:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char ebuf[BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:1410:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *outp, syntaxlengthbuf[128];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:1445:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf(syntaxlengthbuf, "{%d}", asip->asi_syntaxlength);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:1752:13:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
            strcat(psbObjectClasses->buffer, " DESC '");
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:1778:17:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
                strcat(psbObjectClasses->buffer, "SUP ");
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:1856:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char csn_str[CSN_STRSIZE + 1];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:1995:33:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        schema_dse_attr_name = (char *)mods[i]->mod_type;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:2077:29:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                            char new_csn_string[CSN_STRSIZE + 1];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:2079:29:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                            memcpy(new_csn_string, mods[i]->mod_bvalues[0]->bv_val,
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:2214:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                char csn_str[CSN_STRSIZE + 1];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:2277:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char csn_str[CSN_STRSIZE + 1];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:3153:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char ebuf[SLAPI_DSE_RETURNTEXT_SIZE];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:3536:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char ebuf[SLAPI_DSE_RETURNTEXT_SIZE];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:4255:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *myschemadirs[2] = {SYSTEMSCHEMADIR, NULL};
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:4310:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char errorbuf[SLAPI_DSE_RETURNTEXT_SIZE] = {0};
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:4469:21:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
                    strcat(p, " $ ");
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:4473:13:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
            strcat(p, " ) ");
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:5135:5:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
    strcat(oc_str, " DESC '");
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:5143:9:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
        strcat(oc_str, " SUP '");
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:5153:9:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
        strcat(oc_str, " MUST ( ");
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:5156:17:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
                strcat(oc_str, " $ ");
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:5160:9:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
        strcat(oc_str, " ) ");
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:5165:9:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
        strcat(oc_str, " MAY ( ");
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:5168:17:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
                strcat(oc_str, " $ ");
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:5172:9:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
        strcat(oc_str, " ) ");
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:5177:9:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
        strcat(oc_str, " X-ORIGIN 'blahblahblah'");
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:5180:5:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
    strcat(oc_str, " )");
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:5615:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *a1_mrtype[3] = {a1->asi_mr_equality, a1->asi_mr_substring, a1->asi_mr_ordering};
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:5616:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *a2_mrtype[3] = {a2->asi_mr_equality, a2->asi_mr_substring, a2->asi_mr_ordering};
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:5913:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char errorbuf[SLAPI_DSE_RETURNTEXT_SIZE] = {0};
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:5959:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char errorbuf[SLAPI_DSE_RETURNTEXT_SIZE] = {0};
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:6336:21:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                    memcpy(at2learn->new_value, bv->bv_val, bv->bv_len);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:6367:21:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                    memcpy(oc2learn->new_value, bv->bv_val, bv->bv_len);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:6499:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(oc2learn->new_value, bv->bv_val, bv->bv_len);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:6528:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(at2learn->new_value, bv->bv_val, bv->bv_len);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/search.c:274:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                char *dummyary[2];                                                 /* need a char ** for charray_merge_nodup */
data/389-ds-base-1.4.4.8/ldap/servers/slapd/search.c:326:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char abuf[1024], *astr;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/security_wrappers.c:239:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[sizeof (PRIu64)];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/security_wrappers.c:255:11:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
    val = atoi(buf);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/slap.h:28:8:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static char tokPBE[34] = "Communicator Generic Crypto Svcs";
data/389-ds-base-1.4.4.8/ldap/servers/slapd/slap.h:29:8:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static char ptokPBE[34] = "Internal (Software) Token        ";
data/389-ds-base-1.4.4.8/ldap/servers/slapd/slap.h:1760:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char task_date[SLAPI_TIMESTAMP_BUFSIZE]; /* Date/time when task was created */
data/389-ds-base-1.4.4.8/ldap/servers/slapd/slap.h:1971:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char dsName[SNMP_FIELD_LENGTH];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/slap.h:1978:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char dsURL[SNMP_FIELD_LENGTH];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/slapi-private.h:1220:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
const char *escape_string(const char *str, char buf[BUFSIZ]);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/slapi-private.h:1220:33:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
const char *escape_string(const char *str, char buf[BUFSIZ]);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/slapi-private.h:1220:44:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
const char *escape_string(const char *str, char buf[BUFSIZ]);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/slapi-private.h:1221:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
const char *escape_string_with_punctuation(const char *str, char buf[BUFSIZ]);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/slapi-private.h:1221:50:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
const char *escape_string_with_punctuation(const char *str, char buf[BUFSIZ]);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/slapi-private.h:1221:61:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
const char *escape_string_with_punctuation(const char *str, char buf[BUFSIZ]);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/slapi-private.h:1222:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
const char *escape_string_for_filename(const char *str, char buf[BUFSIZ]);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/slapi-private.h:1222:46:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
const char *escape_string_for_filename(const char *str, char buf[BUFSIZ]);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/slapi-private.h:1222:57:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
const char *escape_string_for_filename(const char *str, char buf[BUFSIZ]);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/slapi_pal.c:76:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char s[40] = {0};
data/389-ds-base-1.4.4.8/ldap/servers/slapd/slapi_pal.c:86:9:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    f = fopen(name, "r");
data/389-ds-base-1.4.4.8/ldap/servers/slapd/slapi_pal.c:129:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char s[MAXPATHLEN + 1] = {0};
data/389-ds-base-1.4.4.8/ldap/servers/slapd/slapi_pal.c:132:9:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    f = fopen("/proc/self/cgroup", "r");
data/389-ds-base-1.4.4.8/ldap/servers/slapd/slapi_pal.c:170:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char f_proc_status[30] = {0};
data/389-ds-base-1.4.4.8/ldap/servers/slapd/slapi_pal.c:171:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(f_proc_status, "/proc/%d/status", getpid());
data/389-ds-base-1.4.4.8/ldap/servers/slapd/slapi_pal.c:252:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char s[MAXPATHLEN + 33] = {0};
data/389-ds-base-1.4.4.8/ldap/servers/slapd/slapi_pal.c:370:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char fn[40];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/slapi_pal.c:373:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(fn, "/proc/%d", getpid());
data/389-ds-base-1.4.4.8/ldap/servers/slapd/slapi_pal.c:374:10:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    fd = open(fn, O_RDONLY);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/snmp_collator.c:72:8:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static char szStatsFile[_MAX_PATH];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/snmp_collator.c:73:8:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static char stats_sem_name[_MAX_PATH];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/snmp_collator.c:710:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char value[40];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/ssl.c:175:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[2048];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/ssl.c:583:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *t, err[MAGNUS_ERROR_LEN];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/ssl.c:801:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *values[2];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/ssl.c:935:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char sline[1024];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/ssl.c:939:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char root[256] = {0}; /* path which forms the root of the mount */
data/389-ds-base-1.4.4.8/ldap/servers/slapd/ssl.c:940:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char mountpoint[256] = {0}; /* path of the mountpoint relative to process root directory */
data/389-ds-base-1.4.4.8/ldap/servers/slapd/ssl.c:941:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char rest[256] = {0};
data/389-ds-base-1.4.4.8/ldap/servers/slapd/ssl.c:948:9:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    f = fopen("/proc/self/mountinfo", "r");
data/389-ds-base-1.4.4.8/ldap/servers/slapd/ssl.c:1017:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char dmin[VERSION_STR_LENGTH], dmax[VERSION_STR_LENGTH];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/ssl.c:1018:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char smin[VERSION_STR_LENGTH], smax[VERSION_STR_LENGTH];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/ssl.c:1242:16:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
    stimeout = atoi(val);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/ssl.c:1356:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char dmin[VERSION_STR_LENGTH], dmax[VERSION_STR_LENGTH];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/ssl.c:1512:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char errorbuf[SLAPI_DSE_RETURNTEXT_SIZE] = {0};
data/389-ds-base-1.4.4.8/ldap/servers/slapd/ssl.c:1525:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char mymin[VERSION_STR_LENGTH], mymax[VERSION_STR_LENGTH];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/ssl.c:1626:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char cert_name[1024];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/ssl.c:2057:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char cert_name[1024];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/ssl.c:2315:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static char tmp[MAXPATHLEN];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/ssl.c:2327:9:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
        strcpy(tmp, "/tmp");
data/389-ds-base-1.4.4.8/ldap/servers/slapd/ssl.c:2596:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                    char buf[BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/ssl.c:2630:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                    char buf[BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/ssl.c:2833:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char randomPassword[RAND_PASS_LEN] = {0};
data/389-ds-base-1.4.4.8/ldap/servers/slapd/ssl.c:2907:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char buf[BUFSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/task.c:221:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buffer[LOG_BUFFER];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/task.c:280:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buffer[LOG_BUFFER];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/task.c:335:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char s1[20], s2[20], s3[20];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/task.c:346:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(s1, "%d", task->task_exitcode);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/task.c:347:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(s2, "%d", task->task_progress);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/task.c:348:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(s3, "%d", task->task_work);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/task.c:383:19:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            ttl = atoi(slapi_fetch_attr(e, "ttl", DEFAULT_TTL));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/task.c:481:11:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    const char *objectclass[3];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/task.c:482:11:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    const char *cnvals[2];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/task.c:1033:29:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
    int32_t removedupvals = atoi(slapi_fetch_attr(e, "nsImportChunkSize", "0"));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/task.c:2066:16:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        file = fopen(filename, "r");
data/389-ds-base-1.4.4.8/ldap/servers/slapd/task.c:2080:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char line[4096];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/task.c:2095:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                char env_value[sizeof(line)] = {0};
data/389-ds-base-1.4.4.8/ldap/servers/slapd/task.c:2096:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                char env_var[sizeof(line)] = {0};
data/389-ds-base-1.4.4.8/ldap/servers/slapd/task.c:2229:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char deletion_csn_str[CSN_STRSIZE];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/task.c:2230:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *val[2];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/task.c:2768:33:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                    if ((val = (char *)slapi_entry_attr_get_ref(entries[ii], attrs[i]))) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/task.c:2777:29:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                            char *replace_val[2];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tempnam.c:41:5:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
    strcat(s, "XXXXXX");
data/389-ds-base-1.4.4.8/ldap/servers/slapd/test-plugins/testbind.c:58:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *dn, *attrs[2] = {SLAPI_USERPWD_ATTR, NULL};
data/389-ds-base-1.4.4.8/ldap/servers/slapd/test-plugins/testdbinterop.c:30:11:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    (db)->open((db), (txnid), (file), (database), (type), (flags), (mode))
data/389-ds-base-1.4.4.8/ldap/servers/slapd/test-plugins/testdbinterop.c:52:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(key_string, "key%ld", key_long);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/test-plugins/testgetip.c:61:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char addrbuf[512], *addrstr;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/test-plugins/testpostop.c:244:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(into, "%.4li%.2i%.2i%.2i%.2i%.2i",
data/389-ds-base-1.4.4.8/ldap/servers/slapd/test-plugins/testpostop.c:286:15:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if ((fp = fopen(changelogfile, "ab")) == NULL) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/test-plugins/testpreop.c:129:13:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
            strcpy(tmp, "BOB ");
data/389-ds-base-1.4.4.8/ldap/servers/slapd/time.c:163:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char tbuf[*bufsize];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/time.c:214:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char tbuf[*bufsize];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/dbscan.c:96:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char rdn_elem_id[sizeof(ID)];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/dbscan.c:97:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char rdn_elem_nrdn_len[2]; /* ushort; length including '\0' */
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/dbscan.c:98:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char rdn_elem_rdn_len[2];  /* ushort; length including '\0' */
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/dbscan.c:99:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char rdn_elem_nrdn_rdn[1]; /* "normalized rdn" '\0' "rdn" '\0' */
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/dbscan.c:171:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(idl, xidl, data->size);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/dbscan.c:245:13:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
            strcpy((char *)o, " ...");
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/dbscan.c:284:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf((char *)buf + strlen(buf), "%d ", idl->id[i]);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/dbscan.c:367:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy((char *)&mod_count, *buff, sizeof(mod_count));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/dbscan.c:389:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy((char *)&bv_len, *buff, sizeof(bv_len));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/dbscan.c:401:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(val, *buff, bv_len);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/dbscan.c:459:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy((char *)&val_count, pos, sizeof(val_count));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/dbscan.c:481:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy((char *)&val_count, pos, sizeof(val_count));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/dbscan.c:537:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy((char *)&thetime32, pos, sizeof(thetime32));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/dbscan.c:797:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buffer[1024];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/dbscan.c:842:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buffer[1024];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/dbscan.c:884:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buffer[1024];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/dbscan.c:958:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buffer[RDN_BULK_FETCH_BUFFER_SIZE];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/dbscan.c:1162:36:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            uint32_t tmpmaxbufsz = atoi(optarg);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/dbscan.c:1181:27:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            min_display = atoi(optarg) + 1;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/dbscan.c:1193:39:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            id_internal_to_stored((ID)atoi(optarg), (char *)&entry_id);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/dbscan.c:1196:27:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            truncatesiz = atoi(optarg);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/dbscan.c:1226:16:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    ret = env->open(env, NULL, DB_CREATE | DB_INIT_MPOOL | DB_PRIVATE, 0);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/dbscan.c:1239:15:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    ret = db->open(db, NULL, filename, NULL, DB_UNKNOWN, DB_RDONLY, 0);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldaptool-sasl.c:295:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char pbuf[257];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/data.c:81:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char name[1024];        /* To build the full path */
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/data.c:155:18:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
            fd = open(name, O_RDONLY);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/data.c:308:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char line[MAX_FILTER]; /* To read ifile */
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/data.c:313:13:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    ifile = fopen(dlf->fname, "r");
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldap-private.h:121:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char lfd_filter[LDAP_FILT_MAXSIZ];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldap-private.h:235:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *ld_error[MAX_THREAD_ID]; /* thread-specific */
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldap-private.h:237:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *ld_matched[MAX_THREAD_ID]; /* thread-specific */
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldap-private.h:239:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char **ld_referrals[MAX_THREAD_ID]; /* thread-specific */
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldap-private.h:255:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *ld_attrbuffer[MAX_THREAD_ID];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldapfct.c:935:13:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
            sprintf(tttctx->buf2, "%0*d", (mctx.mod2 & M2_NOZEROPAD) ? 0 : field->nb, num);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldapfct.c:954:13:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
            sprintf(tttctx->buf2, "%0*d", (mctx.mod2 & M2_NOZEROPAD) ? 0 : field->nb, num);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldapfct.c:1093:17:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
                sprintf(tttctx->buf2, "%0*d", (mctx.mod2 & M2_NOZEROPAD) ? 0 : mctx.randomNbDigit, val); /*JLS 14-03-01*/
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldapfct.c:1105:17:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
                sprintf(tttctx->buf2, "%0*d", (mctx.mod2 & M2_NOZEROPAD) ? 0 : mctx.randomNbDigit, tttctx->lastVal);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldapfct.c:1147:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(attrs[nb], newattr, sizeof(LDAPMod));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldapfct.c:1645:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char attrName[256]; /* nodeDN's rdn attribute name */
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldapfct.c:1646:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char attrVal[256];  /* nodeDN's rdn attribute value */
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldapfct.c:2075:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char oldDn[MAX_DN_LENGTH]; /* DN of the entry to rename */
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldapfct.c:2392:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char newDn[MAX_DN_LENGTH];   /* DN of the new entry */
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldapfct.c:2448:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char newDn[MAX_DN_LENGTH];   /* DN of the new entry */
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldapfct.c:2648:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char newDn[MAX_DN_LENGTH];   /* DN of the new entry */
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldapfct.c:2789:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char newDn[MAX_DN_LENGTH];   /* DN of the new entry */
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldapfct.c:2932:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char delDn[MAX_DN_LENGTH]; /* The entry to delete */
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldapfct.c:3166:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char *attrs[2];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldclt.c:145:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(dst, src, sizeof(vers_field));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldclt.c:250:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(tttctx->thrdId, "T%03d", tttctx->thrdNum);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldclt.c:474:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char timestamp[128];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldclt.c:636:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[256]; /* To build the error strings */
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldclt.c:939:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buffer[BUFFERSIZE]; /* buffer used to read attreplacefile content */
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldclt.c:981:32:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
            mctx.genldifFile = open(mctx.genldifName, O_RDONLY); /*JLS 02-04-01*/
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldclt.c:997:28:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        mctx.genldifFile = open(mctx.genldifName, oflags, 0666); /*JLS 05-04-01*/
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldclt.c:1203:14:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        fd = open(mctx.attrplFile, O_RDONLY);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldclt.c:1233:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(mctx.attrplFileContent + i, buffer, ret);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldclt.c:1243:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(mctx.attrplFileContent + i, buffer, (mctx.attrplFileSize - 1 - i));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldclt.c:1890:30:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            mctx.attrsonly = atoi(subvalue);                       /*JLS 03-01-01*/
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldclt.c:1937:29:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
                mctx.incr = atoi(subvalue);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldclt.c:2009:31:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            mctx.baseDNHigh = atoi(subvalue);                           /*JLS 13-11-00*/
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldclt.c:2018:30:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            mctx.baseDNLow = atoi(subvalue);                            /*JLS 13-11-00*/
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldclt.c:2043:31:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            mctx.bindDNHigh = atoi(subvalue);                           /*JLS 05-01-01*/
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldclt.c:2052:30:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            mctx.bindDNLow = atoi(subvalue);                            /*JLS 05-01-01*/
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldclt.c:2063:37:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            mctx.sasl_authid_high = atoi(subvalue);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldclt.c:2071:36:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            mctx.sasl_authid_low = atoi(subvalue);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldclt.c:2095:33:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            s1ctx.cnxduration = atoi(subvalue); /*JLS 12-01-01*/
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldclt.c:2104:30:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            s1ctx.maxcnxnb = atoi(subvalue);                           /*JLS 12-01-01*/
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldclt.c:2113:26:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            s1ctx.wait = atoi(subvalue);                               /*JLS 12-01-01*/
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldclt.c:2137:34:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            mctx.srch_nentries = atoi(subvalue);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldclt.c:2140:29:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            mctx.sampling = atoi(subvalue);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldclt.c:2230:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char verStr[40]; /* Version string */             /*JLS 13-03-01*/
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldclt.c:2312:29:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            mctx.asyncMax = atoi(optarg);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldclt.c:2326:30:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            mctx.maxErrors = atoi(optarg);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldclt.c:2338:31:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            mctx.inactivMax = atoi(optarg);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldclt.c:2343:39:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
                if (mctx.ignErr[i] == atoi(optarg)) /*JLS 18-12-00*/
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldclt.c:2351:44:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            mctx.ignErr[mctx.ignErrNb++] = atoi(optarg);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldclt.c:2354:30:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            mctx.nbThreads = atoi(optarg);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldclt.c:2357:30:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            mctx.nbSamples = atoi(optarg);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldclt.c:2365:25:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            mctx.port = atoi(optarg);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldclt.c:2368:26:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            masterPort = atoi(optarg);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldclt.c:2378:30:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            mctx.randomLow = atoi(optarg);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldclt.c:2381:31:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            mctx.randomHigh = atoi(optarg);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldclt.c:2388:28:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            mctx.timeout = atoi(optarg);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldclt.c:2395:29:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            mctx.totalReq = atoi(optarg);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldclt.c:2408:28:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            mctx.waitSec = atoi(optarg);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldclt.h:482:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *var[VAR_MAX - VAR_MIN];           /*JLS 21-03-01*/
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldclt.h:495:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *attrlist[MAX_ATTRIBS];               /*JLS 15-03-01*/
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldclt.h:585:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *slaves[MAX_SLAVES];   /* Slaves list */
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldclt.h:610:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char dn[MAX_DN_LENGTH];  /* entry's dn */
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldclt.h:612:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char str[MAX_DN_LENGTH]; /* free str */
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldclt.h:625:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *attrlist[MAX_ATTRIBS];                       /*JLS 15-03-01*/
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldclt.h:641:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char thrdId[8]; /* This thread ident */            /*JLS 08-01-01*/
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldclt.h:648:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf2[MAX_FILTER];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/opCheck.c:518:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char recbuf[1500];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/opCheck.c:738:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buffer[128];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/parser.c:115:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char how[MAX_FILTER];    /* To parse the variant : */
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/parser.c:116:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char first[MAX_FILTER];  /*   how(first)              */
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/parser.c:117:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char second[MAX_FILTER]; /*   how(first,second)       */
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/parser.c:118:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char third[MAX_FILTER];  /*   how(first,second,third) */
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/parser.c:267:22:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        field->cnt = atoi(first);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/parser.c:268:22:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        field->low = atoi(first);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/parser.c:269:23:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        field->high = atoi(second);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/parser.c:270:21:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        field->nb = atoi(third);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/parser.c:287:21:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        field->nb = atoi(first);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/parser.c:317:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char variant[MAX_FILTER]; /* To process the variant */
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/parser.c:475:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char line[MAX_FILTER]; /* To read ifile */
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/parser.c:481:13:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    ifile = fopen(obj->fname, "r");
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/remote.h:41:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char dn[sizeof(uint32_t)];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/repcheck.c:98:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static char logline[512];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/repcheck.c:110:20:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            port = atoi(optarg);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/repslave.c:225:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static char logline[512];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/repslave.c:239:20:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            port = atoi(optarg);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/repslave.c:270:68:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            srvlist[nsrv].addr.sin_port = htonl((hp == hf ? port : atoi(hp)));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/scalab01.c:438:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char bindDN[MAX_DN_LENGTH] = {0}; /* To bind */
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/scalab01.c:487:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *attrs[2];   /* Attribute to retrieve */
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/scalab01.c:588:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *pvalues[2];     /* To build the values list */
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/scalab01.c:629:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[20]; /* To read/write attribute */
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/scalab01.c:646:19:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        account = atoi(buf);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/scalab01.c:657:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(buf, "%d", account + user->cost);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/scalab01.c:825:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[32]; /* To read attributes value */
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/scalab01.h:64:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char dn[MAX_DN_LENGTH]; /* User's DN */
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/scalab01.h:79:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *locking[SCALAB01_MAX_LOCKING];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/srv.c:61:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static char buff[512];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/srv.c:70:20:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            port = atoi(optarg);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/utils.c:101:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(buf, "%0*d", ndigits,
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/mkdep.c:36:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char __depname[512] = "\n\t@touch ";
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/mkdep.c:45:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buffer[256 - sizeof(int)];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/mkdep.c:56:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(path.buffer + path.len, name, len);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/mkdep.c:219:10:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    fd = open(filename, O_RDONLY);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/mkdep.c:272:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(depname, filename, len + 1);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/pwenc.c:92:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char errorbuf[SLAPI_DSE_RETURNTEXT_SIZE];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/pwenc.c:284:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char configfile[MAXPATHLEN + 1];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/pwenc.c:290:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char returntext[SLAPI_DSE_RETURNTEXT_SIZE] = "";
data/389-ds-base-1.4.4.8/ldap/servers/slapd/uniqueid.c:250:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(uIdDup, uId, sizeof(Slapi_UniqueID));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/upgrade.c:68:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char *add_val[2];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/utf8.c:46:8:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static char UTF8len[64] = {1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
data/389-ds-base-1.4.4.8/ldap/servers/slapd/utf8compare.c:855:17:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                memcpy(lp, p, sz);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/utf8compare.c:863:17:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                memcpy(lp, p, sz);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/utf8compare.c:865:17:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                memcpy(lp, ultp->lower, ultp->tsz);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/utf8compare.c:868:17:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                memcpy(lp, p, sz);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/utf8compare.c:873:17:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                memcpy(lp, p, sz);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/utf8compare.c:881:17:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                memcpy(lp, p, sz);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/utf8compare.c:883:17:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                memcpy(lp, ultp->lower, sz);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/utf8compare.c:885:17:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                memcpy(lp, p, sz);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/utf8compare.c:889:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(lp, p, sz);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/utf8compare.c:1839:17:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                memcpy(up, p, sz);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/utf8compare.c:1847:17:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                memcpy(up, p, sz);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/utf8compare.c:1849:17:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                memcpy(up, ultp->upper, ultp->tsz);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/utf8compare.c:1852:17:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                memcpy(up, p, sz);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/utf8compare.c:1857:17:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                memcpy(up, p, sz);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/utf8compare.c:1865:17:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                memcpy(up, p, sz);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/utf8compare.c:1867:17:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                memcpy(up, ultp->upper, sz);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/utf8compare.c:1869:17:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                memcpy(up, p, sz);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/utf8compare.c:1873:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(up, p, sz);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/util.c:108:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[BUFSIZ],
data/389-ds-base-1.4.4.8/ldap/servers/slapd/util.c:136:21:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                    memcpy(bufNext, first, s - first);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/util.c:145:25:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                        memcpy(bufNext, "..", 2);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/util.c:154:29:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                            memcpy(bufNext, s, 3);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/util.c:197:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
const char *
data/389-ds-base-1.4.4.8/ldap/servers/slapd/util.c:198:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
escape_string(const char *str, char buf[BUFSIZ])
data/389-ds-base-1.4.4.8/ldap/servers/slapd/util.c:198:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
escape_string(const char *str, char buf[BUFSIZ])
data/389-ds-base-1.4.4.8/ldap/servers/slapd/util.c:203:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
const char *
data/389-ds-base-1.4.4.8/ldap/servers/slapd/util.c:204:38:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
escape_string_with_punctuation(const char *str, char buf[BUFSIZ])
data/389-ds-base-1.4.4.8/ldap/servers/slapd/util.c:204:49:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
escape_string_with_punctuation(const char *str, char buf[BUFSIZ])
data/389-ds-base-1.4.4.8/ldap/servers/slapd/util.c:209:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
const char *
data/389-ds-base-1.4.4.8/ldap/servers/slapd/util.c:210:34:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
escape_string_for_filename(const char *str, char buf[BUFSIZ])
data/389-ds-base-1.4.4.8/ldap/servers/slapd/util.c:210:45:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
escape_string_for_filename(const char *str, char buf[BUFSIZ])
data/389-ds-base-1.4.4.8/ldap/servers/slapd/util.c:266:21:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                    memcpy(ctx->attr, val, 1);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/util.c:283:17:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                memcpy(ctx->attr, val, slen);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/util.c:299:29:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                            memcpy(ctxattr, ctx->attr, ctx->attr_size);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/util.c:306:21:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                    memcpy(ctx->attr + ctx->attr_position, val, 1);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/util.c:355:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(ctx->buf + ctx->buf_size, buf, filter_len);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/util.c:374:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(ctx->buf + ctx->buf_size, buf, slen);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/util.c:401:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char attr_static[ATTRSIZE] = {0};
data/389-ds-base-1.4.4.8/ldap/servers/slapd/util.c:774:25:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                        memcpy((*normmbvp)->bv_val, *mvp, vlen);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/util.c:781:21:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                    memcpy((*normmbvp)->bv_val, *mvp, vlen);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/util.c:900:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char abspath[MAXPATHLEN + 1];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/util.c:966:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(return_value, bval->bv_val, bval->bv_len);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/util.c:979:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buffer[100];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/util.c:1086:17:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
                strcpy(p, "...");
data/389-ds-base-1.4.4.8/ldap/servers/slapd/util.c:1124:10:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    fd = open(filename, O_RDONLY);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/util.c:1612:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char c[2] = {0, 0};
data/389-ds-base-1.4.4.8/ldap/servers/slapd/uuid.c:71:51:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static void format_uuid_v3(guid_t *uuid, unsigned char hash[16]);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/uuid.c:265:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(buff, "%8.8x-%4.4x-%4.4x-%2.2x%2.2x-%2.2x%2.2x%2.2x%2.2x%2.2x%2.2x",
data/389-ds-base-1.4.4.8/ldap/servers/slapd/uuid.c:282:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char hash[16] = {0};
data/389-ds-base-1.4.4.8/ldap/servers/slapd/uuid.c:542:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(&(_state.genstate), bv->bv_val, bv->bv_len);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/uuid.c:807:39:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
format_uuid_v3(guid_t *uuid, unsigned char hash[16])
data/389-ds-base-1.4.4.8/ldap/servers/slapd/uuid.c:813:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(uuid, hash, sizeof(guid_t));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/uuid.c:846:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char seed[SEED_LENGTH] = {0};
data/389-ds-base-1.4.4.8/ldap/servers/slapd/uuid.c:857:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(node, seed, sizeof(uuid_node_t));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/uuid.h:60:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char nodeID[6];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/value.c:50:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(bvd->bv_val, bvs->bv_val, len);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/value.c:352:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char valueBuf[80];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/value.c:354:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf(valueBuf, "%d", intVal);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/value.c:393:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(p, value->bv.bv_val, value->bv.bv_len);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/value.c:395:13:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        r = atoi(p);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/value.c:408:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(p, value->bv.bv_val, value->bv.bv_len);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/value.c:410:27:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        r = (unsigned int)atoi(p);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/value.c:423:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(p, value->bv.bv_val, value->bv.bv_len);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/value.c:425:13:  [2] (integer) atol:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        r = atol(p);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/value.c:438:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(p, value->bv.bv_val, value->bv.bv_len);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/value.c:440:28:  [2] (integer) atol:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        r = (unsigned long)atol(p);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/value.c:453:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(p, value->bv.bv_val, value->bv.bv_len);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/value.c:468:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(p, value->bv.bv_val, value->bv.bv_len);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/value.c:483:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(p, value->bv.bv_val, value->bv.bv_len);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/value.c:498:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(p, value->bv.bv_val, value->bv.bv_len);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/value.c:513:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(p, value->bv.bv_val, value->bv.bv_len);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/valueset.c:1246:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(&vs1->sorted[0], &vs2->sorted[0], vs1->num * sizeof(size_t));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/vattr.c:621:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char *types[2];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/vattr.c:2073:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[SLAPD_TYPICAL_ATTRIBUTE_NAME_MAX_LENGTH];
data/389-ds-base-1.4.4.8/ldap/servers/slapd/vattr.c:2189:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char **pppAttrs[2];
data/389-ds-base-1.4.4.8/ldap/servers/snmp/ldap-agent.c:214:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(&ctx->index, &index, sizeof(index));
data/389-ds-base-1.4.4.8/ldap/servers/snmp/main.c:106:19:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if ((pid_fp = fopen(pidfile, "r")) != NULL) {
data/389-ds-base-1.4.4.8/ldap/servers/snmp/main.c:187:27:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
            if ((pid_fp = fopen(pidfile, "r")) != NULL) {
data/389-ds-base-1.4.4.8/ldap/servers/snmp/main.c:220:19:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if ((pid_fp = fopen(pidfile, "w")) == NULL) {
data/389-ds-base-1.4.4.8/ldap/servers/snmp/main.c:269:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char line[MAXLINE];
data/389-ds-base-1.4.4.8/ldap/servers/snmp/main.c:282:22:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if ((conf_file = fopen(conf_path, "r")) == NULL) {
data/389-ds-base-1.4.4.8/ldap/servers/snmp/main.c:296:9:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
        strcat(pidfile, "/run/");
data/389-ds-base-1.4.4.8/ldap/servers/snmp/main.c:445:42:  [2] (integer) atol:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
                            snmp_index = atol(val);
data/389-ds-base-1.4.4.8/ldap/servers/snmp/main.c:448:44:  [2] (integer) atol:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
                            serv_p->port = atol(val);
data/389-ds-base-1.4.4.8/ldap/systools/viewcore.c:57:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char *modes[8] = {"---", "--X", "-W-", "-WX", "R--", "R-X", "RW-", "RWX"};
data/389-ds-base-1.4.4.8/ldap/systools/viewcore.c:304:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[2048];
data/389-ds-base-1.4.4.8/ldap/systools/viewcore.c:361:10:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    of = fopen(ofname, "a");
data/389-ds-base-1.4.4.8/ldap/systools/viewcore.c:365:16:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if ((fd2 = open(argv[1], O_RDONLY)) == -1) {
data/389-ds-base-1.4.4.8/ldap/systools/viewcore.c:410:15:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if ((fd = open(argv[2], O_RDONLY)) == -1) {
data/389-ds-base-1.4.4.8/lib/base/dnsdmain.cpp:59:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char line[256];
data/389-ds-base-1.4.4.8/lib/base/dnsdmain.cpp:63:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char        buf[PR_NETDB_BUF_SIZE];
data/389-ds-base-1.4.4.8/lib/base/dnsdmain.cpp:110:10:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	    f = fopen(_PATH_RESCONF, "r");
data/389-ds-base-1.4.4.8/lib/base/ereport.cpp:38:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char errstr[MAX_ERROR_LEN];
data/389-ds-base-1.4.4.8/lib/base/file.cpp:228:8:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static char errmsg[ERRMSG_SIZE];
data/389-ds-base-1.4.4.8/lib/base/file.cpp:246:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char static_error[128];
data/389-ds-base-1.4.4.8/lib/base/file.cpp:281:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(*buff, lmsg, msglen+1);
data/389-ds-base-1.4.4.8/lib/base/fsmutex.cpp:50:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char tn[256];
data/389-ds-base-1.4.4.8/lib/base/pool.cpp:474:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(new_str, orig_str, len+1);
data/389-ds-base-1.4.4.8/lib/base/pool.cpp:514:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char tmp_buf[MAX_DEBUG_LINE];
data/389-ds-base-1.4.4.8/lib/base/pool.cpp:515:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char cbuf[DEF_CTIMEBUF];
data/389-ds-base-1.4.4.8/lib/base/system.cpp:163:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(newptr, ptr, *length);
data/389-ds-base-1.4.4.8/lib/base/system.cpp:227:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(nptr, ptr, len);
data/389-ds-base-1.4.4.8/lib/base/util.cpp:220:39:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
#define _util_strftime_copy(str, len) memcpy(pt, str, len); pt += len;
data/389-ds-base-1.4.4.8/lib/base/util.cpp:399:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	static char buf[10];
data/389-ds-base-1.4.4.8/lib/ldaputil/cert.c:97:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(*der, data, *len);
data/389-ds-base-1.4.4.8/lib/ldaputil/cert.c:172:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                    char buf[BIG_LINE];
data/389-ds-base-1.4.4.8/lib/ldaputil/cert.c:485:33:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                                memcpy(buf, (*certAVA)->value.data + lenLen, buflen);
data/389-ds-base-1.4.4.8/lib/ldaputil/certmap.c:51:8:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static char this_dllname[256];
data/389-ds-base-1.4.4.8/lib/ldaputil/certmap.c:964:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(buf, tagName, taglen);
data/389-ds-base-1.4.4.8/lib/ldaputil/certmap.c:983:9:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
        strcat(dn, ", ");
data/389-ds-base-1.4.4.8/lib/ldaputil/certmap.c:996:5:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
    strcat(filter + *flen, " (");
data/389-ds-base-1.4.4.8/lib/ldaputil/certmap.c:1051:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char ldapdn[BIG_LINE];
data/389-ds-base-1.4.4.8/lib/ldaputil/certmap.c:1052:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char filter[BIG_LINE];
data/389-ds-base-1.4.4.8/lib/ldaputil/certmap.c:1069:9:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
        strcpy(filter, "(&");
data/389-ds-base-1.4.4.8/lib/ldaputil/dbconf.c:420:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[BIG_LINE];
data/389-ds-base-1.4.4.8/lib/ldaputil/dbconf.c:426:15:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if ((fp = fopen(file, "r")) == NULL) {
data/389-ds-base-1.4.4.8/lib/ldaputil/dbconf.c:473:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[BIG_LINE];
data/389-ds-base-1.4.4.8/lib/ldaputil/dbconf.c:479:15:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if ((fp = fopen(file, "r")) == NULL) {
data/389-ds-base-1.4.4.8/lib/ldaputil/encode.c:81:16:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
const unsigned char pr2six[256] = {
data/389-ds-base-1.4.4.8/lib/ldaputil/examples/plugin.c:184:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char snoFilter[256];
data/389-ds-base-1.4.4.8/lib/ldaputil/examples/plugin.c:187:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(snoFilter, "certSerialNumber=%d",
data/389-ds-base-1.4.4.8/lib/ldaputil/init.c:63:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                char path[1024];
data/389-ds-base-1.4.4.8/lib/ldaputil/init.c:93:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char dir[1024];
data/389-ds-base-1.4.4.8/lib/ldaputil/ldapauth.c:135:11:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    const char *suffix_attr[2] = {"namingcontexts", NULL};
data/389-ds-base-1.4.4.8/lib/ldaputil/ldapauth.c:139:11:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    const char *private_suffix_list[2] = {"cn=config", NULL};
data/389-ds-base-1.4.4.8/lib/ldaputil/vtable.c:26:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(&ldapu_VTable, from, sizeof(LDAPUVTable_t));
data/389-ds-base-1.4.4.8/lib/ldaputil/vtable.c:162:21:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                    memcpy(*val, (*bval)->bv_val, len);
data/389-ds-base-1.4.4.8/lib/libaccess/acl.tab.cpp:32:8:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static char *curr_args_list[MAX_LIST_SIZE]; /* current args */
data/389-ds-base-1.4.4.8/lib/libaccess/acl.tab.cpp:33:8:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static char *curr_user_list[MAX_LIST_SIZE]; /* current users v2 */
data/389-ds-base-1.4.4.8/lib/libaccess/acl.tab.cpp:34:8:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static char *curr_ip_dns_list[MAX_LIST_SIZE]; /* current ip/dns v2 */
data/389-ds-base-1.4.4.8/lib/libaccess/acl.tab.cpp:614:11:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	(type *) memcpy(to, (char *) from, aclnewmax * sizeof(type))
data/389-ds-base-1.4.4.8/lib/libaccess/acl.tab.cpp:1182:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		char acl_tmp_arg[255];
data/389-ds-base-1.4.4.8/lib/libaccess/acl.tab.cpp:1338:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		char tmp_str[255];
data/389-ds-base-1.4.4.8/lib/libaccess/acl.yy.cpp:460:8:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static char acl_filename[500];
data/389-ds-base-1.4.4.8/lib/libaccess/acl.yy.cpp:1896:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char	errorStr[256];
data/389-ds-base-1.4.4.8/lib/libaccess/acl.yy.cpp:1904:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(errorStr, "%d", acl_lineno);
data/389-ds-base-1.4.4.8/lib/libaccess/acl.yy.cpp:1927:11:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
		aclin = fopen(filename, "r");
data/389-ds-base-1.4.4.8/lib/libaccess/acl.yy.cpp:1940:3:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
		strcpy(acl_filename, "internal-buffer");
data/389-ds-base-1.4.4.8/lib/libaccess/acl.yy.cpp:1988:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(buffer, (const void *) &acl_buffer[acl_buffer_offset], 
data/389-ds-base-1.4.4.8/lib/libaccess/aclpriv.h:66:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *expr_text[ACL_EXPR_STACK];
data/389-ds-base-1.4.4.8/lib/libaccess/aclspace.cpp:21:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
const char	*generic_rights[7] = {
data/389-ds-base-1.4.4.8/lib/libaccess/aclspace.cpp:31:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
const char	*http_generic[7] = {
data/389-ds-base-1.4.4.8/lib/libaccess/acltools.cpp:360:9:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
        strcpy( buffer, "TRUE" );
data/389-ds-base-1.4.4.8/lib/libaccess/acltools.cpp:365:9:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
        strcpy( buffer, "FALSE" );
data/389-ds-base-1.4.4.8/lib/libaccess/acltools.cpp:369:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf( buffer, "goto %d", value );
data/389-ds-base-1.4.4.8/lib/libaccess/acltools.cpp:705:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char   buffer[256];
data/389-ds-base-1.4.4.8/lib/libaccess/aclutil.cpp:124:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static char invalid_cmp[32];
data/389-ds-base-1.4.4.8/lib/libaccess/aclutil.cpp:134:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(invalid_cmp, "unknown comparator %d", comparator);
data/389-ds-base-1.4.4.8/lib/libaccess/authdb.cpp:146:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char dbtypestr[BIG_LINE];
data/389-ds-base-1.4.4.8/lib/libaccess/lasdns.cpp:105:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char token[256];  /* max length dns name */
data/389-ds-base-1.4.4.8/lib/libaccess/lasdns.cpp:110:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char	buffer[PR_NETDB_BUF_SIZE];
data/389-ds-base-1.4.4.8/lib/libaccess/lasdns.cpp:364:6:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	    char rv_str[16];
data/389-ds-base-1.4.4.8/lib/libaccess/lasdns.cpp:366:6:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	    sprintf(rv_str, "%d", rv);
data/389-ds-base-1.4.4.8/lib/libaccess/lasgroup.cpp:94:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char rv_str[16];
data/389-ds-base-1.4.4.8/lib/libaccess/lasgroup.cpp:95:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(rv_str, "%d", rv);
data/389-ds-base-1.4.4.8/lib/libaccess/lasip.cpp:63:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char    token[64];
data/389-ds-base-1.4.4.8/lib/libaccess/lasip.cpp:102:25:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        *netmask    += (atoi(token))<<(8*(4-i-1));
data/389-ds-base-1.4.4.8/lib/libaccess/lasip.cpp:149:24:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            *ip    += (atoi(token))<<(8*(4-i-1));
data/389-ds-base-1.4.4.8/lib/libaccess/lasip.cpp:240:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char        token[64], token2[64];    /* a single ip[+netmask]     */
data/389-ds-base-1.4.4.8/lib/libaccess/lasip.cpp:472:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char ip_str[124];
data/389-ds-base-1.4.4.8/lib/libaccess/lasip.cpp:502:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char rv_str[16];
data/389-ds-base-1.4.4.8/lib/libaccess/lasip.cpp:503:13:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
            sprintf(rv_str, "%d", rv);
data/389-ds-base-1.4.4.8/lib/libaccess/lasip.cpp:585:14:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
             sprintf(ip_str, "%x", (unsigned int)ip);
data/389-ds-base-1.4.4.8/lib/libaccess/lasip.cpp:719:16:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
    *netmask = atoi(netmaskstr);
data/389-ds-base-1.4.4.8/lib/libaccess/lastod.cpp:52:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char	daystr[5];	/* Current local day in ddd */
data/389-ds-base-1.4.4.8/lib/libaccess/lastod.cpp:53:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char	lcl_pattern[512];
data/389-ds-base-1.4.4.8/lib/libaccess/lastod.cpp:109:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char	timestr[6];	/* Current local time in HHMM */
data/389-ds-base-1.4.4.8/lib/libaccess/lastod.cpp:110:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char	start[6], end[6];
data/389-ds-base-1.4.4.8/lib/libaccess/lastod.cpp:133:12:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
	inttime = atoi(timestr);
data/389-ds-base-1.4.4.8/lib/libaccess/lastod.cpp:149:14:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
		intstart = atoi(start);
data/389-ds-base-1.4.4.8/lib/libaccess/lastod.cpp:156:12:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
		intend = atoi(end);
data/389-ds-base-1.4.4.8/lib/libaccess/lastod.cpp:169:15:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
	intpattern = atoi(pattern);
data/389-ds-base-1.4.4.8/lib/libaccess/oneeval.cpp:592:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char right[64];               /* lowercase-ed rights string    */
data/389-ds-base-1.4.4.8/lib/libaccess/oneeval.cpp:688:10:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		      (char *)generic_rights[g_num]);
data/389-ds-base-1.4.4.8/lib/libaccess/oneeval.cpp:885:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		    char result_str[16];
data/389-ds-base-1.4.4.8/lib/libaccess/oneeval.cpp:886:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
		    sprintf(result_str, "%d", rights_arry[i].result);
data/389-ds-base-1.4.4.8/lib/libadmin/error.c:29:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char *error_headers[MAX_ERROR] =
data/389-ds-base-1.4.4.8/lib/libadmin/template.c:29:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char line[BIG_LINE];
data/389-ds-base-1.4.4.8/lib/libsi18n/makstrdb.c:135:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buffer[2000];
data/389-ds-base-1.4.4.8/lib/libsi18n/makstrdb.c:150:5:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
    strcat(dbfile, ".properties");
data/389-ds-base-1.4.4.8/lib/libsi18n/makstrdb.c:152:16:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    hresfile = fopen(dbfile, "w");
data/389-ds-base-1.4.4.8/lib/libsi18n/makstrdb.c:176:21:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
                    strcpy(dest, "\\u00");
data/389-ds-base-1.4.4.8/lib/libsi18n/makstrdb.c:178:21:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
                    sprintf(dest, "%02x", *src);
data/389-ds-base-1.4.4.8/lib/libsi18n/txtfile.c:23:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char fileBuffer[FILE_BUFFER_SIZE + 1];
data/389-ds-base-1.4.4.8/lib/libsi18n/txtfile.c:39:16:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        file = fopen(filename, "w+");
data/389-ds-base-1.4.4.8/lib/libsi18n/txtfile.c:42:16:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        file = fopen(filename, "r");
data/389-ds-base-1.4.4.8/lib/libsi18n/txtfile.c:75:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(txtfile->fileBuffer, txtfile->fbCurrent, nLeft + 1);
data/389-ds-base-1.4.4.8/lib/libsi18n/txtfile.h:34:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char fileBuffer[FILE_BUFFER_SIZE + 1];
data/389-ds-base-1.4.4.8/src/contrib/back-ldif/config.c:95:10:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    fp = fopen(argv[1], "r");
data/389-ds-base-1.4.4.8/src/contrib/back-ldif/config.c:98:14:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        fp = fopen(argv[1], "w");
data/389-ds-base-1.4.4.8/src/contrib/back-ldif/config.c:178:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *buff, line[LDAPMOD_MAXLINE];
data/389-ds-base-1.4.4.8/src/contrib/back-ldif/modify.c:224:18:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
            fp = fopen(db->ldif_file, "a");
data/389-ds-base-1.4.4.8/src/contrib/back-ldif/modify.c:361:10:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    fp = fopen(db->ldif_file, "w");
data/389-ds-base-1.4.4.8/src/contrib/back-ldif/modrdn.c:113:9:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
        strcat(newdn, ", ");
data/389-ds-base-1.4.4.8/src/contrib/back-ldif/monitor.c:44:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[BUFSIZ];       /*Buffer for getting the attrs*/
data/389-ds-base-1.4.4.8/src/contrib/back-ldif/monitor.c:67:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(buf, "%ld", db->ldif_hits);
data/389-ds-base-1.4.4.8/src/contrib/back-ldif/monitor.c:73:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(buf, "%ld", db->ldif_tries);
data/389-ds-base-1.4.4.8/src/contrib/back-ldif/monitor.c:79:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(buf, "%ld", db->ldif_n);
data/389-ds-base-1.4.4.8/src/libsds/external/csiphash/csiphash.c:79:53:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
sds_siphash13(const void *src, size_t src_sz, const char key[16])
data/389-ds-base-1.4.4.8/src/libsds/external/csiphash/csiphash.c:82:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(_key, key, 16);
data/389-ds-base-1.4.4.8/src/libsds/external/csiphash/csiphash.c:98:24:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    uint64_t *in_ptr = memcpy(in, src, src_sz);
data/389-ds-base-1.4.4.8/src/libsds/external/csiphash/csiphash.c:122:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(&t, in, sizeof(uint64_t));
data/389-ds-base-1.4.4.8/src/libsds/external/liblfds711/inc/liblfds711/lfds711_porting_abstraction_layer_compiler.h:172:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        (result) = (char unsigned)_InterlockedCompareExchange128((__int64 volatile *)(pointer_to_destination), (__int64)(pointer_to_new_destination[1]), (__int64)(pointer_to_new_destination[0]), (__int64 *)(pointer_to_compare)); \
data/389-ds-base-1.4.4.8/src/libsds/include/sds.h:246:62:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
uint64_t sds_siphash13(const void *src, size_t src_sz, const char key[16]);
data/389-ds-base-1.4.4.8/src/libsds/include/sds.h:1405:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char hkey[16]; /**< the key */
data/389-ds-base-1.4.4.8/src/libsds/sds/bpt/map.c:339:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(path, "/tmp/graph_%03d.dot", binst->print_iter);
data/389-ds-base-1.4.4.8/src/libsds/sds/bpt/map.c:348:10:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    fp = fopen(path, "w+");
data/389-ds-base-1.4.4.8/src/libsds/sds/bpt_cow/bpt_cow.c:574:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(path, "/tmp/graph_%03" PRIu64 ".dot", print_iter);
data/389-ds-base-1.4.4.8/src/libsds/sds/bpt_cow/bpt_cow.c:577:10:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    fp = fopen(path, "w+");
data/389-ds-base-1.4.4.8/src/libsds/sds/bpt_cow/node.c:65:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(&(clone_node->values), &(node->values), sizeof(void *) * SDS_BPTREE_BRANCH);
data/389-ds-base-1.4.4.8/src/libsds/test/test_sds_csiphash.c:30:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char key[16] = {0};
data/389-ds-base-1.4.4.8/src/rewriters/adfilter.c:89:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(&bin_sid.sid[p], &val, sizeof(val));
data/389-ds-base-1.4.4.8/src/rewriters/adfilter.c:179:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(res, &sid, sizeof(sid));
data/389-ds-base-1.4.4.8/src/rewriters/adfilter.c:192:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char logbuf[1024] = {0};
data/389-ds-base-1.4.4.8/src/rewriters/adfilter.c:249:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char logbuf[100] = {0};
data/389-ds-base-1.4.4.8/src/rewriters/adfilter.c:250:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char filterbuf[1024] = {0};
data/389-ds-base-1.4.4.8/src/rewriters/adfilter.c:348:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char logbuf[1024] = {0};
data/389-ds-base-1.4.4.8/src/svrcore/src/file.c:176:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char line[128];
data/389-ds-base-1.4.4.8/src/svrcore/src/file.c:178:15:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    pinfile = fopen(obj->filename, "rt");
data/389-ds-base-1.4.4.8/src/svrcore/src/ntgetpin.c:36:8:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static char password[512];
data/389-ds-base-1.4.4.8/src/svrcore/src/systemd-ask-pass.c:263:14:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    tmp_fd = fopen(tmp_path, "w");
data/389-ds-base-1.4.4.8/src/svrcore/src/user.c:117:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char line[128];
data/389-ds-base-1.4.4.8/test/libslapd/schema/filter_validate.c:23:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *names[2] = {0};
data/389-ds-base-1.4.4.8/test/libslapd/schema/filter_validate.c:52:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char fdup[256] = {0};
data/389-ds-base-1.4.4.8/include/libaccess/attrec.h:128:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define NTSLENGTH(nts) ((nts) ? strlen((char *)(nts)) + 1 : 1)
data/389-ds-base-1.4.4.8/ldap/libraries/libavl/testavl.c:23:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if ((new = (char *)malloc(strlen(s) + 1)) == NULL)
data/389-ds-base-1.4.4.8/ldap/libraries/libavl/testavl.c:61:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            name[strlen(name) - 1] = '\0';
data/389-ds-base-1.4.4.8/ldap/libraries/libavl/testavl.c:71:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            name[strlen(name) - 1] = '\0';
data/389-ds-base-1.4.4.8/ldap/libraries/libavl/testavl.c:80:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            name[strlen(name) - 1] = '\0';
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acctpolicy/acct_plugin.c:165:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    val.bv_len = strlen(val.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.c:1125:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            len = strlen(attr_type);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.c:1811:40:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                            b.bv_len = strlen(*value);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.c:1836:44:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                                b.bv_len = strlen(*value);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.c:3425:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        len = strlen(initial);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.c:3447:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                p += strlen(any[i]);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.c:3456:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        len = strlen(final);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acl.c:3457:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        tlen = strlen(p);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acleffectiverights.c:38:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    len = strlen(news);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acleffectiverights.c:41:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        len += strlen(news2);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acleffectiverights.c:196:9:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
        strncpy(orig, subjectber->bv_val, subjectber->bv_len);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acleffectiverights.c:226:28:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    subjectndnlen = orig ? strlen(orig) : 0;
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acleffectiverights.c:550:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        val.bv_len = strlen(subjectndn);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acleffectiverights.c:610:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (attrs && *attrs && (strlen(*attrs) > 0)) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acleffectiverights.c:858:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            siz += strlen(attrs[i]) + 4 + strlen(object);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acleffectiverights.c:858:43:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            siz += strlen(attrs[i]) + 4 + strlen(object);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acleffectiverights.c:861:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            siz += strlen(attrs[i]) + 4 + 20;
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acleffectiverights.c:870:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            siz += strlen(dntype) + 30 + strlen(object) + strlen(dn);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acleffectiverights.c:870:42:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            siz += strlen(dntype) + 30 + strlen(object) + strlen(dn);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acleffectiverights.c:870:59:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            siz += strlen(dntype) + 30 + strlen(object) + strlen(dn);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acleffectiverights.c:872:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            siz += strlen(attrs[0] ? attrs[0] : "") + 30 + strlen(object) + strlen(dn);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acleffectiverights.c:872:60:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            siz += strlen(attrs[0] ? attrs[0] : "") + 30 + strlen(object) + strlen(dn);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acleffectiverights.c:872:77:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            siz += strlen(attrs[0] ? attrs[0] : "") + 30 + strlen(object) + strlen(dn);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acleffectiverights.c:877:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            siz += strlen(dntype) + 30 + strlen(object);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acleffectiverights.c:877:42:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            siz += strlen(dntype) + 30 + strlen(object);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acleffectiverights.c:879:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            siz += strlen(attrs[0] ? attrs[0] : "") + 30 + strlen(object);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acleffectiverights.c:879:60:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            siz += strlen(attrs[0] ? attrs[0] : "") + 30 + strlen(object);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acleffectiverights.c:883:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (NULL != dn && strlen(dn) > 0) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acleffectiverights.c:893:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        len = strlen(templateentry);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acleffectiverights.c:915:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                siz += strlen(attrs[i]) + 4 + strlen(object);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acleffectiverights.c:915:47:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                siz += strlen(attrs[i]) + 4 + strlen(object);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acleffectiverights.c:920:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            len = strlen(templateentry);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acleffectiverights.c:933:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    len = strlen(templateentry);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclinit.c:223:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        bval->bv_len = strlen(be_name) + 1;
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acllas.c:377:38:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                (*dnsList)->bv_len = strlen((*dnsList)->bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acllas.c:461:40:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    const size_t LDAP_URL_prefix_len = strlen(LDAP_URL_prefix);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acllas.c:462:41:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    const size_t LDAPS_URL_prefix_len = strlen(LDAPS_URL_prefix);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acllas.c:544:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            len = strlen(user);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acllas.c:626:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                if ((lenu = strlen(user)) > 190) { /* 200 - 9 for "(userdn=%s)" */
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acllas.c:746:40:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    const size_t LDAP_URL_prefix_len = strlen(LDAP_URL_prefix);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acllas.c:810:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            len = strlen(groupName);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acllas.c:968:40:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    const size_t LDAP_URL_prefix_len = strlen(LDAP_URL_prefix);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acllas.c:1024:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            len = strlen(role);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acllas.c:1188:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    len = strlen(attrName);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acllas.c:1453:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    len = strlen(attrName);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acllas.c:1673:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    len = strlen(attr);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acllas.c:1746:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    len = strlen(attr);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acllas.c:1893:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            len = strlen(buf);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acllas.c:1897:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        len = strlen(buf);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acllas.c:1901:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                len = strlen(buf);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acllas.c:1919:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            len = strlen(buf);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acllas.c:2597:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        len = strlen(attrName);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acllas.c:3489:40:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    const size_t LDAP_URL_prefix_len = strlen(LDAP_URL_prefix_core);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acllas.c:3490:41:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    const size_t LDAPS_URL_prefix_len = strlen(LDAPS_URL_prefix_core);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acllas.c:4213:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            matched_val_len = strlen(matched_val);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acllas.c:4288:13:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
            strncpy(macro_str, &str[0], l + 1);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acllas.c:4310:13:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
            strncpy(macro_attr_name, &str[0], l);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/acllas.c:4399:40:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    const size_t LDAP_URL_prefix_len = strlen(LDAP_URL_prefix);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclparse.c:228:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    int targetattrlen = strlen(aci_targetattr);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclparse.c:229:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    int targetdnlen = strlen(aci_targetdn);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclparse.c:230:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    int tfilterlen = strlen(aci_targetfilter);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclparse.c:231:32:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    int targetattrfilterslen = strlen(aci_targetattrfilters);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclparse.c:232:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    int target_to_len = strlen(aci_target_to);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclparse.c:233:27:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    int target_from_len = strlen(aci_target_from);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclparse.c:270:17:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
                strncpy(s, single_space, 1);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclparse.c:368:17:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
                strncpy(s, single_space, 1);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclparse.c:389:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                len = strlen(value);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclparse.c:400:53:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                strncasecmp(value, LDAP_URL_prefix, strlen(LDAP_URL_prefix))) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclparse.c:401:39:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                LDAP_URL_prefix_len = strlen(LDAP_URL_prefix);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclparse.c:403:41:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                                        strlen(LDAPS_URL_prefix))) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclparse.c:404:39:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                LDAP_URL_prefix_len = strlen(LDAPS_URL_prefix);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclparse.c:436:17:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
                strncpy(s, single_space, 1);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclparse.c:457:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                len = strlen(value);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclparse.c:468:53:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                strncasecmp(value, LDAP_URL_prefix, strlen(LDAP_URL_prefix))) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclparse.c:469:39:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                LDAP_URL_prefix_len = strlen(LDAP_URL_prefix);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclparse.c:471:41:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                                        strlen(LDAPS_URL_prefix))) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclparse.c:472:39:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                LDAP_URL_prefix_len = strlen(LDAPS_URL_prefix);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclparse.c:740:14:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        p += strlen(LDAP_URL_prefix);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclparse.c:744:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            p += strlen(LDAPS_URL_prefix);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclparse.c:748:42:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (isstrict && ((NULL == p) || 0 == strlen(p))) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclparse.c:753:14:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (p && strlen(p) > 0) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclparse.c:777:51:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        aclutil_str_append_ext(dest, destlen, dn, strlen(dn));
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclparse.c:863:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    retstr_len = strlen(str) * 3;
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclparse.c:865:61:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    aclutil_str_append_ext(&ret_str, &retstr_len, s_aclstr, strlen(s_aclstr));
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclparse.c:896:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    len = strlen(tmp_str);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclparse.c:943:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        len = strlen(d_rule);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclparse.c:945:39:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        memcpy(acestr + len, tmp_str, strlen(tmp_str));
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclparse.c:1016:27:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                prefix += strlen(LDAP_URL_prefix);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclparse.c:1020:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                    prefix += strlen(LDAPS_URL_prefix);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclparse.c:1130:45:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                                   prevend, strlen(prevend));
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclparse.c:1205:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        len = strlen(word);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclparse.c:1210:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            ruleLen = strlen(DS_LAS_USERDNATTR);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclparse.c:1213:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            ruleLen = strlen(DS_LAS_USERDN);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclparse.c:1217:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            ruleLen = strlen(DS_LAS_GROUPDNATTR);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclparse.c:1220:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            ruleLen = strlen(DS_LAS_GROUPDN);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclparse.c:1224:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            ruleLen = strlen(DS_LAS_USERATTR);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclparse.c:1227:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            ruleLen = strlen(DS_LAS_ROLEDN);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclparse.c:1231:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            ruleLen = strlen(DS_LAS_AUTHMETHOD);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclparse.c:1234:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            ruleLen = strlen(ACL_ATTR_IP);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclparse.c:1237:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            ruleLen = strlen(DS_LAS_TIMEOFDAY);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclparse.c:1240:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            ruleLen = strlen(DS_LAS_DAYOFWEEK);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclparse.c:1243:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            ruleLen = strlen(ACL_ATTR_DNS);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclparse.c:1246:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            ruleLen = strlen(DS_LAS_SSF);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclparse.c:1346:30:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        end = original_str + strlen(original_str) - 1;
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclparse.c:1357:35:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            tmpp = original_str + strlen(original_str) - 1;
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclparse.c:1564:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    len = strlen(s);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclparse.c:1633:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        lenstr = strlen(str);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclparse.c:1938:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        len = strlen(str);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclparse.c:1984:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    len = strlen(tmpstr);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclparse.c:1991:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    len = strlen(tmpstr);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclparse.c:2056:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    len = strlen(s); /* Knock off the " and trailing ) */
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclutil.c:46:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        new_len = strlen(str2) + 1;
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclutil.c:50:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        new_len = strlen(*str1) + strlen(str2) + 1;
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclutil.c:50:35:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        new_len = strlen(*str1) + strlen(str2) + 1;
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclutil.c:75:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        slen = strlen(src);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclutil.c:78:30:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        size_t dest_strlen = strlen(*dest);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclutil.c:115:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (strlen(msgbuf) > 0) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclutil.c:146:47:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    aclutil__typestr(aci_item->aci_type, &str[strlen(str)]);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclutil.c:215:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            newsize = strlen(dn) + strlen(str) + 200;
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclutil.c:215:36:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            newsize = strlen(dn) + strlen(str) + 200;
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclutil.c:217:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            newsize = strlen(str) + 208; /* for "NULL" */
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclutil.c:230:27:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        sprintf(lineptr + strlen(lineptr), " %s\n", escape_string_with_punctuation(str, ebuf));
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclutil.c:493:50:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    aclutil__typestr(aclpb->aclpb_res_type, &str[strlen(str)]);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclutil.c:610:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        len = strlen(buf);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclutil.c:632:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    len = strlen(attrName);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclutil.c:709:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (strlen(macro_ptr) == strlen(ACL_TARGET_MACRO_DN_KEY)) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclutil.c:709:30:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (strlen(macro_ptr) == strlen(ACL_TARGET_MACRO_DN_KEY)) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclutil.c:712:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        if (macro_ptr[strlen(ACL_TARGET_MACRO_DN_KEY)] == ',') {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclutil.c:713:39:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            macro_suffix = &macro_ptr[strlen(ACL_TARGET_MACRO_DN_KEY) + 1];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclutil.c:715:39:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            macro_suffix = &macro_ptr[strlen(ACL_TARGET_MACRO_DN_KEY)];
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclutil.c:724:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    ndn_len = strlen(ndn);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclutil.c:726:28:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        macro_suffix_len = strlen(macro_suffix);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclutil.c:773:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    macro_prefix_len = strlen(macro_prefix);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclutil.c:788:9:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
        strncpy(matched_val, ndn, ndn_len - macro_suffix_len);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclutil.c:855:21:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
                    strncpy(matched_val, &ndn[ndn_prefix_len], matched_val_len);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclutil.c:944:21:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
                    strncpy(matched_val, &ndn[ndn_prefix_end],
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclutil.c:971:51:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        final = acl_strstr((char *)&ndn[initial + strlen(tmp_str)], &tmp_str[any + 1]);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclutil.c:973:34:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            ret_code = initial + strlen(tmp_str) + final + strlen(&tmp_str[any + 1]);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclutil.c:973:60:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            ret_code = initial + strlen(tmp_str) + final + strlen(&tmp_str[any + 1]);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclutil.c:1042:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    macro_prefix_len = strlen(macro_prefix);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclutil.c:1043:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    ndn_len = strlen(ndn);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclutil.c:1112:13:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
            strncpy(tmp_str, &macro_prefix[k], t - k);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclutil.c:1201:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    s_len = strlen(s);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclutil.c:1241:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        l = strlen(tmp_str);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclutil.c:1266:28:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        replace_with_len = strlen(replace_with_str);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclutil.c:1267:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        substr_len = strlen(substr);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclutil.c:1284:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            prefix_len = strlen(prefix);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclutil.c:1285:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            suffix_len = strlen(suffix);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclutil.c:1316:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    int dn_len = strlen(dn);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/acl/aclutil.c:1354:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    int dn_len = strlen(dn);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/addn/addn.c:224:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        dn_bind_len = strlen(dn_bind);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/addn/addn.c:226:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        dn_bind_len = strlen(dn_bind_escaped);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/addn/addn.c:233:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        dn_domain_len = strlen(dn_domain);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/addn/addn.c:235:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        dn_domain_len = strlen(dn_domain_escaped);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/addn/addn.c:422:64:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    config->default_domain = slapi_escape_filter_value(domain, strlen(domain));
data/389-ds-base-1.4.4.8/ldap/servers/plugins/addn/addn.c:423:34:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    config->default_domain_len = strlen(config->default_domain);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/chainingdb/cb_config.c:38:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    for (x = 0; strlen(entries[x]) > 0; x++) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/chainingdb/cb_config.c:301:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    val.bv_len = strlen(val.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/chainingdb/cb_config.c:306:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    val.bv_len = strlen(val.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/chainingdb/cb_config.c:309:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    val.bv_len = strlen(val.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/chainingdb/cb_config.c:318:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        val.bv_len = strlen(val.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/chainingdb/cb_config.c:327:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        val.bv_len = strlen(val.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/chainingdb/cb_config.c:338:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        val.bv_len = strlen(val.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/chainingdb/cb_instance.c:756:42:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        if ((ludp->lud_host == NULL) || (strlen(ludp->lud_host) == 0)) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/chainingdb/cb_instance.c:1679:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            val.bv_len = strlen(val.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/chainingdb/cb_instance.c:1688:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        val.bv_len = strlen(val.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/chainingdb/cb_instance.c:1699:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        val.bv_len = strlen(val.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/chainingdb/cb_instance.c:1720:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        val.bv_len = strlen(buf);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/chainingdb/cb_instance.c:2016:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    val.bv_len = strlen(val.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/chainingdb/cb_instance.c:2019:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    val.bv_len = strlen(val.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/chainingdb/cb_instance.c:2022:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    val.bv_len = strlen(val.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/chainingdb/cb_instance.c:2090:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            val.bv_len = strlen(val.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/chainingdb/cb_monitor.c:109:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    val.bv_len = strlen(buf);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/chainingdb/cb_monitor.c:114:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    val.bv_len = strlen(buf);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/chainingdb/cb_monitor.c:119:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    val.bv_len = strlen(buf);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/chainingdb/cb_monitor.c:124:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    val.bv_len = strlen(buf);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/chainingdb/cb_monitor.c:129:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    val.bv_len = strlen(buf);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/chainingdb/cb_monitor.c:134:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    val.bv_len = strlen(buf);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/chainingdb/cb_monitor.c:139:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    val.bv_len = strlen(buf);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/chainingdb/cb_monitor.c:144:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    val.bv_len = strlen(buf);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/chainingdb/cb_monitor.c:149:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    val.bv_len = strlen(buf);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/chainingdb/cb_monitor.c:154:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    val.bv_len = strlen(buf);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/chainingdb/cb_monitor.c:159:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    val.bv_len = strlen(buf);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/chainingdb/cb_monitor.c:164:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    val.bv_len = strlen(buf);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/chainingdb/cb_monitor.c:169:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    val.bv_len = strlen(buf);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/chainingdb/cb_search.c:118:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        bv.bv_len = strlen(bv.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/chainingdb/cb_search.c:125:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            bv.bv_len = strlen(bv.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/chainingdb/cb_search.c:643:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                bv.bv_len = strlen(bv.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/chainingdb/cb_search.c:648:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                    bv.bv_len = strlen(bv.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/chainingdb/cb_utils.c:96:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        val[i]->bv_len = strlen(referrals[i]);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/collation/config.c:108:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        len = strlen(buf);                               \
data/389-ds-base-1.4.4.8/ldap/servers/plugins/collation/orfilter.c:540:34:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            auto size_t oidlen = strlen(mrOID);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/collation/orfilter.c:923:45:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                    auto const size_t len = strlen(or->or_indexer->ix_oid);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/collation/orfilter.c:980:34:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            auto size_t oidlen = strlen(mrOID);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/collation/orfilter.c:989:30:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                    oidlen = strlen(ix->ix_oid);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/cos/cos_cache.c:1873:41:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        grade = (char *)slapi_ch_malloc(strlen(dn->val) + 1);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/cos/cos_cache.c:1880:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            int lastindex = strlen(dn->val) - 1;
data/389-ds-base-1.4.4.8/ldap/servers/plugins/cos/cos_cache.c:1928:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                if (strlen(pCosSpecifier->val) < (sizeof(tmpGrade) - 9)) { /* 9 for "-default" */
data/389-ds-base-1.4.4.8/ldap/servers/plugins/cos/cos_cache.c:3316:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    s1len = strlen(s1);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/cos/cos_cache.c:3317:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    s2len = strlen(s2);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/dna/dna.c:2135:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    shared_dn.bv_len = strlen(shared_dn.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/dna/dna.c:3365:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        typeslen += strlen(config_entry->types[i]);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/dna/dna.c:3372:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    filterlen = strlen(config_entry->filter) + typeslen +
data/389-ds-base-1.4.4.8/ldap/servers/plugins/dna/dna.c:3374:46:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                (config_entry->prefix ? (i * strlen(config_entry->prefix)) : 0) +
data/389-ds-base-1.4.4.8/ldap/servers/plugins/dna/dna.c:3402:9:  [1] (buffer) strncat:
  Easily used incorrectly (e.g., incorrectly computing the correct maximum
  size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
  or automatically resizing strings. Risk is low because the source is a
  constant string.
        strncat(*filter, "))", filterlen - bytes_out);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/dna/dna.c:3404:9:  [1] (buffer) strncat:
  Easily used incorrectly (e.g., incorrectly computing the correct maximum
  size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
  or automatically resizing strings. Risk is low because the source is a
  constant character.
        strncat(*filter, ")", filterlen - bytes_out);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/dna/dna.c:3733:39:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                                len = strlen(config_entry->generate);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/dna/dna.c:4252:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                len = strlen(value) + 1;
data/389-ds-base-1.4.4.8/ldap/servers/plugins/dna/dna.c:4254:28:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                    len += strlen(config_entry->prefix);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/dna/dna.c:4454:28:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        range_low.bv_len = strlen(range_low.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/dna/dna.c:4456:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        range_high.bv_len = strlen(range_high.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/http/http_impl.c:503:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        *bytesRead = strlen(location);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/http/http_impl.c:535:38:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    int buflen = (HTTP_GET_STD_LEN + strlen(path));
data/389-ds-base-1.4.4.8/ldap/servers/plugins/http/http_impl.c:544:5:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
    strcat(reqBUF, " ");
data/389-ds-base-1.4.4.8/ldap/servers/plugins/http/http_impl.c:546:5:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
    strcat(reqBUF, " ");
data/389-ds-base-1.4.4.8/ldap/servers/plugins/http/http_impl.c:564:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    int bufLen = strlen(buf);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/http/http_impl.c:597:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        body_len = strlen(body);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/http/http_impl.c:602:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        path_len = strlen(path);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/http/http_impl.c:610:57:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    buflen = (HTTP_POST_STD_LEN + path_len + body_len + strlen(body_len_str));
data/389-ds-base-1.4.4.8/ldap/servers/plugins/http/http_impl.c:615:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            buflen += strlen(httpheaderArray[i]->name) + 2;
data/389-ds-base-1.4.4.8/ldap/servers/plugins/http/http_impl.c:617:27:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                buflen += strlen(httpheaderArray[i]->value) + 2;
data/389-ds-base-1.4.4.8/ldap/servers/plugins/http/http_impl.c:628:5:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
    strcat(reqBUF, " ");
data/389-ds-base-1.4.4.8/ldap/servers/plugins/http/http_impl.c:630:5:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
    strcat(reqBUF, " ");
data/389-ds-base-1.4.4.8/ldap/servers/plugins/http/http_impl.c:634:5:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
    strcat(reqBUF, " ");
data/389-ds-base-1.4.4.8/ldap/servers/plugins/http/http_impl.c:654:5:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
    strcat(reqBUF, "\0");
data/389-ds-base-1.4.4.8/ldap/servers/plugins/http/http_impl.c:823:34:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    *path = (char *)PR_Calloc(1, strlen(dir) + strlen(url) + 2);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/http/http_impl.c:823:48:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    *path = (char *)PR_Calloc(1, strlen(dir) + strlen(url) + 2);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/http/http_impl.c:929:44:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (strncmp(url, http_protopol_header, strlen(http_protopol_header)) == 0) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/http/http_impl.c:930:40:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        newstr = (char *)PR_Calloc(1, (strlen(url) - strlen(http_protopol_header) + 1));
data/389-ds-base-1.4.4.8/ldap/servers/plugins/http/http_impl.c:930:54:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        newstr = (char *)PR_Calloc(1, (strlen(url) - strlen(http_protopol_header) + 1));
data/389-ds-base-1.4.4.8/ldap/servers/plugins/http/http_impl.c:932:9:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
        strcat(newstr, "\0");
data/389-ds-base-1.4.4.8/ldap/servers/plugins/http/http_impl.c:934:52:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    } else if (strncmp(url, https_protopol_header, strlen(https_protopol_header)) == 0) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/http/http_impl.c:935:40:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        newstr = (char *)PR_Calloc(1, (strlen(url) - strlen(https_protopol_header) + 1));
data/389-ds-base-1.4.4.8/ldap/servers/plugins/http/http_impl.c:935:54:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        newstr = (char *)PR_Calloc(1, (strlen(url) - strlen(https_protopol_header) + 1));
data/389-ds-base-1.4.4.8/ldap/servers/plugins/http/http_impl.c:937:9:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
        strcat(newstr, "\0");
data/389-ds-base-1.4.4.8/ldap/servers/plugins/memberof/memberof.c:750:27:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        types_name_len += strlen(types[num_types]);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/memberof/memberof.c:756:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        dn_len = strlen(escaped_filter_val);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/memberof/memberof.c:1817:9:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
        strncpy(dn_str, bv->bv_val, (size_t)bv->bv_len);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/memberof/memberof.c:1926:13:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
            strncpy(dn_str, bv->bv_val, (size_t)bv->bv_len);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/memberof/memberof.c:2013:9:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
        strncpy(dn_str, bv->bv_val, (size_t)bv->bv_len);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/memberof/memberof_config.c:539:35:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            groupattr_name_len += strlen(theConfig.groupattrs[num_groupattrs]);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/mep/mep.c:825:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    end = p + strlen(p) - 1;
data/389-ds-base-1.4.4.8/ldap/servers/plugins/mep/mep.c:1725:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    end = p + strlen(p) - 1;
data/389-ds-base-1.4.4.8/ldap/servers/plugins/mep/mep.c:1923:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    bv.bv_len = strlen(bv.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/pam_passthru/pam_ptconfig.c:247:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        len = strlen(*map_method);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/pam_passthru/pam_ptimpl.c:37:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (s && (strlen(s) < sizeof(buf->fixbuf))) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/passthru/ptconfig.c:271:36:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            suffix->ptsuffix_len = strlen(suffix->ptsuffix_normsuffix);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/passthru/ptconn.c:90:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    dnlen = strlen(normdn);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/passthru/ptutil.c:44:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        bvs[i]->bv_len = strlen(ss[i]);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/posix-winsync/posix-group-func.c:295:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    size_t vallen = value ? strlen(value) : 0;
data/389-ds-base-1.4.4.8/ldap/servers/plugins/posix-winsync/posix-group-task.c:254:36:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            size_t vallen = muid ? strlen(muid) : 0;
data/389-ds-base-1.4.4.8/ldap/servers/plugins/posix-winsync/posix-winsync.c:323:36:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                mod_bval->bv_len = strlen(acctvalstr);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/presence/presence.c:292:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (plugindn == NULL || strlen(plugindn) == 0) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/presence/presence.c:808:38:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    newstr = (char *)slapi_ch_malloc(strlen(str) + strlen(value));
data/389-ds-base-1.4.4.8/ldap/servers/plugins/presence/presence.c:808:52:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    newstr = (char *)slapi_ch_malloc(strlen(str) + strlen(value));
data/389-ds-base-1.4.4.8/ldap/servers/plugins/pwdstorage/clear_pwd.c:29:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    int len_user = strlen(userpwd);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/pwdstorage/clear_pwd.c:30:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    int len_dbp = strlen(dbpwd);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/pwdstorage/crypt_pwd.c:59:41:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        rc = slapi_ct_memcmp(dbpwd, cp, strlen(dbpwd), strlen(cp));
data/389-ds-base-1.4.4.8/ldap/servers/plugins/pwdstorage/crypt_pwd.c:59:56:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        rc = slapi_ct_memcmp(dbpwd, cp, strlen(dbpwd), strlen(cp));
data/389-ds-base-1.4.4.8/ldap/servers/plugins/pwdstorage/md5_pwd.c:50:56:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    PK11_DigestOp(ctx, (const unsigned char *)userpwd, strlen(userpwd));
data/389-ds-base-1.4.4.8/ldap/servers/plugins/pwdstorage/md5_pwd.c:60:43:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        rc = slapi_ct_memcmp(bver, dbpwd, strlen(dbpwd), strlen(bver));
data/389-ds-base-1.4.4.8/ldap/servers/plugins/pwdstorage/md5_pwd.c:60:58:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        rc = slapi_ct_memcmp(bver, dbpwd, strlen(dbpwd), strlen(bver));
data/389-ds-base-1.4.4.8/ldap/servers/plugins/pwdstorage/md5_pwd.c:88:52:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    PK11_DigestOp(ctx, (const unsigned char *)pwd, strlen(pwd));
data/389-ds-base-1.4.4.8/ldap/servers/plugins/pwdstorage/ns-mta-md5_pwd.c:58:36:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if ((saltstr = slapi_ch_malloc(strlen(salt) * 2 + strlen(passwd) + 3)) == NULL) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/pwdstorage/ns-mta-md5_pwd.c:58:55:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if ((saltstr = slapi_ch_malloc(strlen(salt) * 2 + strlen(passwd) + 3)) == NULL) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/pwdstorage/ns-mta-md5_pwd.c:65:55:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    mta_MD5Update(&context, (unsigned char *)saltstr, strlen(saltstr));
data/389-ds-base-1.4.4.8/ldap/servers/plugins/pwdstorage/ns-mta-md5_pwd.c:80:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy(mta_hash, mangled, 32);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/pwdstorage/ns-mta-md5_pwd.c:81:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy(mta_salt, &mangled[32], 32);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/pwdstorage/pbkdf2_pwd.c:160:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    passItem.len = strlen(pwd);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/pwdstorage/pbkdf2_pwd.c:206:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    int32_t dbpwd_len = strlen(dbpwd);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/pwdstorage/pbkdf2_pwd.c:214:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    passItem.len = strlen(userpwd);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/pwdstorage/pwd_util.c:30:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        len = strlen(encval);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/pwdstorage/sha_pwd.c:85:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    dbpwd_len = strlen(dbpwd);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/pwdstorage/smd5_pwd.c:79:56:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    PK11_DigestOp(ctx, (const unsigned char *)userpwd, strlen(userpwd));
data/389-ds-base-1.4.4.8/ldap/servers/plugins/pwdstorage/smd5_pwd.c:122:52:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    PK11_DigestOp(ctx, (const unsigned char *)pwd, strlen(pwd));
data/389-ds-base-1.4.4.8/ldap/servers/plugins/pwdstorage/ssha_pwd.c:65:54:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            PK11_DigestOp(ctx, (unsigned char *)pwd, strlen(pwd));
data/389-ds-base-1.4.4.8/ldap/servers/plugins/pwdstorage/ssha_pwd.c:76:84:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        rc = PK11_HashBuf(secOID, (unsigned char *)hash_out, (unsigned char *)pwd, strlen(pwd));
data/389-ds-base-1.4.4.8/ldap/servers/plugins/referint/referint.c:1597:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        len_to_write += strlen(newrdn);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/referint/referint.c:1608:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        (reqdn_len = strlen(requestordn))) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/referint/referint.c:1624:36:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        if (PR_Write(prfd, buffer, strlen(buffer)) < 0) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_api.c:1431:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    size += strlen(op->target_address.uniqueid) + 1;
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_api.c:1436:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            size += strlen(op->p.p_add.parentuniqueid) + 1;
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_api.c:1440:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        size += strlen(rawDN) + 1;
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_api.c:1462:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        size += strlen(op->p.p_modrdn.modrdn_newrdn) + 2;
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_api.c:1468:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            size += strlen(op->p.p_modrdn.modrdn_newsuperior_address.uniqueid) + 1;
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_api.c:1710:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        (*buff) += strlen(str) + 1;
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_api.c:1722:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        int len = strlen(*buff);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_api.c:1734:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        (*buff) += strlen(*buff) + 1;
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_api.c:1997:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    size = 1 + strlen(mod->mod_type) + 1 + sizeof(mod->mod_op);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_api.c:3261:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    len += LDIF_SIZE_NEEDED(strlen(T_CHANGETYPESTR), strlen(strType));
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_api.c:3261:54:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    len += LDIF_SIZE_NEEDED(strlen(T_CHANGETYPESTR), strlen(strType));
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_api.c:3262:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    len += LDIF_SIZE_NEEDED(strlen(T_REPLGEN), strlen(replGen));
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_api.c:3262:48:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    len += LDIF_SIZE_NEEDED(strlen(T_REPLGEN), strlen(replGen));
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_api.c:3263:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    len += LDIF_SIZE_NEEDED(strlen(T_CSNSTR), strlen(strCSN));
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_api.c:3263:47:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    len += LDIF_SIZE_NEEDED(strlen(T_CSNSTR), strlen(strCSN));
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_api.c:3264:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    len += LDIF_SIZE_NEEDED(strlen(T_UNIQUEIDSTR), strlen(op->target_address.uniqueid));
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_api.c:3264:52:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    len += LDIF_SIZE_NEEDED(strlen(T_UNIQUEIDSTR), strlen(op->target_address.uniqueid));
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_api.c:3274:37:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            len += LDIF_SIZE_NEEDED(strlen(T_PARENTIDSTR), strlen(op->p.p_add.parentuniqueid));
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_api.c:3274:60:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            len += LDIF_SIZE_NEEDED(strlen(T_PARENTIDSTR), strlen(op->p.p_add.parentuniqueid));
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_api.c:3276:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        len += LDIF_SIZE_NEEDED(strlen(T_DNSTR), strlen(rawDN));
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_api.c:3276:50:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        len += LDIF_SIZE_NEEDED(strlen(T_DNSTR), strlen(rawDN));
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_api.c:3278:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        len += LDIF_SIZE_NEEDED(strlen(T_CHANGESTR), l->ls_len);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_api.c:3288:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        len += LDIF_SIZE_NEEDED(strlen(T_DNSTR), REPL_GET_DN_LEN(&op->target_address));
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_api.c:3290:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        len += LDIF_SIZE_NEEDED(strlen(T_CHANGESTR), l->ls_len);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_api.c:3299:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        len += LDIF_SIZE_NEEDED(strlen(T_DNSTR), REPL_GET_DN_LEN(&op->target_address));
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_api.c:3300:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        len += LDIF_SIZE_NEEDED(strlen(T_NEWRDNSTR), strlen(op->p.p_modrdn.modrdn_newrdn));
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_api.c:3300:54:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        len += LDIF_SIZE_NEEDED(strlen(T_NEWRDNSTR), strlen(op->p.p_modrdn.modrdn_newrdn));
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_api.c:3302:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        len += LDIF_SIZE_NEEDED(strlen(T_DRDNFLAGSTR),
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_api.c:3303:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                                strlen(strDeleteOldRDN));
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_api.c:3305:37:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            len += LDIF_SIZE_NEEDED(strlen(T_NEWSUPERIORDNSTR),
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_api.c:3308:37:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            len += LDIF_SIZE_NEEDED(strlen(T_NEWSUPERIORIDSTR),
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_api.c:3309:37:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                                    strlen(op->p.p_modrdn.modrdn_newsuperior_address.uniqueid));
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_api.c:3311:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        len += LDIF_SIZE_NEEDED(strlen(T_CHANGESTR), l->ls_len);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_api.c:3320:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        len += LDIF_SIZE_NEEDED(strlen(T_DNSTR), REPL_GET_DN_LEN(&op->target_address));
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_api.c:3339:89:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    slapi_ldif_put_type_and_value_with_options(&buff, T_CHANGETYPESTR, (char *)strType, strlen(strType), 0);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_api.c:3340:83:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    slapi_ldif_put_type_and_value_with_options(&buff, T_REPLGEN, (char *)replGen, strlen(replGen), 0);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_api.c:3341:81:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    slapi_ldif_put_type_and_value_with_options(&buff, T_CSNSTR, (char *)strCSN, strlen(strCSN), 0);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_api.c:3343:48:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                                               strlen(op->target_address.uniqueid), 0);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_api.c:3349:84:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                                                       op->p.p_add.parentuniqueid, strlen(op->p.p_add.parentuniqueid), 0);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_api.c:3350:75:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        slapi_ldif_put_type_and_value_with_options(&buff, T_DNSTR, rawDN, strlen(rawDN), 0);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_api.c:3365:52:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                                                   strlen(op->p.p_modrdn.modrdn_newrdn), 0);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_api.c:3367:52:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                                                   strlen(strDeleteOldRDN), 0);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_api.c:3375:56:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                                                       strlen(op->p.p_modrdn.modrdn_newsuperior_address.uniqueid), 0);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_api.c:3431:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                        strlen(T_CHANGETYPESTR) > type.bv_len ? strlen(T_CHANGETYPESTR) : type.bv_len) == 0) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_api.c:3431:65:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                        strlen(T_CHANGETYPESTR) > type.bv_len ? strlen(T_CHANGETYPESTR) : type.bv_len) == 0) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_api.c:3458:32:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                               strlen(T_CHANGESTR) > type.bv_len ? strlen(T_CHANGESTR) : type.bv_len) == 0) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_api.c:3458:68:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                               strlen(T_CHANGESTR) > type.bv_len ? strlen(T_CHANGESTR) : type.bv_len) == 0) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_api.c:4267:38:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    slapi_write_buffer(prFile, "\n", strlen("\n"));
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_test.c:514:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    ch = &(baseDir[strlen(dir) - 2]);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_test.c:544:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            bv.bv_len = strlen(bv.bv_val) + 1;
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/cl5_test.c:717:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    bv.bv_len = strlen(bv.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_agmt.c:474:9:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
        strncpy(hostname, ra->hostname ? ra->hostname : "(unknown)", sizeof(hostname));
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_agmt.c:1476:30:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    size_t filterstringlen = strlen(filterstring);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_agmt.c:1491:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    size_t excludestringlen = strlen(excludestring);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_agmt.c:1521:9:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
        strncpy(tmpstr, beginstr, stringlen);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_agmt.c:2854:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            buflen += strlen(tmp_buf);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_agmt.c:3325:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        val.bv_len = strlen(val.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_agmt.c:3455:38:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                        val.bv_len = strlen(maxcsns[i]);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_connection.c:1489:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        vallen = strlen(value);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_replica.c:504:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    val.bv_len = strlen(val.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_replica.c:1270:27:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                int len = strlen(ref);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_replica.c:2113:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    val[0].bv_len = strlen(value);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_replica.c:2196:36:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            if (forcing == NULL || strlen(forcing) > 3) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_replica.c:2790:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        val.bv_len = strlen(val.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_replica.c:2988:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            v.bv_len = strlen(SLAPI_ATTR_VALUE_TOMBSTONE);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_replica_config.c:2636:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    val.bv_len = strlen(data);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_replica_config.c:2691:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    val.bv_len = strlen(data);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_replica_config.c:2750:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        val.bv_len = strlen(data);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_replica_config.c:2834:41:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                        val[0].bv_len = strlen(aval);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_ruv.c:177:47:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            size_t localhostlen = localhost ? strlen(localhost) : 0;
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_ruv.c:189:73:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                    if (strncmp(bval->bv_val, prefix_replicageneration, strlen(prefix_replicageneration)) == 0) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_ruv.c:203:122:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                            if ((*contain_purl == 0) && ruve->replica_purl && purl && (strncmp(ruve->replica_purl, purl, strlen(purl)) == 0)) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_ruv.c:257:76:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                    if (strncmp(vals[i]->bv_val, prefix_replicageneration, strlen(prefix_replicageneration)) == 0) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_ruv.c:1029:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        bv->bv_len = strlen(bv->bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_ruv.c:1057:39:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        returned_bervals[0]->bv_len = strlen(returned_bervals[0]->bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_ruv.c:1182:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        val.bv_len = strlen(buf);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_ruv.c:1188:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            val.bv_len = strlen(buf);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_ruv.c:1221:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            val.bv_len = strlen(buf);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_ruv.c:1463:42:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        slapi_write_buffer(prFile, buff, strlen(buff));
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_ruv.c:1479:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        if (strlen(csnstr1) > 0) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_ruv.c:1480:32:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            PR_snprintf(buff + strlen(buff) - 1, len - strlen(buff), " %08lx\n",
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_ruv.c:1480:56:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            PR_snprintf(buff + strlen(buff) - 1, len - strlen(buff), " %08lx\n",
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_ruv.c:1484:46:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            slapi_write_buffer(prFile, buff, strlen(buff));
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_ruv.c:1932:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        (bval->bv_len > strlen(prefix_replicageneration)) &&
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_ruv.c:1934:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                    strlen(prefix_replicageneration)) == 0) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_ruv.c:1935:30:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        unsigned int index = strlen(prefix_replicageneration);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_ruv.c:1967:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        bval->bv_len <= strlen(prefix_ruvcsn) ||
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_ruv.c:1968:50:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        strncasecmp(bval->bv_val, prefix_ruvcsn, strlen(prefix_ruvcsn)) != 0) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_ruv.c:1975:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        unsigned int urlbegin = strlen(prefix_ruvcsn);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_ruv.c:2341:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    val0.bv_len = strlen(val0.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_ruv.c:2344:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    val1.bv_len = strlen(val1.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_ruv.c:2347:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    val2.bv_len = strlen(val2.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_ruv.c:2350:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    val3.bv_len = strlen(val3.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_total.c:706:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        bv.bv_len = strlen(bv.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_total.c:711:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        bv.bv_len = strlen(bv.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_updatedn_list.c:304:46:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    int newlen = slapi_sdn_get_ndn_len(dn) + strlen(data->delimiter) + 1;
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl5_updatedn_list.c:306:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        newlen += strlen(data->string);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl_controls.c:214:13:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
            strncpy(*uuid, uuid_val.bv_val, uuid_val.bv_len);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl_controls.c:220:13:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
            strncpy(csnstr, csn_val.bv_val, csn_val.bv_len);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl_controls.c:228:13:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
            strncpy(*superior_uuid, superior_uuid_val.bv_val,
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/repl_extop.c:778:13:  [1] (obsolete) usleep:
  This C routine is considered obsolete (as opposed to the shell command by
  the same name). The interaction of this function with SIGALRM and other
  timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
  unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
            usleep(200000);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/replutil.c:98:42:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        (*mod)->mod_bvalues[0]->bv_len = strlen(val);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/replutil.c:189:24:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
        return_value = read(source_fd, buffer, 64 * 1024);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/replutil.c:297:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            len = strlen(ldm[i]->mod_type);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/replutil.c:532:39:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        control->ldctl_value.bv_len = strlen(be_name);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/replutil.c:572:14:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    p = s1 + strlen(s1);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/replutil.c:643:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            int len = strlen(referrals_to_set[ii]);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/replutil.c:651:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            len += (strlen(cdn) * 3) + 2; /* 3 for %HH possible per char */
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/test_repl_session_plugin.c:83:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    (*data)->bv_len = strlen((*data)->bv_val) + 1;
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/test_repl_session_plugin.c:117:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    (*data)->bv_len = strlen((*data)->bv_val) + 1;
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/tests/dnp_sim.c:271:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            if (strlen(line) == 0) /* skip empty lines */
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/tests/dnp_sim.c:285:14:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (line[strlen(line) - 1] == '\n')
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/tests/dnp_sim.c:286:14:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        line[strlen(line) - 1] = '\0';
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/tests/dnp_sim2.c:276:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            if (strlen(line) == 0) /* skip empty lines */
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/tests/dnp_sim2.c:290:14:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (line[strlen(line) - 1] == '\n')
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/tests/dnp_sim2.c:291:14:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        line[strlen(line) - 1] = '\0';
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/tests/dnp_sim3.c:321:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            if (strlen(line) == 0) /* skip empty lines */
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/tests/dnp_sim3.c:344:14:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (line[strlen(line) - 1] == '\n')
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/tests/dnp_sim3.c:345:14:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        line[strlen(line) - 1] = '\0';
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/tests/dnp_sim3.c:348:36:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (strncmp(line, ADD_KEYWORD, strlen(ADD_KEYWORD)) == 0) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/tests/dnp_sim3.c:350:28:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        pos = strchr(&line[strlen(ADD_KEYWORD)], ' ');
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/tests/dnp_sim3.c:357:9:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
        strncpy(buff, &line[strlen(ADD_KEYWORD)], pos - &line[strlen(ADD_KEYWORD)]);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/tests/dnp_sim3.c:357:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        strncpy(buff, &line[strlen(ADD_KEYWORD)], pos - &line[strlen(ADD_KEYWORD)]);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/tests/dnp_sim3.c:357:63:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        strncpy(buff, &line[strlen(ADD_KEYWORD)], pos - &line[strlen(ADD_KEYWORD)]);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/tests/dnp_sim3.c:362:44:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    else if (strncmp(line, DELETE_KEYWORD, strlen(DELETE_KEYWORD)) == 0) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/tests/dnp_sim3.c:363:28:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        pos = strchr(&line[strlen(DELETE_KEYWORD)], ' ');
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/tests/dnp_sim3.c:367:51:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            sim.ops[i - 1].sv_attr = strcmp(&line[strlen(DELETE_KEYWORD)],
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/tests/dnp_sim3.c:373:13:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
            strncpy(buff, &line[strlen(DELETE_KEYWORD)],
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/tests/dnp_sim3.c:373:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            strncpy(buff, &line[strlen(DELETE_KEYWORD)],
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/tests/dnp_sim3.c:374:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                    pos - &line[strlen(DELETE_KEYWORD)]);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/tests/dnp_sim3.c:385:28:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        pos = strchr(&line[strlen(RENAME_KEYWORD)], ' ');
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/tests/dnp_sim3.c:392:9:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
        strncpy(buff, &line[strlen(RENAME_KEYWORD)], pos - &line[strlen(RENAME_KEYWORD)]);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/tests/dnp_sim3.c:392:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        strncpy(buff, &line[strlen(RENAME_KEYWORD)], pos - &line[strlen(RENAME_KEYWORD)]);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/tests/dnp_sim3.c:392:66:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        strncpy(buff, &line[strlen(RENAME_KEYWORD)], pos - &line[strlen(RENAME_KEYWORD)]);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/tests/dnp_sim3.c:402:13:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
            strncpy(buff, pos + 1, pos2 - pos - 1);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/tests/dnp_sim3.c:404:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            pos2 += strlen(DELET_OLD_RDN_KEYWORD);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/tests/dnp_sim3.c:412:13:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
            strncpy(buff, pos2, pos - pos2);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/urp.c:1366:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            bv.bv_len = strlen(bv.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/urp.c:1890:65:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (NULL == basedn || strncmp (basedn, SLAPI_ATTR_UNIQUEID, strlen(SLAPI_ATTR_UNIQUEID)) == 0)
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/urp.c:2185:10:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
         strlen(SLAPI_ATTR_UNIQUEID)) != 0 ) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/urp.c:2186:71:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        slapi_mods_add(&smods, LDAP_MOD_ADD, ATTR_NSDS5_REPLCONFLICT, strlen(buf), buf);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/urp.c:2193:75:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        slapi_mods_add(&smods, LDAP_MOD_REPLACE, ATTR_NSDS5_REPLCONFLICT, strlen(buf), buf);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/urp.c:2234:64:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        slapi_mods_add(&smods, LDAP_MOD_DELETE, "objectclass", strlen("ldapsubentry"),"ldapsubentry");
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/urp_glue.c:50:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        v.bv_len = strlen(v.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/urp_glue.c:141:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        rdntype_len = strlen(rdntype);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/urp_glue.c:142:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        rdnval_len = strlen(rdnval);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/urp_glue.c:144:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        rdnstr_len = strlen(rdnstr);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/urp_tombstone.c:282:57:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    slapi_mods_add(&smods, LDAP_MOD_ADD, "objectclass", strlen("ldapsubentry"), "ldapsubentry");
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/urp_tombstone.c:283:60:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    slapi_mods_add(&smods, LDAP_MOD_DELETE, "objectclass", strlen("glue"), "glue");
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/urp_tombstone.c:284:61:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    slapi_mods_add(&smods, LDAP_MOD_REPLACE, "conflictcsn", strlen(csnstr), csnstr);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/urp_tombstone.c:287:67:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    slapi_mods_add(&smods, LDAP_MOD_ADD, ATTR_NSDS5_REPLCONFLICT, strlen(buf), buf);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/urp_tombstone.c:434:69:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    slapi_mods_add(&smods, LDAP_MOD_DELETE, SLAPI_ATTR_OBJECTCLASS, strlen("glue"), "glue");
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/windows_connection.c:520:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                int sizea = strlen(a) + 2;
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/windows_connection.c:549:44:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                            int sizenewa = strlen(newa);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/windows_connection.c:600:44:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                        PR_snprintf(newa + strlen(newa), strlen(a) + 2 - strlen(newa),
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/windows_connection.c:600:58:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                        PR_snprintf(newa + strlen(newa), strlen(a) + 2 - strlen(newa),
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/windows_connection.c:600:74:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                        PR_snprintf(newa + strlen(newa), strlen(a) + 2 - strlen(newa),
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/windows_connection.c:1555:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        vallen = strlen(value);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/windows_protocol_util.c:808:83:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                u_strFromUTF8(NULL, 0, &unicode_password_length, quoted_password, strlen(quoted_password), &error);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/windows_protocol_util.c:820:109:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                    u_strFromUTF8(unicode_password, buffer_size, &unicode_password_length, quoted_password, strlen(quoted_password), &error);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/windows_protocol_util.c:1917:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            if ((strlen(password_value) >= PASSWD_CLEAR_PREFIX_LEN + 1) &&
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/windows_protocol_util.c:2055:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                    if (strlen(initials_value) > AD_INITIALS_LENGTH) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/windows_protocol_util.c:2935:34:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                            if ((strlen(password_value) >= PASSWD_CLEAR_PREFIX_LEN + 1) &&
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/windows_protocol_util.c:3315:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (strlen(*str) == NTUNIQUEID_LENGTH) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/windows_protocol_util.c:3381:9:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
        strncpy(guid, colon_offset + 1, (comma_offset - colon_offset) - 1);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/windows_protocol_util.c:4620:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                            if (strlen(initials_value) > AD_INITIALS_LENGTH) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/windows_protocol_util.c:4763:37:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                                if (strlen(initials_value) > AD_INITIALS_LENGTH) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/replication/windows_protocol_util.c:5140:37:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            size_t new_member_len = strlen(new_member);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/retrocl/retrocl.c:494:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            size_t length = strlen(value);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/retrocl/retrocl.c:506:17:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
                strncpy(retrocl_attributes[i], value, pos - value);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/retrocl/retrocl_cn.c:38:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    c = strntoul((char *)p, strlen(p), 10);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/retrocl/retrocl_create.c:62:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    val.bv_len = strlen(val.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/retrocl/retrocl_create.c:67:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    val.bv_len = strlen(val.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/retrocl/retrocl_create.c:71:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    val.bv_len = strlen(val.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/retrocl/retrocl_create.c:75:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    val.bv_len = strlen(val.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/retrocl/retrocl_create.c:79:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    val.bv_len = strlen(val.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/retrocl/retrocl_create.c:83:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    val.bv_len = strlen(val.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/retrocl/retrocl_create.c:87:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    val.bv_len = strlen(val.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/retrocl/retrocl_create.c:92:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        val.bv_len = strlen(val.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/retrocl/retrocl_create.c:129:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    val.bv_len = strlen(val.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/retrocl/retrocl_create.c:133:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    val.bv_len = strlen(val.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/retrocl/retrocl_create.c:137:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    val.bv_len = strlen(val.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/retrocl/retrocl_create.c:141:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    val.bv_len = strlen(val.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/retrocl/retrocl_create.c:145:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    val.bv_len = strlen(val.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/retrocl/retrocl_create.c:238:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    val.bv_len = strlen(val.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/retrocl/retrocl_create.c:243:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    val.bv_len = strlen(val.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/retrocl/retrocl_create.c:247:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    val.bv_len = strlen(val.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/retrocl/retrocl_create.c:251:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    val.bv_len = strlen(val.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/retrocl/retrocl_create.c:255:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    val.bv_len = strlen(val.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/retrocl/retrocl_create.c:308:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    val.bv_len = strlen(val.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/retrocl/retrocl_create.c:314:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    val.bv_len = strlen(val.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/retrocl/retrocl_create.c:320:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    val.bv_len = strlen(val.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/retrocl/retrocl_po.c:104:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            len = strlen(ldm[i]->mod_type);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/retrocl/retrocl_po.c:233:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            val.bv_len = strlen(uniqueId);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/retrocl/retrocl_po.c:250:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            val.bv_len = strlen(attributeValue);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/retrocl/retrocl_po.c:300:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    val.bv_len = strlen(chnobuf);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/retrocl/retrocl_po.c:305:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    val.bv_len = strlen(dn);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/retrocl/retrocl_po.c:310:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    val.bv_len = strlen(val.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/retrocl/retrocl_po.c:518:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        val.bv_len = strlen(newrdn);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/retrocl/retrocl_po.c:533:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        val.bv_len = strlen(newsuperior);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/retrocl/retrocl_rootdse.c:52:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            val.bv_len = strlen(val.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/retrocl/retrocl_rootdse.c:60:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        val.bv_len = strlen(val.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/retrocl/retrocl_rootdse.c:67:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        val.bv_len = strlen(val.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/rever/pbe.c:94:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                    len = 3 + strlen(scheme) + strlen(context->algid_base64) + strlen(base) + 1;
data/389-ds-base-1.4.4.8/ldap/servers/plugins/rever/pbe.c:94:48:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                    len = 3 + strlen(scheme) + strlen(context->algid_base64) + strlen(base) + 1;
data/389-ds-base-1.4.4.8/ldap/servers/plugins/rever/pbe.c:94:80:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                    len = 3 + strlen(scheme) + strlen(context->algid_base64) + strlen(base) + 1;
data/389-ds-base-1.4.4.8/ldap/servers/plugins/rever/pbe.c:105:52:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                    if ((tmp = slapi_ch_malloc(3 + strlen(scheme) + strlen(base)))) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/rever/pbe.c:105:69:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                    if ((tmp = slapi_ch_malloc(3 + strlen(scheme) + strlen(base)))) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/rever/pbe.c:233:68:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (slapi_uniqueIDGenerateFromNameString(&iv, NULL, configdir, strlen(configdir)) != UID_SUCCESS) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/rever/pbe.c:244:48:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    pwitem->data = (unsigned char *)PORT_Alloc(strlen(iv) + 1);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/rever/pbe.c:250:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    pwitem->len = strlen(iv) + 1;
data/389-ds-base-1.4.4.8/ldap/servers/plugins/rever/pbe.c:258:46:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    salt->data = (unsigned char *)PORT_Alloc(strlen(iv) + 1);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/rever/pbe.c:264:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    salt->len = strlen(iv) + 1;
data/389-ds-base-1.4.4.8/ldap/servers/plugins/rever/pbe.c:282:58:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        store->algid_base64 = PL_Base64Encode(der_ascii, strlen(der_ascii), NULL);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/rever/pbe.c:290:42:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        der_ascii = PL_Base64Decode(alg, strlen(alg), NULL);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/rever/pbe.c:457:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    store->length = strlen(clear);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/roles/roles_cache.c:1116:14:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        if ((strlen((char *)slapi_sdn_get_ndn(rolescopeSDN)) > 0) &&
data/389-ds-base-1.4.4.8/ldap/servers/plugins/roles/roles_cache.c:1172:40:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                (*(filter_attr_value + strlen(filter_attr_value) - 1) == ')')) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/roles/roles_cache.c:1968:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    bv->bv_len = strlen(string);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/rootdn_access/rootdn_access.c:285:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            if (strlen(openTime) != 4) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/rootdn_access/rootdn_access.c:295:13:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
            strncpy(hour, openTime, 2);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/rootdn_access/rootdn_access.c:296:13:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
            strncpy(min, openTime + 2, 2);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/rootdn_access/rootdn_access.c:316:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            if (strlen(closeTime) != 4) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/rootdn_access/rootdn_access.c:326:13:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
            strncpy(hour, closeTime, 2);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/rootdn_access/rootdn_access.c:327:13:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
            strncpy(min, closeTime + 2, 2);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/rootdn_access/rootdn_access.c:646:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                ip_len = strlen(ip);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/rootdn_access/rootdn_access.c:670:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                ip_len = strlen(ip);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/rootdn_access/rootdn_access.c:701:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    size_t host_len = strlen(host);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/rootdn_access/rootdn_access.c:702:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    size_t client_len = strlen(client_host);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/rootdn_access/rootdn_access.c:725:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    size_t ip_len = strlen(ip);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/rootdn_access/rootdn_access.c:730:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (strlen(client_ip) < ip_len) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/rootdn_access/rootdn_access.c:746:35:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    for (size_t i = 0; str && i < strlen(str); i++) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/sync/sync_util.c:650:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            if (strlen(p) < 20) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/sync/sync_util.c:682:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            PR_ASSERT(strlen(p) == 14);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/syntaxes/string.c:58:36:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            bvfilter_norm.bv_len = strlen(bvfilter_norm.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/syntaxes/string.c:237:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            size = strlen(initial) + 1; /* add 1 for "^" */
data/389-ds-base-1.4.4.8/ldap/servers/plugins/syntaxes/string.c:243:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                size += strlen(any[i++]) + 2; /* add 2 for ".*" */
data/389-ds-base-1.4.4.8/ldap/servers/plugins/syntaxes/string.c:248:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            size += strlen(final) + 3; /* add 3 for ".*" and "$" */
data/389-ds-base-1.4.4.8/ldap/servers/plugins/syntaxes/string.c:305:13:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
            strcat(p, "$");
data/389-ds-base-1.4.4.8/ldap/servers/plugins/syntaxes/string.c:345:13:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
            strncpy(realval, bvp->bv_val, sizeof(buf));
data/389-ds-base-1.4.4.8/ldap/servers/plugins/syntaxes/string.c:348:13:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
            strncpy(realval, bvp->bv_val, tmpbufsize);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/syntaxes/string.c:352:13:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
            strncpy(realval, bvp->bv_val, tmpbufsize);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/syntaxes/string.c:673:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            tmpval->bv.bv_len = strlen(tmpval->bv.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/syntaxes/string.c:694:42:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                (*ivals)[0]->bv.bv_len = strlen((*ivals)[0]->bv.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/syntaxes/string.c:807:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        initiallen = strlen(altinit);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/syntaxes/string.c:831:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        len = strlen(altany[i]);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/syntaxes/string.c:843:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        finallen = strlen(altfinal);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/syntaxes/string.c:875:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        len = strlen(altany[i]);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/syntaxes/value.c:262:30:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                v1->bv_len = strlen(alt);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/syntaxes/value.c:265:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                if (strlen(alt) < buffer_space) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/syntaxes/value.c:266:34:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                    v1->bv_len = strlen(alt);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/syntaxes/value.c:274:34:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                    v1->bv_len = strlen(alt);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/syntaxes/value.c:307:30:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                v2->bv_len = strlen(alt);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/syntaxes/value.c:310:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                if (strlen(alt) < buffer_space) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/syntaxes/value.c:311:34:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                    v2->bv_len = strlen(alt);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/syntaxes/value.c:319:34:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                    v2->bv_len = strlen(alt);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/syntaxes/value.c:357:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        rc = (strlen(v1->bv_val) - strlen(v2->bv_val));
data/389-ds-base-1.4.4.8/ldap/servers/plugins/syntaxes/value.c:357:36:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        rc = (strlen(v1->bv_val) - strlen(v2->bv_val));
data/389-ds-base-1.4.4.8/ldap/servers/plugins/uiduniq/7bit.c:282:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            val.bv_len = strlen(val.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/uiduniq/uid.c:382:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        attrLen += strlen((tmp_config->attrs)[i]) + 1;
data/389-ds-base-1.4.4.8/ldap/servers/plugins/uiduniq/uid.c:388:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        fp += strlen((tmp_config->attrs)[i]);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/uiduniq/uid.c:389:9:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
        strcpy(fp, " ");
data/389-ds-base-1.4.4.8/ldap/servers/plugins/uiduniq/uid.c:476:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        attrLen[i] += strlen(attributes[i]);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/uiduniq/uid.c:496:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        classLen = strlen(requiredObjectClass);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/uiduniq/uid.c:539:13:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
            strcpy(fp, "(");
data/389-ds-base-1.4.4.8/ldap/servers/plugins/uiduniq/uid.c:556:13:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
            strcpy(fp, ")");
data/389-ds-base-1.4.4.8/ldap/servers/plugins/uiduniq/uid.c:559:9:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
        strcpy(fp, ")");
data/389-ds-base-1.4.4.8/ldap/servers/plugins/usn/usn.c:322:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    usn_berval.bv_len = strlen(usn_berval.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/usn/usn.c:368:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    usn_berval.bv_len = strlen(usn_berval.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/usn/usn.c:711:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            usn_berval.bv_len = strlen(usn_berval.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/usn/usn.c:734:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            usn_berval.bv_len = strlen(usn_berval.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/plugins/usn/usn.c:736:46:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            if (USN_LAST_USN_ATTR_CORE_LEN + strlen(be->be_name) + 2 > attr_len) {
data/389-ds-base-1.4.4.8/ldap/servers/plugins/usn/usn_cleanup.c:85:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            strlen(filter) + strlen(cleanup_data->maxusn_to_delete) + 32;
data/389-ds-base-1.4.4.8/ldap/servers/plugins/usn/usn_cleanup.c:85:30:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            strlen(filter) + strlen(cleanup_data->maxusn_to_delete) + 32;
data/389-ds-base-1.4.4.8/ldap/servers/plugins/views/views.c:1307:42:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                            val.bv_len = strlen(theView->viewfilter) + 1;
data/389-ds-base-1.4.4.8/ldap/servers/plugins/whoami/whoami.c:72:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        retbval.bv_len = strlen(retbval.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/add.c:120:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        if (rawdn && (strlen(rawdn) > 0) &&
data/389-ds-base-1.4.4.8/ldap/servers/slapd/add.c:858:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                bv.bv_len = strlen(bv.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/add.c:861:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                bv.bv_len = strlen(bv.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/add.c:877:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            bv.bv_len = strlen(bv.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/add.c:885:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            bv.bv_len = strlen(bv.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/add.c:895:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    bv.bv_len = strlen(bv.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/add.c:899:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    bv.bv_len = strlen(bv.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/agtmmap.c:257:9:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
        strncpy(pHdrInfo->dsVersion, pfile_stats->hdr_stats.dsVersion,
data/389-ds-base-1.4.4.8/ldap/servers/slapd/agtmmap.c:260:9:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
        strncpy(pHdrInfo->dsName, pfile_stats->hdr_stats.dsName,
data/389-ds-base-1.4.4.8/ldap/servers/slapd/agtmmap.c:263:9:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
        strncpy(pHdrInfo->dsDescription, pfile_stats->hdr_stats.dsDescription,
data/389-ds-base-1.4.4.8/ldap/servers/slapd/agtmmap.c:266:9:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
        strncpy(pHdrInfo->dsOrganization, pfile_stats->hdr_stats.dsOrganization,
data/389-ds-base-1.4.4.8/ldap/servers/slapd/agtmmap.c:269:9:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
        strncpy(pHdrInfo->dsLocation, pfile_stats->hdr_stats.dsLocation,
data/389-ds-base-1.4.4.8/ldap/servers/slapd/agtmmap.c:272:9:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
        strncpy(pHdrInfo->dsContact, pfile_stats->hdr_stats.dsContact,
data/389-ds-base-1.4.4.8/ldap/servers/slapd/attr.c:458:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        len = strlen(type);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/attr.c:884:17:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
                strncpy(&bvvalcopy[0], vals[duplicate_index]->bv.bv_val, i);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/auditlog.c:164:37:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (auditfail_config == NULL || strlen(auditfail_config) == 0 || PL_strcasecmp(auditfail_config, audit_config) == 0) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/auditlog.c:275:27:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                    len = strlen(mods[j]->mod_type);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/ava.c:65:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    ava->ava_value.bv_len = strlen(s);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ancestorid.c:299:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        len += strlen(rdns1[i]) + 1;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ancestorid.c:306:14:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        p += strlen(p);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/cache.c:284:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            len = strlen(ep_id);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/cache.c:935:28:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            sprintf(*out + strlen(*out), "; ");
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/cache.c:958:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        sprintf(*out + strlen(*out), "%s hash: %lu slots, %d items (%d max "
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/cache.c:963:28:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            sprintf(*out + strlen(*out), "%d[%d] ", j, slot_stats[j]);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/cache.c:993:52:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (remove_hash(cache->c_dntable, (void *)ndn, strlen(ndn))) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/cache.c:1013:55:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (remove_hash(cache->c_uuidtable, (void *)uuid, strlen(uuid))) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/cache.c:1137:69:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        found_in_dn = remove_hash(cache->c_dntable, (void *)oldndn, strlen(oldndn));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/cache.c:1140:74:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        found_in_uuid = remove_hash(cache->c_uuidtable, (void *)olduuid, strlen(olduuid));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/cache.c:1153:59:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        if (remove_hash(cache->c_dntable, (void *)newndn, strlen(newndn))) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/cache.c:1187:53:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (!add_hash(cache->c_dntable, (void *)newndn, strlen(newndn), newe, (void **)&alte)) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/cache.c:1196:59:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        if (remove_hash(cache->c_dntable, (void *)newndn, strlen(newndn)) == 0) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/cache.c:1203:67:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (newuuid && !add_hash(cache->c_uuidtable, (void *)newuuid, strlen(newuuid), newe, NULL)) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/cache.c:1205:59:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        if (remove_hash(cache->c_dntable, (void *)newndn, strlen(newndn)) == 0) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/cache.c:1279:68:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                    if (remove_hash(cache->c_dntable, (void *)ndn, strlen(ndn)) == 0) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/cache.c:1383:45:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (find_hash(cache->c_uuidtable, uuid, strlen(uuid), (void **)&e)) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/cache.c:1434:50:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (!add_hash(cache->c_dntable, (void *)ndn, strlen(ndn), e,
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/cache.c:1527:60:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            if (remove_hash(cache->c_dntable, (void *)ndn, strlen(ndn)) == 0) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/cache.c:1539:61:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            if (!add_hash(cache->c_uuidtable, (void *)uuid, strlen(uuid), e,
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/cache.c:1543:64:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                if (remove_hash(cache->c_dntable, (void *)ndn, strlen(ndn)) == 0) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_config.c:117:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    for (x = 0; strlen(entries[x]) > 0; x++) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_config.c:346:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (strlen(BDB_CONFIG(li)->bdb_log_directory) > 0)
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_config.c:358:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (strlen(BDB_CONFIG(li)->bdb_log_directory) > 0)
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_config.c:1796:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        val.bv_len = strlen(buf);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_config.c:2217:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    bval.bv_len = strlen(value);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_config.c:2257:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        bval.bv_len = strlen(value);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_import.c:219:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    len = strlen(job->task_status);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_import.c:224:9:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
        strcat(job->task_status, "\n");
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_import.c:334:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    *ppid = strtoul(p + strlen(PARENTID_STR), NULL, 10);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_import.c:1047:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                       strlen(value_buffer), value_buffer);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_import_threads.c:64:80:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                                                      job->uuid_namespace, dn, strlen(dn));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_import_threads.c:152:19:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
            ret = read(fd, c->b, LDIF_BUFFER_SIZE);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_import_threads.c:326:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    bv.bv_len = strlen(bv.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_import_threads.c:404:17:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
            if (read(fd, (void *)&idx, 1) > 0) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_import_threads.c:1237:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    char *endp = p + strlen(str);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_import_threads.c:1295:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    len = strlen(strids);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_import_threads.c:1850:28:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            endrdn = rdn + strlen(rdn) - 1;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_import_threads.c:1932:45:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                        endvalue = *rdnsp + strlen(*rdnsp) - 1;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_import_threads.c:1936:34:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                        if (0 == strlen(valueptr)) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_import_threads.c:2336:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    bv.bv_len = strlen(bv.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_import_threads.c:3534:12:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    dlen = strlen(dest_dir);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_import_threads.c:3566:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        int32_t l = strlen(slapi_entry_get_dn_const(*ep)) + 5 /* "dn: \n" */;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_import_threads.c:3599:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            attr_name_len = strlen(attr_name);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_import_threads.c:3603:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                l = strlen(attr_val->bv_val) + attr_name_len + 3; /* : \n" */
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_import_threads.c:3985:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    usn_berval.bv_len = strlen(usn_berval.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_instance_config.c:32:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        int len = strlen(inst->inst_parent_dir_name) +
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_instance_config.c:33:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                  strlen(inst->inst_dir_name) + 2;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_instance_config.c:56:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if ((value == NULL) || (strlen(value) == 0)) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_instance_config.c:181:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                        strlen(p) == strlen(LDBM_FILENAME_SUFFIX)) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_instance_config.c:181:38:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                        strlen(p) == strlen(LDBM_FILENAME_SUFFIX)) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_instance_config.c:238:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        val.bv_len = strlen(buf);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_layer.c:2618:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                dbbasenamelen = strlen(dbNamep);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_layer.c:2619:45:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                dbnamelen = dbbasenamelen + strlen(a->ai_type) + 6;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_layer.c:3953:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    num_bytes = strlen(line);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_layer.c:4038:13:  [1] (buffer) sscanf:
  It's unclear if the %s limit in the format string is small enough
  (CWE-120). Check that the limit is sufficiently small, or use a different
  input function.
            sscanf(thisline, "%512[a-z]%c%128s", attribute, &delimiter, value);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_layer.c:4394:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        (0 != strlen(BDB_CONFIG(li)->bdb_log_directory))) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_layer.c:4591:24:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
        return_value = read(source_fd, buffer, 64 * 1024);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_layer.c:4731:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        len = strlen(inst_dirp);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_layer.c:5038:27:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                    (0 != strlen(conf->bdb_log_directory))) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_layer.c:5044:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                p1len = strlen(prefix) + strlen(*listB) + 100;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_layer.c:5044:42:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                p1len = strlen(prefix) + strlen(*listB) + 100;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_layer.c:5046:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                p2len = strlen(dest_dir) + strlen(*listB) + 100;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_layer.c:5046:44:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                p2len = strlen(dest_dir) + strlen(*listB) + 100;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_layer.c:5143:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (strlen(path) < 4) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_layer.c:5150:37:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        const char *piece = path + (strlen(path) - 4);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_layer.c:5188:60:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            if (is_a_logfile && (NULL != log_dir) && (0 != strlen(log_dir))) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_layer.c:5213:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    int len = strlen(filename);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_layer.c:5216:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        int n = strlen(*p);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_layer.c:5404:43:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                    char *p = filename1 + strlen(filename1);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_layer.c:5436:37:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                    p = filename1 + strlen(filename1);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_layer.c:5484:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            (0 != strlen(BDB_CONFIG(li)->bdb_log_directory))) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_layer.c:5679:40:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        slapi_write_buffer(prfd, line, strlen(line));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_layer.c:5749:40:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        slapi_write_buffer(prfd, line, strlen(line));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_ldif2db.c:180:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            bv.bv_len = strlen(pdn);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_ldif2db.c:502:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            bv.bv_len = strlen(include[i]);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_ldif2db.c:624:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            val.bv_len = strlen(val.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_ldif2db.c:646:40:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        rc = write(expargs->fd, idstr, strlen(idstr));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_ldif2db.c:994:30:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        rc = write(fd, vstr, strlen(vstr));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_ldif2db.c:2601:14:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    srclen = strlen(src);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_ldif2db.c:2602:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    destlen = strlen(dest);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_ldif2db.c:2615:27:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            int filelen = strlen(direntry->name);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_ldif2db.c:2690:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        len = strlen(inst_dirp) + strlen(direntry->name) + 2;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_ldif2db.c:2690:35:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        len = strlen(inst_dirp) + strlen(direntry->name) + 2;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_ldif2db.c:3195:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    id2entrylen = strlen(ID2ENTRY);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_ldif2db.c:3231:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            if (strlen(ptr) == strlen(BDB_DNFORMAT)) { /* no version */
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_ldif2db.c:3231:32:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            if (strlen(ptr) == strlen(BDB_DNFORMAT)) { /* no version */
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_monitor.c:22:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        val.bv_len = strlen(buf);                     \
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_monitor.c:131:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        val.bv_len = strlen(x);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_monitor.c:144:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        if (strlen(mpfstat[i]->file_name) < strlen(inst->inst_dir_name))
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_monitor.c:144:45:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        if (strlen(mpfstat[i]->file_name) < strlen(inst->inst_dir_name))
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_monitor.c:147:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                    strlen(inst->inst_dir_name)) != 0)
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_monitor.c:149:35:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        if (mpfstat[i]->file_name[strlen(inst->inst_dir_name)] != get_sep(mpfstat[i]->file_name))
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_upgrade.c:57:28:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                           strlen(ldbm_version_suss[i].old_version_string)) == 0) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_upgrade.c:77:42:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                char *endp = dbversion + strlen(dbversion);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_upgrade.c:280:53:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if ((0 == PL_strncasecmp(ldbmversion, BDB_IMPL, strlen(BDB_IMPL))) ||
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_verify.c:44:14:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    tmplen = strlen(dbdir);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_verify.c:83:52:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        if (0 != strncmp(direntry->name, ID2ENTRY, strlen(ID2ENTRY))) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_verify.c:109:57:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            if (0 == strncmp(direntry->name, VLVPREFIX, strlen(VLVPREFIX))) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_version.c:68:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        len = strlen(buf);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_version.c:72:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            len = strlen(buf);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_version.c:78:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            len = strlen(buf);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_version.c:84:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            len = strlen(buf);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_version.c:89:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        len = strlen(buf);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/db-bdb/bdb_version.c:96:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            len = strlen(buf);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/dblayer.c:300:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        mylen = strlen(parent_dir) + 1;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/dblayer.c:308:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        mylen = strlen(parent_dir);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/dblayer.c:315:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        mylen += strlen(inst->inst_dir_name) + 2;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/dblayer.c:322:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        mylen += strlen(inst->inst_dir_name) + 2;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/filterindex.c:673:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            if (len < strlen(f->f_type)) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/idl.c:337:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        k2.dsize = strlen(kstr) + 1;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/idl.c:513:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    bkey->dsize = strlen(bkey->dptr) + 1;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/idl.c:530:37:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        char *fmt = slapi_ch_malloc(strlen(func) + strlen(note) + strlen(FORMAT) + 30);              \
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/idl.c:530:52:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        char *fmt = slapi_ch_malloc(strlen(func) + strlen(note) + strlen(FORMAT) + 30);              \
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/idl.c:530:67:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        char *fmt = slapi_ch_malloc(strlen(func) + strlen(note) + strlen(FORMAT) + 30);              \
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/idl.c:697:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            k2.dsize = strlen(kstr) + 1;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/idl.c:704:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            k2.dsize = strlen(kstr) + 1;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/idl.c:763:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    k2.dsize = strlen(kstr) + 1;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/idl.c:827:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            k3.dsize = strlen(kstr3) + 1;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/idl.c:958:28:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                k2.dsize = strlen(kstr) + 1;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/idl.c:1014:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        k2.dsize = strlen(kstr) + 1;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/idl.c:1026:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        k2.dsize = strlen(kstr) + 1;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/idl.c:1590:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    contkey->dsize = strlen(contkey->dptr) + 1;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/index.c:1039:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        plen = strlen(prefix);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/index.c:1050:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        key.size = key.ulen = strlen(prefix) + 1; /* include 0 terminator */
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/index.c:1320:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    bv.bv_len = strlen(bv.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/index.c:1404:12:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    plen = strlen(prefix);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/index.c:1840:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        key.dsize = strlen(prefix) + 1; /* include null terminator */
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/index.c:1870:12:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    plen = strlen(prefix);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/index.c:1972:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    sv.bv.bv_len = strlen(s);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/index.c:2241:28:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        const size_t len = strlen(indextype);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/instance.c:142:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    val.bv_len = strlen(cn_val);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/instance.c:146:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    val.bv_len = strlen(val1);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/instance.c:151:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        val.bv_len = strlen(val2);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/instance.c:156:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        val.bv_len = strlen(val3);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/instance.c:161:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        val.bv_len = strlen(val4);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_add.c:1469:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        bv.bv_len = strlen(buf);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_add.c:1476:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    bv.bv_len = strlen(buf);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_add.c:1496:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    bv.bv_len = strlen(bv.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_attr.c:224:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        size_t vallen = strlen(val);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_attr.c:256:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                    bv.bv_len = strlen(bv.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_attr.c:270:37:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                        bv.bv_len = strlen(bv.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_attr.c:286:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                    bv.bv_len = strlen(bv.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_attr.c:383:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    size_t preslen = strlen(indextype_PRESENCE);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_attr.c:384:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    size_t eqlen = strlen(indextype_EQUALITY);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_attr.c:385:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    size_t sublen = strlen(indextype_SUB);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_config.c:112:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    for (x = 0; strlen(entries[x]) > 0; x++) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_config.c:928:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            len += strlen(li->li_attrs_to_exclude_from_export[i]) + 1;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_config.c:936:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            p += strlen(p);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_config.c:1266:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        val.bv_len = strlen(buf);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_config.c:1686:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    bval.bv_len = strlen(value);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_config.c:1709:56:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    slapi_mods_add(&smods, LDAP_MOD_REPLACE, conftype, strlen(val), val);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_entryrdn.c:661:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        key.size = key.ulen = strlen(keybuf) + 1;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_entryrdn.c:676:35:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            key.size = key.ulen = strlen(keybuf) + 1;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_entryrdn.c:696:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        key.size = key.ulen = strlen(keybuf) + 1;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_entryrdn.c:713:35:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            key.size = key.ulen = strlen(keybuf) + 1;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_entryrdn.c:735:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        key.size = key.ulen = strlen(keybuf) + 1;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_entryrdn.c:753:35:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            key.size = key.ulen = strlen(keybuf) + 1;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_entryrdn.c:784:35:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            key.size = key.ulen = strlen(keybuf) + 1;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_entryrdn.c:817:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        key.size = key.ulen = strlen(keybuf) + 1;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_entryrdn.c:835:35:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            key.size = key.ulen = strlen(keybuf) + 1;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_entryrdn.c:1179:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        key.size = key.ulen = strlen(keybuf) + 1;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_entryrdn.c:1202:39:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                key.size = key.ulen = strlen(keybuf) + 1;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_entryrdn.c:1389:27:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    key.size = key.ulen = strlen(keybuf) + 1;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_entryrdn.c:1411:35:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            key.size = key.ulen = strlen(keybuf) + 1;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_entryrdn.c:1521:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    rdn_len = strlen(rdn) + 1;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_entryrdn.c:1522:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    nrdn_len = strlen(nrdn) + 1;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_entryrdn.c:1986:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    key->size = key->ulen = strlen(keybuf) + 1;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_entryrdn.c:2000:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    key->size = key->ulen = strlen(keybuf) + 1;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_entryrdn.c:2076:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    key->size = key->ulen = strlen(keybuf) + 1;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_entryrdn.c:2087:35:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    realkey.size = realkey.ulen = strlen(realkeybuf) + 1;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_entryrdn.c:2191:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        key->size = key->ulen = strlen(keybuf) + 1;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_entryrdn.c:2311:27:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    key.size = key.ulen = strlen(nrdn) + 1;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_entryrdn.c:2485:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        key.size = key.ulen = strlen(keybuf) + 1;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_entryrdn.c:2695:27:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    key.size = key.ulen = strlen(keybuf) + 1;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_entryrdn.c:2835:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        key.size = key.ulen = strlen(keybuf) + 1;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_entryrdn.c:3015:27:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    key.size = key.ulen = strlen(keybuf) + 1;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_entryrdn.c:3132:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        key.size = key.ulen = strlen(keybuf) + 1;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_entryrdn.c:3228:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        key.size = key.ulen = strlen(keybuf) + 1;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_entryrdn.c:3330:27:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    key.size = key.ulen = strlen(keybuf) + 1;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_instance_config.c:761:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        val.bv_len = strlen(val.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_instance_config.c:778:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        val.bv_len = strlen(buf);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_modify.c:291:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                    bv.bv_len = strlen(bv.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_modrdn.c:772:32:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                               strlen(backentry_get_ndn(e)), backentry_get_ndn(e));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_modrdn.c:774:32:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                               strlen(backentry_get_ndn(ec)), backentry_get_ndn(ec));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_modrdn.c:1978:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        need += strlen(olddns[i]) + 2; /* For the ", " */
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_modrdn.c:1981:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        need += strlen(newsuperiordns[i]) + 2; /* For the ", " */
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_modrdn.c:2015:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                       strlen(backentry_get_ndn(e)), backentry_get_ndn(e));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_modrdn.c:2017:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                       strlen(backentry_get_ndn(*ec)), backentry_get_ndn(*ec));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_search.c:223:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            size = strlen(f->f_sub_initial) + 1; /* add 1 for "^" */
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_search.c:227:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            size += strlen(f->f_sub_any[i++]) + 2; /* add 2 for ".*" */
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_search.c:231:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            size += strlen(f->f_sub_final) + 3; /* add 3 for ".*" and "$" */
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldbm_search.c:256:13:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
            strcat(p, "$");
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldif2ldbm.c:264:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    val.bv_len = strlen(attrString);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldif2ldbm.c:278:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        val.bv_len = strlen(ptr);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/ldif2ldbm.c:288:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            val.bv_len = strlen(ptr);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/misc.c:396:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    len = strlen(path);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/misc.c:466:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    typelen = strlen(type);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/misc.c:548:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    typelen = strlen(type);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/misc.c:620:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    l = strlen(dir);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/parents.c:136:45:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                           numsubordinates, strlen(value_buffer), value_buffer);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/parents.c:173:32:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                               strlen(value_buffer), value_buffer);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/parents.c:186:28:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                           strlen(value_buffer), value_buffer);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/seq.c:133:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            size_t key_length = strlen(val) + 2;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/sort.c:90:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    int prefix_size = strlen(prefix);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/sort.c:99:30:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            candidate_size = strlen(candidate_buffer);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/sort.c:103:30:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            candidate_size = strlen(candidate_buffer);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/sort.c:228:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        buffer_size += strlen(t->type);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/sort.c:234:28:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            buffer_size += strlen(t->matchrule) + 1;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/uniqueid2entry.c:46:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        idv.bv_len = strlen(idv.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/vlv.c:1755:9:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
        strncpy(string, vlvi->value.bv_val, vlvi->value.bv_len);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/vlv.c:1855:21:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
                    strncpy(p, vlvp->value.bv_val, vlvp->value.bv_len);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/vlv_srch.c:68:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        PRUint32 i = strlen(s) - 1;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/vlv_srch.c:127:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (strlen(p->vlv_filter) > 0) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/vlv_srch.c:356:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            length += strlen(pi->vlv_name) + 4;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/vlv_srch.c:369:32:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                sprintf(text + strlen(text), "'%s', ", pi->vlv_name);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/vlv_srch.c:825:32:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    filename = slapi_ch_malloc(strlen(pIndex->vlv_name) + 1);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/vlv_srch.c:827:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    for (i = 0; i < strlen(pIndex->vlv_name); i++) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/back-ldbm/vlv_srch.c:834:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (strlen(filename) == 0) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/backend_manager.c:396:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    suffixlen = strlen(suffix);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/bind.c:141:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (rawdn && (strlen(rawdn) > 0) && (NULL == dn)) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/bind.c:341:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        if (strlen(saslmech) > SASL_MECHNAMEMAX) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/ch_malloc.c:202:38:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                      (unsigned long)strlen(s1), oserr, slapd_system_strerror(oserr),
data/389-ds-base-1.4.4.8/ldap/servers/slapd/charray.c:176:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        size += strlen(a[i]) + 1;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/charray.c:356:40:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                if (strncmp(res[j], s, strlen(s)) == 0) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/compare.c:102:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (rawdn && (strlen(rawdn) > 0) && (NULL == dn)) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/config.c:102:34:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                    size_t len = strlen(s);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/configdse.c:155:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        val.bv_len = strlen(val.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/configdse.c:171:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            val.bv_len = strlen(val.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/configdse.c:188:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            val.bv_len = strlen(be->be_type);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/configdse.c:207:30:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                val.bv_len = strlen(val.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/configdse.c:221:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        val.bv_len = strlen(val.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/configdse.c:229:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        val.bv_len = strlen(val.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/configdse.c:237:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        val.bv_len = strlen(val.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/connection.c:482:30:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        url.bv_len = refer ? strlen(refer) : 0;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/connection.c:1537:37:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                    if (anon_dn && (strlen(anon_dn) > 0)) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/connection.c:2115:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    dnlen = conn->c_dn ? strlen(conn->c_dn) : 0;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/connection.c:2116:34:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    typelen = conn->c_authtype ? strlen(conn->c_authtype) : 0;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/conntable.c:525:44:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            size_t lendn = ct->c[i].c_dn ? strlen(ct->c[i].c_dn) : 6; /* "NULLDN" */
data/389-ds-base-1.4.4.8/ldap/servers/slapd/conntable.c:526:48:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            size_t lenip = ct->c[i].c_ipaddr ? strlen(ct->c[i].c_ipaddr) : 0;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/conntable.c:565:44:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            if ((lenconn + lenip + lendn + strlen(maxthreadbuf)) > (BUFSIZ - 54)) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/conntable.c:576:76:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                newbuf = (char *)slapi_ch_malloc(lenconn + lendn + lenip + strlen(maxthreadbuf) + 54);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/conntable.c:592:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            val.bv_len = strlen(bufptr);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/conntable.c:601:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    val.bv_len = strlen(buf);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/conntable.c:606:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    val.bv_len = strlen(buf);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/conntable.c:611:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    val.bv_len = strlen(buf);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/conntable.c:616:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    val.bv_len = strlen(buf);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/conntable.c:621:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    val.bv_len = strlen(buf);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/conntable.c:626:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    val.bv_len = strlen(buf);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/counters.c:98:28:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    r += (counter->qname ? strlen(counter->qname) : 0);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/counters.c:99:28:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    r += (counter->rname ? strlen(counter->rname) : 0);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/counters.c:100:34:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    r += (counter->description ? strlen(counter->description) : 0);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/csn.c:381:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (strlen(s) < _CSN_VALIDCSN_STRLEN) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/daemon.c:812:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                    if (strlen(val) >= 5 && strncmp(val, "{DES}", 5) == 0) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/daemon.c:1288:13:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
        if (read(readsignalpipe, buf, 200) < 1) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/daemon.c:1972:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                    strlen(tpl) +
data/389-ds-base-1.4.4.8/ldap/servers/slapd/daemon.c:1973:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                    strlen(base) +
data/389-ds-base-1.4.4.8/ldap/servers/slapd/delete.c:245:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (rawdn && (strlen(rawdn) > 0) && (NULL == dn)) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/dn.c:162:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    ((eq) != subtypestart + strlen(subtypestart) - 3))
data/389-ds-base-1.4.4.8/ldap/servers/slapd/dn.c:571:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        src_len = strlen(src);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/dn.c:577:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        *dest_len = strlen(*dest);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/dn.c:1193:38:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    rc = slapi_dn_normalize_ext(src, strlen(src), &dest, &dest_len);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/dn.c:1225:38:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    rc = slapi_dn_normalize_ext(src, strlen(src), &dest, &dest_len);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/dn.c:1411:41:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    *(substr_dn_normalize_orig(dn, dn + strlen(dn))) = '\0';
data/389-ds-base-1.4.4.8/ldap/servers/slapd/dn.c:1422:41:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    *(substr_dn_normalize_orig(dn, dn + strlen(dn))) = '\0';
data/389-ds-base-1.4.4.8/ldap/servers/slapd/dn.c:1438:36:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    *(substr_dn_normalize(dn, dn + strlen(dn))) = '\0';
data/389-ds-base-1.4.4.8/ldap/servers/slapd/dn.c:1450:54:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    return (substr_dn_normalize(dn, end ? end : dn + strlen(dn)));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/dn.c:1533:38:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    rc = slapi_dn_normalize_ext(src, strlen(src), &dest, &dest_len);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/dn.c:1689:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    suffixlen = strlen(suffix);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/dn.c:1690:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    dnlen = strlen(dn);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/dn.c:1818:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    bv->bv_len = strlen(s);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/dn.c:1950:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        sdn->ndn_len = strlen(dn);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/dn.c:1965:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        sdn->ndn_len = strlen(dn);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/dn.c:1980:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        sdn->ndn_len = strlen(dn);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/dn.c:2137:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        sdn->ndn_len = strlen(normdn);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/dn.c:2151:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        sdn->ndn_len = strlen(normdn);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/dn.c:2168:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        sdn->ndn_len = strlen(normdn);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/dn.c:2182:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        sdn->ndn_len = strlen(ndn);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/dn.c:2198:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        sdn->ndn_len = strlen(ndn);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/dn.c:2212:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        sdn->ndn_len = strlen(ndn);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/dn.c:2501:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        to->ndn_len = strlen(to->dn);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/dn.c:2508:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        to->ndn_len = strlen(to->ndn);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/dn.c:2741:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        sz += strlen(sdn->udn) + 1;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/dn.c:3186:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (strlen(ndn) > ndn_len) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/dn.c:3302:14:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    dn1len = strlen(dn1str);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/dn.c:3303:14:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    dn2len = strlen(dn2str);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/dn.c:3338:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        cp += strlen(*dn1p) + 1 /*,*/;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/dn.c:3340:14:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    dn1len = strlen(common);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/dse.c:568:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        val.bv_len = strlen(val.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/dse.c:727:38:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                    size_t estrlen = strlen(entrystr);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/dynalib.c:82:41:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        if (strncmp(libpath, PLUGINDIR, strlen(PLUGINDIR)) && libpath[0] != '/') {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/entry.c:485:54:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                    slapi_value_set(svalue, dn_aval, strlen(dn_aval));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/entry.c:1382:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    attrtypelen = strlen(attrtype);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/entry.c:1472:30:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        size_t attrtypelen = strlen(attrtype);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/entry.c:1930:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            size += strlen(a->a_type) + 1;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/entry.c:1955:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        size += strlen(e->e_uniqueid) + 1;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/entry.c:2299:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            size += strlen(vattr->attrname);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/entry.c:2925:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        bv.bv_len = strlen(value);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/entry.c:2942:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    bv.bv_len = strlen(value);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/entry.c:2956:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    bv.bv_len = strlen(value);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/entry.c:2970:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    bv.bv_len = strlen(value);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/entry.c:2984:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    bv.bv_len = strlen(value);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/entry.c:2998:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    bv.bv_len = strlen(value);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/entry.c:3334:62:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                slapi_mods_add(smods, LDAP_MOD_DELETE, type, strlen(val), val);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/entrywsi.c:211:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            bv.bv_len = strlen(value);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/entrywsi.c:1530:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            v.bv_len = strlen(SLAPI_ATTR_VALUE_TOMBSTONE);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/extendop.c:48:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy(orig, extval->bv_val, extval->bv_len);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/fedse.c:2684:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            bv.bv_len = strlen(bv.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/fedse.c:2716:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        val.bv_len = strlen(val.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/fedse.c:2726:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        val.bv_len = strlen(val.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/filter.c:74:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        logbufsize = strlen(*fstr) + 1;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/filter.c:148:41:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    f->f_un.f_un_ava.ava_value.bv_len = strlen(filter_value);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/filter.c:240:47:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                        f->f_avvalue.bv_len = strlen(f->f_avvalue.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/filter.c:422:45:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            *fstr = slapi_ch_realloc(*fstr, strlen(*fstr) +
data/389-ds-base-1.4.4.8/ldap/servers/slapd/filter.c:423:49:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                                                strlen(ftmp) + 1);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/filter.c:470:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    fstr_len = strlen(f->f_sub_type) + SLAPD_TYPICAL_ATTRIBUTE_NAME_MAX_LENGTH;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/filter.c:499:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                if (fstr_len <= strlen(*fstr) + strlen(eval) + 1) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/filter.c:499:49:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                if (fstr_len <= strlen(*fstr) + strlen(eval) + 1) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/filter.c:500:34:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                    fstr_len += (strlen(eval) + 1) * 2;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/filter.c:513:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                if (fstr_len <= strlen(*fstr) + strlen(eval) + 1) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/filter.c:513:49:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                if (fstr_len <= strlen(*fstr) + strlen(eval) + 1) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/filter.c:514:34:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                    fstr_len += (strlen(eval) + 1) * 2;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/filter.c:517:17:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
                strcat(*fstr, "*");
data/389-ds-base-1.4.4.8/ldap/servers/slapd/filter.c:531:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                if (fstr_len <= strlen(*fstr) + strlen(eval) + 1) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/filter.c:531:49:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                if (fstr_len <= strlen(*fstr) + strlen(eval) + 1) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/filter.c:532:34:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                    fstr_len += (strlen(eval) + 1) * 2;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/filter.c:535:17:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
                strcat(*fstr, "*");
data/389-ds-base-1.4.4.8/ldap/servers/slapd/filter.c:557:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (fstr_len <= strlen(*fstr) + 3) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/filter.c:562:9:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
        strcat(*fstr, "*");
data/389-ds-base-1.4.4.8/ldap/servers/slapd/filter.c:564:5:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
    strcat(*fstr, ")");
data/389-ds-base-1.4.4.8/ldap/servers/slapd/filter.c:1043:37:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            ava->ava_value.bv_len = strlen(newval);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/filter.c:1301:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        size = strlen(f->f_ava.ava_type) + f->f_ava.ava_value.bv_len + strlen(operator) + 3;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/filter.c:1301:72:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        size = strlen(f->f_ava.ava_type) + f->f_ava.ava_value.bv_len + strlen(operator) + 3;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/filter.c:1314:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        size = strlen(f->f_sub_type) + 2;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/filter.c:1321:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                size = strlen(f->f_sub_initial);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/filter.c:1324:28:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                    buf += strlen(buf);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/filter.c:1331:28:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                    size = strlen(f->f_sub_any[i]) + 1;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/filter.c:1334:32:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                        buf += strlen(buf);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/filter.c:1341:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                size = strlen(f->f_sub_final) + 1;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/filter.c:1344:28:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                    buf += strlen(buf);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/filter.c:1349:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            buf += strlen(buf);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/filter.c:1352:17:  [1] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source is a constant character.
                sprintf(buf, ")");
data/389-ds-base-1.4.4.8/ldap/servers/slapd/filter.c:1359:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        size = strlen(f->f_type) + 4;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/filter.c:1375:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                buf += strlen(buf);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/filter.c:1378:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            buf += strlen(buf);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/filter.c:1381:17:  [1] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source is a constant character.
                sprintf(buf, ")");
data/389-ds-base-1.4.4.8/ldap/servers/slapd/filter.c:1388:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        size = strlen(f->f_mr_type) + f->f_mr_value.bv_len + strlen(operator) +
data/389-ds-base-1.4.4.8/ldap/servers/slapd/filter.c:1388:62:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        size = strlen(f->f_mr_type) + f->f_mr_value.bv_len + strlen(operator) +
data/389-ds-base-1.4.4.8/ldap/servers/slapd/filter.c:1390:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
               (f->f_mr_oid ? strlen(f->f_mr_oid) + 1 /* : */ : 0) + 3;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/filtercmp.c:35:66:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define addhash_str(h, str) addhash((h), (unsigned char *)(str), strlen(str))
data/389-ds-base-1.4.4.8/ldap/servers/slapd/filtercmp.c:46:30:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                   normstr ? strlen((char *)normstr) : 0);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/filterentry.c:391:37:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                        bv.bv_len = strlen(val);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/generation.c:73:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    gen_val.bv_len = strlen(gen_val.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/ldaputil.c:283:46:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                urlescaped = slapi_ch_calloc(strlen(url) * 3, sizeof(char));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/ldaputil.c:320:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        size_t len = strlen(url_to_use);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/ldaputil.c:971:34:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        bvcreds.bv_len = creds ? strlen(creds) : 0;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/ldaputil.c:1238:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    dnlen = strlen(binddn);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/ldaputil.c:1444:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        interact->len = strlen((char *)(interact->result));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/lenstr.c:35:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    len = strlen(str);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/libglobs.c:1427:35:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        newlist[ii - 1]->bv_len = strlen(strarray[ii - 1]);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/libglobs.c:2404:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (strlen(value) >= result_size) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/libglobs.c:8064:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            val.bv_len = strlen(REFERRAL_REMOVE_CMD);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/libglobs.c:8107:38:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                values[ii]->bv_len = strlen((char *)values[ii]->bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/libglobs.c:8704:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (strlen(str) < 1) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/libglobs.c:8715:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        if (strlen(mech) == 0 || strlen(mech) > 20) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/libglobs.c:8715:34:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        if (strlen(mech) == 0 || strlen(mech) > 20) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/localhost.c:83:58:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            strncmp(p->ai_canonname, info->ai_canonname, strlen(info->ai_canonname)))
data/389-ds-base-1.4.4.8/ldap/servers/slapd/localhost.c:162:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    DN = slapi_ch_malloc(strlen(DNS) + (components * strlen(RDN)) + 1);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/localhost.c:162:54:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    DN = slapi_ch_malloc(strlen(DNS) + (components * strlen(RDN)) + 1);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/localhost.c:167:9:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
        strcat(DN, ",");
data/389-ds-base-1.4.4.8/ldap/servers/slapd/localhost.c:227:38:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            c = slapi_ch_malloc(20 + strlen(host));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/log.c:465:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        if (strlen(backendstr) == 0) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/log.c:842:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        strlen(value) != 3 ||
data/389-ds-base-1.4.4.8/ldap/servers/slapd/log.c:1927:36:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    LOG_WRITE_NOW_NO_ERR(fp, buff, strlen(buff), 0);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/log.c:1941:36:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    LOG_WRITE_NOW_NO_ERR(fp, buff, strlen(buff), 0);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/log.c:2319:12:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    size = strlen(buffer);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/log.c:2436:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            int size = strlen(buffer);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/log.c:2603:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        vlen = strlen(vbuf);                 /* Truncated length */
data/389-ds-base-1.4.4.8/ldap/servers/slapd/log.c:2828:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    LOG_WRITE(fpinfo, buffer, strlen(buffer), 0);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/log.c:2835:35:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        LOG_WRITE(fpinfo, buffer, strlen(buffer), 0);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/log.c:3328:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    rotated_log_len = strlen(pathname) + 17;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/log.c:3345:57:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        } else if (0 == strncmp(log_type, dirent->name, strlen(log_type)) &&
data/389-ds-base-1.4.4.8/ldap/servers/slapd/log.c:3347:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                   15 == strlen(++p) &&
data/389-ds-base-1.4.4.8/ldap/servers/slapd/log.c:3524:50:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        if (0 == strncmp(log_type, dirent->name, strlen(log_type)) &&
data/389-ds-base-1.4.4.8/ldap/servers/slapd/log.c:3526:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            15 == strlen(++p) &&
data/389-ds-base-1.4.4.8/ldap/servers/slapd/log.c:3624:14:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        p += strlen(PREVLOGFILE);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/log.c:4748:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    LOG_WRITE(fpinfo, buffer, strlen(buffer), 0);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/log.c:4755:35:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        LOG_WRITE(fpinfo, buffer, strlen(buffer), 0);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/log.c:4882:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    LOG_WRITE(fpinfo, buffer, strlen(buffer), 0);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/log.c:4889:35:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        LOG_WRITE(fpinfo, buffer, strlen(buffer), 0);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/log.c:5015:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    LOG_WRITE(fpinfo, buffer, strlen(buffer), 0);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/log.c:5022:35:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        LOG_WRITE(fpinfo, buffer, strlen(buffer), 0);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/log.c:5209:30:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (strchr(tbuf, '-') && strlen(tbuf) >= 15) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/main.c:452:17:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
                strcat(buf, "_");
data/389-ds-base-1.4.4.8/ldap/servers/slapd/main.c:1476:45:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                if (optarg_ext[0] != '-' || strlen(optarg_ext) != 1) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/main.c:1484:45:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                p = (char *)slapi_ch_malloc(strlen(optarg_ext) + 1);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/main.c:1835:35:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        while (NULL != suffixp && strlen(suffixp) > 0) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/main.c:2255:65:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                        (char *)slapi_ch_malloc((unsigned long)(strlen(mcfg->archive_name) + strlen(*instp) + 2));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/main.c:2255:94:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                        (char *)slapi_ch_malloc((unsigned long)(strlen(mcfg->archive_name) + strlen(*instp) + 2));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/main.c:2814:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            len += strlen(slapd_debug_level_map[i].dle_string);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/main.c:2829:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            p += strlen(p);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/mapping_tree.c:239:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    bv1.bv_len = strlen(bv1.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/mapping_tree.c:242:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    bv0.bv_len = strlen(bv0.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/mapping_tree.c:248:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        bv0.bv_len = strlen(bv0.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/mapping_tree.c:356:44:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            ptr = PL_strnrchr(parent, '"', strlen(parent));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/mapping_tree.c:402:40:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            ptr = PL_strnrchr(cn, '"', strlen(cn));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/mapping_tree.c:3303:63:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    slapi_mods_add(&smods, LDAP_MOD_REPLACE, "nsslapd-state", strlen(state), state);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/mapping_tree.c:3691:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        if (strlen(current->mtn_subtree->dn) == 0) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/modify.c:636:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (dn && (strlen(dn) > 0) && (NULL == normdn)) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/modify.c:833:74:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                                        pw_mod->mod_bvalues[i]->bv_len = strlen(userpwd);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/modify.c:851:43:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                            bval.bv_len = strlen(password);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/modify.c:878:47:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                                bval.bv_len = strlen(unhashed_pwd);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/modify.c:1386:47:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                mod->mod_bvalues[j]->bv_len = strlen(hashedval);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/modrdn.c:143:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (rawdn && (strlen(rawdn) > 0) && (NULL == dn)) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/modutil.c:326:42:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    slapi_mods_add(smods, modtype, type, strlen(val), val);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/modutil.c:804:27:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                int len = strlen(mod->mod_type);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/monitor.c:55:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    val.bv_len = strlen(val.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/monitor.c:84:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    val.bv_len = strlen(buf);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/monitor.c:90:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    val.bv_len = strlen(buf);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/monitor.c:110:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            val.bv_len = strlen(val.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/opshared.c:140:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                bv.bv_len = strlen(bv.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/opshared.c:143:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                bv.bv_len = strlen(bv.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/opshared.c:159:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            bv.bv_len = strlen(bv.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/opshared.c:168:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            bv.bv_len = strlen(bv.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/opshared.c:179:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    bv.bv_len = strlen(bv.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/opshared.c:301:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (base && (strlen(base) > 0) && (NULL == normbase)) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/opshared.c:358:57:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define LOG_ACCESS_FORMAT_BUFSIZ(arg, logstr, bufsiz) ((strlen(arg)) < (bufsiz) ? (logstr "%s") : \
data/389-ds-base-1.4.4.8/ldap/servers/slapd/opshared.c:361:62:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define LOG_ACCESS_FORMAT_ATTR_BUFSIZ(arg, logstr, bufsiz) ((strlen(arg)) < (bufsiz) ? (logstr "%s") : \
data/389-ds-base-1.4.4.8/ldap/servers/slapd/pagedresults.c:255:51:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    ber_printf(ber, "{io}", estimate, cookie_str, strlen(cookie_str));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/pblock.c:454:32:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                               strlen(SLAPD_AUTH_SASL)) == 0) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/pblock.c:4461:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            if (anon_dn && (strlen(anon_dn) > 0)) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/plugin.c:609:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        if ((int)strlen(p->plg_pwdstorageschemename) == len) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/plugin.c:631:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            len += strlen(p->plg_pwdstorageschemename) + 3;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/plugin.c:2576:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    desc.bv_len = strlen(desc.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/plugin.c:3059:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            len += strlen(plugins[i]);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/plugin.c:3064:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            len += strlen(plugins[i]);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/plugin_syntax.c:307:30:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            dn_bval.bv_len = strlen(dn);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/protect_db.c:101:24:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
            nb_bytes = read(fd, (void *)&owning_pid, sizeof(pid_t));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/proxyauth.c:113:38:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        if (NULL == spec->auth_dn || strlen(spec->auth_dn) < 3 ||
data/389-ds-base-1.4.4.8/ldap/servers/slapd/proxyauth.c:120:51:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        memmove(spec->auth_dn, spec->auth_dn + 3, strlen(spec->auth_dn) - 2); /* 1 for '\0' */
data/389-ds-base-1.4.4.8/ldap/servers/slapd/pw.c:279:53:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            p = plugin_get_pwd_storage_scheme(ssha, strlen(ssha), PLUGIN_LIST_PWD_STORAGE_SCHEME);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/pw.c:283:54:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            p = plugin_get_pwd_storage_scheme(pbkdf, strlen(pbkdf), PLUGIN_LIST_PWD_STORAGE_SCHEME);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/pw.c:289:49:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        p = plugin_get_pwd_storage_scheme(name, strlen(name), PLUGIN_LIST_PWD_STORAGE_SCHEME);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/pw.c:297:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        pwsp->pws_len = strlen(pwsp->pws_name);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/pw.c:475:41:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                    *encrypt = cipher + strlen(*algid) + strlen(schemaName) + 3;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/pw.c:475:58:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                    *encrypt = cipher + strlen(*algid) + strlen(schemaName) + 3;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/pw.c:488:37:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                *encrypt = cipher + strlen(schemaName) + 2;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/pw.c:526:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                pwsp->pws_len = strlen(pwsp->pws_name);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/pw.c:849:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    i = strlen(new);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/pw.c:1412:27:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            size_t h0sz = strlen(h0str);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/pw.c:1413:27:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            size_t h1sz = strlen(h1str);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/pw.c:1613:35:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    new_ctrl.ldctl_value.bv_len = strlen(buf);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/pw.c:1679:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        bv.bv_len = strlen(bv.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/pw.c:1691:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        bv.bv_len = strlen(bv.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/pw.c:1707:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        bv.bv_len = strlen(bv.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/pw.c:1776:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            ep = sp + strlen(sp);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/pw.c:3235:62:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        slapi_mods_add(smods, LDAP_MOD_REPLACE, "shadowMin", strlen(shmin), shmin);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/pw.c:3240:62:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        slapi_mods_add(smods, LDAP_MOD_REPLACE, "shadowMax", strlen(shmax), shmax);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/pw.c:3245:66:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        slapi_mods_add(smods, LDAP_MOD_REPLACE, "shadowWarning", strlen(shwarn), shwarn);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/rdn.c:127:27:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                int len = strlen(dn);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/rdn.c:410:30:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            *value = *type + strlen(*type) + 1;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/rdn.c:622:55:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            r = slapi_rdn_contains(rdn2, type, value, strlen(value));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/rdn.c:915:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        len += strlen(*rdnp) + 1; /* 1 for ',' */
data/389-ds-base-1.4.4.8/ldap/servers/slapd/rdn.c:943:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        size_t mylen = strlen(*rdnp) + 1;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/rdn.c:1046:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        sz += strlen(srdn->rdn) + 1;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/rdn.c:1049:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        sz += strlen(srdn->nrdn) + 1;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/rdn.c:1053:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            sz += strlen(*ptr) + 1;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/rdn.c:1058:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            sz += strlen(*ptr) + 1;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/rdn.c:1063:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            sz += strlen(*ptr) + 1;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/referral.c:204:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            len = strlen(urls[i]->bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/referral.c:217:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        urlscopy[i]->bv_len = strlen(urlscopy[i]->bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/referral.c:323:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            add_len = strlen(opdn_norm) - slapi_sdn_get_ndn_len(refsdn);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/referral.c:324:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            cur_len = strlen(*urlp);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/referral.c:330:41:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                memmove(p + add_len, p, strlen(p) + 1);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/referral.c:342:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            add_len = strlen(opdn_norm);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/referral.c:349:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        cur_len = strlen(*urlp);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/referral.c:354:13:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
            strcat(*urlp, "/");
data/389-ds-base-1.4.4.8/ldap/servers/slapd/referral.c:483:97:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        new_referral_string = slapi_ch_smprintf("%s%s", LDAPS_URL_PREFIX, old_referral_string + strlen(LDAP_URL_PREFIX));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/referral.c:485:36:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        p = new_referral_string + (strlen(LDAPS_URL_PREFIX) + 1);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/referral.c:495:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        bv->bv_len = strlen(bv->bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/regex.c:93:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                   strlen(subject),          /* the length of the subject */
data/389-ds-base-1.4.4.8/ldap/servers/slapd/regex.c:140:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                   strlen(subject),          /* the length of the subject */
data/389-ds-base-1.4.4.8/ldap/servers/slapd/result.c:480:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                len += strlen(text) + 1; /* text + newline */
data/389-ds-base-1.4.4.8/ldap/servers/slapd/result.c:490:17:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
                strcat(buf, "\n");
data/389-ds-base-1.4.4.8/ldap/servers/slapd/result.c:494:17:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
                strcat(buf, "\n");
data/389-ds-base-1.4.4.8/ldap/servers/slapd/result.c:1634:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                        strlen("entryLevelRights: ")) == 0 &&
data/389-ds-base-1.4.4.8/ldap/servers/slapd/result.c:1636:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                        strlen("attributeLevelRights: ")) == 0) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/result.c:1637:36:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            entryrights = gerstr + strlen("entryLevelRights: ");
data/389-ds-base-1.4.4.8/ldap/servers/slapd/result.c:1639:39:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            attributerights = p + 1 + strlen("attributeLevelRights: ");
data/389-ds-base-1.4.4.8/ldap/servers/slapd/result.c:1640:72:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            ber_printf(ber, "{s[o]}", "entryLevelRights", entryrights, strlen(entryrights));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/result.c:1641:80:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            ber_printf(ber, "{s[o]}", "attributeLevelRights", attributerights, strlen(attributerights));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/result.c:1895:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            len = strlen(notemap[i].snp_string);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/result.c:1924:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            len = strlen(notemap[i].snp_detail);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/rootdse.c:68:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                        strlen(writable_attributes[i])) == 0) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/rootdse.c:75:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                        strlen(readonly_attributes[i])) == 0) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/rootdse.c:129:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        val.bv_len = strlen(val.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/rootdse.c:136:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        val.bv_len = strlen(val.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/rootdse.c:160:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        val.bv_len = strlen(base) + strlen(be_name) + 1;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/rootdse.c:160:37:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        val.bv_len = strlen(base) + strlen(be_name) + 1;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/rootdse.c:178:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            val.bv_len = strlen(strs[i]);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/rootdse.c:189:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            val.bv_len = strlen(strs[i]);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/rootdse.c:200:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            val.bv_len = strlen(strs[i]);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/rootdse.c:211:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            val.bv_len = strlen(strs[i]);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/rootdse.c:238:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    val.bv_len = strlen(val.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/rootdse.c:241:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    val.bv_len = strlen(val.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/rootdse.c:247:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        val.bv_len = strlen(val.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/rootdse.c:258:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        val.bv_len = strlen(val.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/rootdse.c:269:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        val.bv_len = strlen(buf);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/rootdse.c:295:34:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                    val.bv_len = strlen(val.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/sasl_map.c:373:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        desc.bv_len = strlen(desc.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/sasl_map.c:610:35:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            size_t userrealmlen = strlen(sasl_user_and_realm);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/sasl_map.c:613:32:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                userrealmlen + strlen(dp->template_base_dn) + 1;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/sasl_map.c:615:32:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                userrealmlen + strlen(dp->template_search_filter) + 1;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/saslbind.c:189:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        *len = strlen(*result);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/saslbind.c:434:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        *out_ulen = strlen(out_user);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:607:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            size_t ocname_len = strlen(ocname);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:976:85:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                if (((strncasecmp(oc->oc_name, ocname_or_oid, len) == 0) && (len == strlen(oc->oc_name))) ||
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:978:84:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                     (strncasecmp(oc->oc_oid, ocname_or_oid, len) == 0) && (len == strlen(oc->oc_oid)))) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:1436:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            aliaslen += strlen(asip->asi_aliases[i]);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:1454:51:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    sizedbuffer_allocate(aew->psbAttrTypes, 256 + strlen(asip->asi_oid) +
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:1455:49:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                                                strlen(asip->asi_name) +
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:1457:49:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                                                strlen(syntaxoid) +
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:1600:57:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        sizedbuffer_allocate(sew->psbSyntaxDescription, strlen(oid) + 5);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:1605:30:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                             strlen(oid) + strlen(desc) + 13);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:1605:44:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                             strlen(oid) + strlen(desc) + 13);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:1611:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    val.bv_len = strlen(sew->psbSyntaxDescription->buffer);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:1735:51:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        size = 256 + strlen_null_ok(oc->oc_oid) + strlen(oc->oc_name) +
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:1740:30:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                size += 16 + strlen(required[i]);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:1745:30:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                size += 16 + strlen(allowed[i]);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:1760:13:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
            strcat(psbObjectClasses->buffer, "'");
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:1776:21:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
                    strcat(psbObjectClasses->buffer, " ");
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:1788:17:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
                strcat(psbObjectClasses->buffer, " ");
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:1799:9:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
        strcat(psbObjectClasses->buffer, ")");
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:1801:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        val.bv_len = strlen(psbObjectClasses->buffer);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:1820:51:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                                                  strlen(mr_name) + strlen(mr_desc) + strlen_null_ok(mrl->mr_entry->mr_syntax));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:1820:69:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                                                  strlen(mr_name) + strlen(mr_desc) + strlen_null_ok(mrl->mr_entry->mr_syntax));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:1833:43:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            p = psbMatchingRule->buffer + strlen(psbMatchingRule->buffer);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:1836:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                p += strlen(p);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:1840:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                p += strlen(p);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:1845:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        val.bv_len = strlen(psbMatchingRule->buffer);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:2472:43:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        sizedbuffer_allocate(psbAttrName, strlen(attr_ldif) + 1);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:2473:42:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        sizedbuffer_allocate(psbAttrOid, strlen(attr_ldif) + 1);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:2474:45:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        sizedbuffer_allocate(psbAttrSyntax, strlen(attr_ldif) + 1);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:2695:43:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        psbOcName = sizedbuffer_construct(strlen(pnew_oc->oc_name) + 1);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:2696:42:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        psbOcOid = sizedbuffer_construct(strlen(pnew_oc->oc_oid) + 1);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:3894:14:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        if ((strlen(name) + 80) < BUFSIZ) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:3909:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            if ((strlen(name) + 80) < BUFSIZ) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:3964:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    length_oid = strlen(oid);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:4462:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        p = buf + strlen(buf); /* skip past existing content */
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:4504:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            len += strlen(prefix);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:4510:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                len += strlen(qdlist[i]);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:4515:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            p = start = buf + strlen(buf); /* skip past existing content */
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:4561:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    return (strlen(s));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:4709:71:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                if (0 == strncasecmp(oc_name, strval, len) && (len == strlen(oc_name))) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:4713:90:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                if (NULL != oc_oid && (0 == strncasecmp(oc_oid, strval, len)) && (len == strlen(oc_oid))) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:5107:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        size += strlen(oc->oc_oid);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:5109:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        size += strlen(oc->oc_name);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:5111:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        size += strlen(oc->oc_desc);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:5114:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            size += strlen(oc->oc_orig_required[i]);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:5120:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            size += strlen(oc->oc_orig_allowed[i]);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:5124:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    size += strlen(schema_oc_kind_strings_with_spaces[oc->oc_kind]);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:5139:5:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
    strcat(oc_str, "'");
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:5145:9:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
        strcat(oc_str, "'");
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:6158:30:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                bv->bv_len = strlen(object->old_value);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/schema.c:6178:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            bv->bv_len = strlen(object->new_value);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/search.c:121:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (rawbase && strlen(rawbase) == 0 && scope != LDAP_SCOPE_BASE) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/search.c:133:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        ((rawbase && strlen(rawbase) > 0) || (scope != LDAP_SCOPE_BASE)) &&
data/389-ds-base-1.4.4.8/ldap/servers/slapd/search.c:159:48:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (!minssf_exclude_rootdse || (rawbase && strlen(rawbase) > 0)) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/slapi_pal.c:47:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define CG2_HEADER_LEN strlen(CG2_HEADER_FORMAT)
data/389-ds-base-1.4.4.8/ldap/servers/slapd/slapi_pal.c:80:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        prefix_len = strlen(prefix);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/slapi_pal.c:142:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            if ((strlen(s) >= CG2_HEADER_LEN) && strncmp(s, CG2_HEADER_FORMAT, CG2_HEADER_LEN) == 0) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/slapi_pal.c:146:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                size_t nl = strlen(res) - 1;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/snmp_collator.c:135:9:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120). Risk is low because the source is a
  constant string.
        strncpy(g_get_global_snmp_vars()->int_tbl[i].dsName, "Not Available",
data/389-ds-base-1.4.4.8/ldap/servers/slapd/snmp_collator.c:143:9:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120). Risk is low because the source is a
  constant string.
        strncpy(g_get_global_snmp_vars()->int_tbl[i].dsURL, "Not Available",
data/389-ds-base-1.4.4.8/ldap/servers/slapd/snmp_collator.c:154:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy(stats->hdr_stats.dsVersion, SLAPD_VERSION_STR,
data/389-ds-base-1.4.4.8/ldap/servers/slapd/snmp_collator.c:208:9:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
        strncpy(g_get_global_snmp_vars()->int_tbl[index].dsName, dsName,
data/389-ds-base-1.4.4.8/ldap/servers/slapd/snmp_collator.c:223:9:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
        strncpy(g_get_global_snmp_vars()->int_tbl[index].dsURL, dsURL,
data/389-ds-base-1.4.4.8/ldap/servers/slapd/snmp_collator.c:631:9:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
        strncpy(stats->int_stats[i].dsName, g_get_global_snmp_vars()->int_tbl[i].dsName,
data/389-ds-base-1.4.4.8/ldap/servers/slapd/snmp_collator.c:639:9:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
        strncpy(stats->int_stats[i].dsURL, g_get_global_snmp_vars()->int_tbl[i].dsURL,
data/389-ds-base-1.4.4.8/ldap/servers/slapd/ssl.c:628:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            if (strlen(raw) > MAGNUS_ERROR_LEN) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/ssl.c:955:54:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        if ((strncmp(mountpoint, private_mountpoint, strlen(private_mountpoint)) == 0) && /* mountpoint=/tmp */
data/389-ds-base-1.4.4.8/ldap/servers/slapd/ssl.c:1043:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    len = strlen(certdir);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/ssl.c:2880:32:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    pwitem.len = (unsigned int)strlen(keyEncPwd);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/ssl.c:2893:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    pwitem.len = strlen((const char *)randomPassword);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/ssl.c:3044:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    memset(randomPassword, 0, strlen((const char *)randomPassword));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/str2filter.c:376:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        size_t len = strlen(value), len2;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/str2filter.c:401:51:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            (0 == strncasecmp(str, "objectclass", strlen("objectclass")))) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/str2filter.c:409:50:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            (0 == strncasecmp(str, "nsuniqueid", strlen("nsuniqueid")))) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/str2filter.c:419:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        f->f_avvalue.bv_len = strlen(f->f_avvalue.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/str2filter.c:441:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            len = strlen(val);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/strdup.c:24:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if ((p = (char *)malloc(strlen(s) + 1)) == NULL)
data/389-ds-base-1.4.4.8/ldap/servers/slapd/task.c:228:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    len = 2 + strlen(buffer) + (task->task_log ? strlen(task->task_log) : 0);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/task.c:228:50:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    len = 2 + strlen(buffer) + (task->task_log ? strlen(task->task_log) : 0);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/task.c:234:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        i = strlen(task->task_log) / 2;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/task.c:239:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        len = strlen(task->task_log) - i + 2 + strlen(buffer);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/task.c:239:48:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        len = strlen(task->task_log) - i + 2 + strlen(buffer);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/task.c:254:9:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
        strcat(task->task_log, "\n");
data/389-ds-base-1.4.4.8/ldap/servers/slapd/task.c:293:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    len = 2 + strlen(buffer) + (task->task_log ? strlen(task->task_log) : 0);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/task.c:293:50:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    len = 2 + strlen(buffer) + (task->task_log ? strlen(task->task_log) : 0);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/task.c:299:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        i = strlen(task->task_log) / 2;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/task.c:304:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        len = strlen(task->task_log) - i + 2 + strlen(buffer);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/task.c:304:48:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        len = strlen(task->task_log) - i + 2 + strlen(buffer);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/task.c:319:9:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
        strcat(task->task_log, "\n");
data/389-ds-base-1.4.4.8/ldap/servers/slapd/task.c:1135:58:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                this_ldif_file = (char *)slapi_ch_malloc(strlen(ldif_file) +
data/389-ds-base-1.4.4.8/ldap/servers/slapd/task.c:1136:58:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                                                         strlen(*inp) + 2);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/task.c:2726:57:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                if (charray_inlist(backends, suffix) || strlen(suffix) == 0) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/task.c:2769:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                        if (strlen(val) >= 5 && strncmp(val, "{DES}", 5) == 0) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tempnam.c:32:38:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if ((s = (char *)slapi_ch_malloc(strlen(dir) + 14)) == NULL) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tempnam.c:37:5:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
    strcat(s, "/");
data/389-ds-base-1.4.4.8/ldap/servers/slapd/test-plugins/clients/reqextop.c:50:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    valrequest.bv_len = strlen("My Value");
data/389-ds-base-1.4.4.8/ldap/servers/slapd/test-plugins/testdbinterop.c:54:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    key->size = strlen(key_string);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/test-plugins/testdbinterop.c:83:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    data.size = strlen(data_dn);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/test-plugins/testdbinterop.c:155:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    data_sz = (PRInt32)strlen(data_dnp);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/test-plugins/testextendedop.c:97:53:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    retval = (char *)slapi_ch_malloc(bval->bv_len + strlen(msg) + 1);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/test-plugins/testextendedop.c:100:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    retbval.bv_len = strlen(retbval.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/test-plugins/testgetip.c:135:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (strlen(buf) > 7 && strncmp(buf, "::ffff:", 7) == 0) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/test-plugins/testpreop.c:128:38:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            tmp = (char *)malloc(5 + strlen(s));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/time.c:34:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    timebuf[strlen(timebuf) - 1] = '\0'; /* strip out return */
data/389-ds-base-1.4.4.8/ldap/servers/slapd/time.c:192:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    *bufsize = strlen(buf);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/time.c:243:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    *bufsize = strlen(buf);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/time.c:397:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    into->bv_len = strlen(into->bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/time.c:484:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    tbv.bv_len = strlen(from);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/time.c:506:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    endp = input + strlen(input) - 1;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/time.c:574:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    endp = input + strlen(input) - 1;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/dbscan.c:284:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        sprintf((char *)buf + strlen(buf), "%d ", idl->id[i]);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/dbscan.c:286:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        if (strlen(buf) > MAX_BUFFER - MIN_BUFFER) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/dbscan.c:302:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        int len = strlen(*buff);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/dbscan.c:314:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        (*buff) += strlen(*buff) + 1;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/dbscan.c:807:27:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    key.size = key.ulen = strlen(keybuf) + 1;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/dbscan.c:852:27:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    key.size = key.ulen = strlen(keybuf) + 1;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/dbscan.c:895:27:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    key.size = key.ulen = strlen(keybuf) + 1;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/dbscan.c:1267:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        key.size = strlen(find_key) + 1;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/eggencode.c:34:17:  [1] (buffer) getchar:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    while ((c = getchar()) != EOF) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldaptool-sasl.c:205:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        interact->len = strlen((char *)(interact->result));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldaptool-sasl.c:243:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        len = strlen(newvalue);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldaptool-sasl.c:249:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        len = strlen(str);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldaptool-sasl.c:271:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        interact->len = strlen(interact->result);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/data.c:60:14:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    for (i = strlen(str) - 1; (i >= 0) && (str[i] != '.'); i--)
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/data.c:136:32:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                (char *)malloc(strlen(fileName) + 1);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/data.c:340:14:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        if ((strlen(line) > 0) && (line[strlen(line) - 1] == '\n'))
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/data.c:340:41:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        if ((strlen(line) > 0) && (line[strlen(line) - 1] == '\n'))
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/data.c:341:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            line[strlen(line) - 1] = '\0';
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldapfct.c:156:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy(tttctx->bufBindDN, mctx.rndBindDlf->str[num], i);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldapfct.c:214:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy(&(tttctx->bufBindDN[tttctx->startBindDN]), tttctx->buf2,
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldapfct.c:223:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy(&(tttctx->bufPasswd[tttctx->startPasswd]), tttctx->buf2,
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldapfct.c:250:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    cred.bv_len = strlen(tttctx->bufPasswd);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldapfct.c:517:27:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            cred.bv_len = strlen(passwd);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldapfct.c:638:13:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
            strncpy(&(tttctx->bufSaslAuthid[tttctx->startSaslAuthid]),
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldapfct.c:697:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                cred.bv_len = strlen(passwd);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldapfct.c:1028:9:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
        strncpy(&(tttctx->bufBaseDN[tttctx->startBaseDN]),
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldapfct.c:1042:9:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
        strncpy(&(tttctx->bufAttrpl[tttctx->startAttrpl]), /*JLS 21-11-00*/
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldapfct.c:1061:9:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
        strcat(tttctx->bufFilter, "=");                                     /*JLS 23-03-01*/
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldapfct.c:1078:13:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
            strncpy(&(tttctx->bufFilter[tttctx->startRandom]),
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldapfct.c:1108:13:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
            strncpy(&(tttctx->bufFilter[tttctx->startRandom]), tttctx->buf2,
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldapfct.c:1319:5:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
    strcat(newDn, ",");
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldapfct.c:1382:5:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
    strcat(newDn, ",");
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldapfct.c:1493:5:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
    strcat(newDn, ",");
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldapfct.c:1693:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy(attrName, nodeDN, i);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldapfct.c:1707:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy(attrVal, nodeDN + i + 1, j - i - 1);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldapfct.c:2374:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy(ldclt_write_genldif_pt, str, lgth);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldapfct.c:2407:32:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    ldclt_write_genldif(newDn, strlen(newDn));                /*JLS 02-04-01*/
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldapfct.c:2412:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                            strlen(attrs[i]->mod_type));      /*JLS 02-04-01*/
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldapfct.c:2415:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                            strlen(attrs[i]->mod_values[0])); /*JLS 02-04-01*/
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldapfct.c:3600:49:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        NULL == attrs || NULL == *attrs || 0 == strlen(*attrs)) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldclt.c:892:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    for (i = 0; (i < strlen(src)) && (src[i] != 'X'); i++)
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldclt.c:900:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy(*head, src, i);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldclt.c:903:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    for (j = i; (i < strlen(src)) && (src[j] == 'X'); j++)
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldclt.c:905:28:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    *tail = (char *)malloc(strlen(src) - j + 1);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldclt.c:1119:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        for (i = 0; (i < strlen(mctx.attrpl)) && /*JLS 21-11-00*/
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldclt.c:1124:9:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
        strncpy(mctx.attrplName, mctx.attrpl, i); /*JLS 21-11-00*/
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldclt.c:1147:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        for (i = 0; (i < strlen(mctx.attrpl)) &&
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldclt.c:1152:9:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
        strncpy(mctx.attRef, mctx.attrpl, i);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldclt.c:1158:41:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        mctx.attRefDef = (char *)malloc(strlen(mctx.attrpl + i) + 2);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldclt.c:1164:9:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
        strncpy(mctx.attRefDef, mctx.attrpl + i + 1, strlen(mctx.attrpl + i + 1));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldclt.c:1164:54:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        strncpy(mctx.attRefDef, mctx.attrpl + i + 1, strlen(mctx.attrpl + i + 1));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldclt.c:1165:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        mctx.attRefDef[strlen(mctx.attrpl + i + 1)] = '\0';
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldclt.c:1176:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        for (i = 0; (i < strlen(mctx.attrpl)) &&
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldclt.c:1181:9:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
        strncpy(mctx.attrplName, mctx.attrpl, i);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldclt.c:1187:42:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        mctx.attrplFile = (char *)malloc(strlen(mctx.attrpl + i) + 2);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldclt.c:1193:9:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
        strncpy(mctx.attrplFile, mctx.attrpl + i + 1, strlen(mctx.attrpl + i + 1));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldclt.c:1193:55:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        strncpy(mctx.attrplFile, mctx.attrpl + i + 1, strlen(mctx.attrpl + i + 1));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldclt.c:1194:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        mctx.attrplFile[strlen(mctx.attrpl + i + 1)] = '\0';
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldclt.c:1573:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        int len = strlen(attr);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldclt.c:1640:30:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if ((list == NULL) || (!(strlen(list)))) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldclt.c:1649:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    while (start < strlen(list)) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldclt.c:1661:9:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
        strncpy(mctx.attrlist[mctx.attrlistNb], &(list[start]), end - start);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldclt.c:1704:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy(mctx.object.rdnName, value, i);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldclt.c:2189:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        lgth += strlen(argv[i]) + 1;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldclt.c:2197:9:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
        strcat(argvList, " ");
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldclt.c:2201:13:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
            strcat(argvList, "\"");
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/ldclt.c:2203:13:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
            strcat(argvList, "\"");
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/opCheck.c:142:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            attribs[i].length = strlen(mods[i]->mod_values[0]);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/opCheck.c:543:27:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
            if ((nbRead = read(pfd.fd, recOper, sizeof(repconfirm))) < 0)
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/opCheck.c:553:27:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
            if ((nbRead = read(pfd.fd, recOper->dn + sizeof(recOper->dn), recOper->dnSize)) < 0)
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/parser.c:170:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy(how, variant, end);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/parser.c:184:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy(first, variant + start, end - start);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/parser.c:201:9:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
        strncpy(second, variant + start, end - start);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/parser.c:219:9:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
        strncpy(third, variant + start, end - start);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/parser.c:353:13:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
            strncpy(variant, line + start, end - start);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/parser.c:379:13:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
            strncpy(field->cst, line + start, end - start);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/parser.c:441:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy(obj->attribs[obj->attribsNb].name, line, end);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/parser.c:494:14:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        if ((strlen(line) > 0) && (line[strlen(line) - 1] == '\n'))
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/parser.c:494:41:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        if ((strlen(line) > 0) && (line[strlen(line) - 1] == '\n'))
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/parser.c:495:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            line[strlen(line) - 1] = '\0';
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/repcheck.c:73:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            sz = strlen(pendops[i].dn);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/repslave.c:161:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            sz = strlen(pendops[i].dn);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/scalab01.c:353:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy(new->dn, dn, sizeof(new->dn));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/scalab01.c:500:34:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    filter = (char *)malloc((4 + strlen(attname)) * sizeof(char));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/scalab01.c:538:17:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
                strncpy(value, vals[0]->bv_val, vals[0]->bv_len);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/srv.c:99:16:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
        while (read(newfd, buff, 512) > 0) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/threadMain.c:538:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy(tttctx->lastMsgId->str, str, sizeof(tttctx->lastMsgId->str));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/threadMain.c:540:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy(tttctx->lastMsgId->dn, dn, sizeof(tttctx->lastMsgId->dn));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/threadMain.c:826:48:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            tttctx->bufFilter = (char *)malloc(strlen(mctx.filter) + 1);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/threadMain.c:836:39:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                tttctx->startRandom = strlen(mctx.randomHead);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/threadMain.c:853:40:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    tttctx->bufBaseDN = (char *)malloc(strlen(mctx.baseDN) + 1);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/threadMain.c:863:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        tttctx->startBaseDN = strlen(mctx.baseDNHead);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/threadMain.c:876:44:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        tttctx->bufBindDN = (char *)malloc(strlen(mctx.bindDN) + 1);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/threadMain.c:885:35:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            tttctx->startBindDN = strlen(mctx.bindDNHead);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/threadMain.c:900:44:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        tttctx->bufPasswd = (char *)malloc(strlen(mctx.passwd) + 1);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/threadMain.c:909:35:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            tttctx->startPasswd = strlen(mctx.passwdHead);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/threadMain.c:933:48:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        tttctx->bufSaslAuthid = (char *)malloc(strlen(mctx.sasl_authid) + 1);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/threadMain.c:942:39:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            tttctx->startSaslAuthid = strlen(mctx.sasl_authid_head);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/threadMain.c:954:44:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        tttctx->bufAttrpl = (char *)malloc(strlen(mctx.attrpl) + 1);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/ldclt/threadMain.c:960:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        tttctx->startAttrpl = strlen(mctx.attrplHead);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/mkdep.c:64:14:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        if ((strlen(depname) > 2) &&
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/mkdep.c:65:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            (strcmp(depname + strlen(depname) - 2, ".h") == 0)) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/mkdep.c:271:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        len = strlen(filename);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/pwenc.c:68:28:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    r = slapi_ch_calloc(1, strlen(orig) + 2);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/tools/pwenc.c:79:39:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                memmove(s + 1, s + 3, strlen(s + 3) + 1);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/uniqueid.c:266:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (strlen(buff) != strlen(format)) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/uniqueid.c:266:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (strlen(buff) != strlen(format)) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/uniqueidgen.c:216:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (strlen(configDir) == 0)
data/389-ds-base-1.4.4.8/ldap/servers/slapd/utf8.c:128:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    endp = s + strlen(s);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/utf8compare.c:40:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    size_t len = strlen((const char *)s);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/utf8compare.c:54:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    tail = s + strlen((char *)s);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/utf8compare.c:844:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    len = strlen((char *)s);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/utf8compare.c:1828:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    len = strlen((char *)s);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/utf8compare.c:2122:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    t0 = d0 + strlen((char *)d0);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/utf8compare.c:2123:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    t1 = d1 + strlen((char *)d1);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/utf8compare.c:2241:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    t0 = d0 + strlen((char *)d0);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/utf8compare.c:2242:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    t1 = d1 + strlen((char *)d1);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/util.c:122:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        len = strlen(str);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/util.c:324:34:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                    filter_len = strlen(buf);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/util.c:449:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        filter_len = strlen(filter_str);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/util.c:492:27:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    const char *end = s + strlen(s);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/util.c:761:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                vlen = strlen(*mvp);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/util.c:844:37:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    dirs = (char **)slapi_ch_calloc(strlen(path), sizeof(char *));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/util.c:845:38:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    rdirs = (char **)slapi_ch_calloc(strlen(path), sizeof(char *));
data/389-ds-base-1.4.4.8/ldap/servers/slapd/util.c:857:41:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        if (0 != strcmp(dnamep, ".") && strlen(dnamep) > 0) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/util.c:920:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        if (strlen(relpath) + strlen(abspath) + 1 > MAXPATHLEN) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/util.c:920:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        if (strlen(relpath) + strlen(abspath) + 1 > MAXPATHLEN) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/util.c:928:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                abspath[strlen(abspath) - 1] != _CSEP) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/util.c:939:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        int pathlen = strlen(abspath) + 1;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/util.c:942:27:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            int thislen = strlen(*np) + 1;
data/389-ds-base-1.4.4.8/ldap/servers/slapd/util.c:1084:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            len = strlen(a[ii]);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/util.c:1370:35:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            memmove(ptr, ptr + 3, strlen(ptr + 3) + 1);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/util.c:1377:41:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        memmove(fullname, fullname + 3, strlen(fullname) - 2);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/util.c:1408:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (strlen(rdn) < (size_t)util_uniqueidlen) {
data/389-ds-base-1.4.4.8/ldap/servers/slapd/util.c:1437:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            endp = rp + strlen(rp);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/util.c:1613:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        int len = strlen(dir);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/uuid.c:294:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy((char *)net_nsid.node, (char *)nsid.node, 6);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/uuid.c:433:40:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        path = (char *)slapi_ch_malloc(strlen(STATE_FILE) + 1);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/uuid.c:625:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    val.bv_len = strlen(val.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/uuid.c:629:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    val.bv_len = strlen(val.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/value.c:341:28:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        value->bv.bv_len = strlen(strVal);
data/389-ds-base-1.4.4.8/ldap/servers/slapd/value.c:356:28:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        value->bv.bv_len = strlen(value->bv.bv_val);
data/389-ds-base-1.4.4.8/ldap/servers/snmp/ldap-agent.c:600:34:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                                 strlen(context->hdr_tbl.dsDescription));
data/389-ds-base-1.4.4.8/ldap/servers/snmp/ldap-agent.c:606:34:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                                 strlen(context->hdr_tbl.dsVersion));
data/389-ds-base-1.4.4.8/ldap/servers/snmp/ldap-agent.c:612:34:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                                 strlen(context->hdr_tbl.dsOrganization));
data/389-ds-base-1.4.4.8/ldap/servers/snmp/ldap-agent.c:618:34:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                                 strlen(context->hdr_tbl.dsLocation));
data/389-ds-base-1.4.4.8/ldap/servers/snmp/ldap-agent.c:624:34:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                                 strlen(context->hdr_tbl.dsContact));
data/389-ds-base-1.4.4.8/ldap/servers/snmp/ldap-agent.c:630:34:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                                 strlen(context->hdr_tbl.dsName));
data/389-ds-base-1.4.4.8/ldap/servers/snmp/ldap-agent.c:681:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                              strlen(ctx->hdr_tbl.dsDescription));
data/389-ds-base-1.4.4.8/ldap/servers/snmp/ldap-agent.c:686:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                              strlen(ctx->hdr_tbl.dsVersion));
data/389-ds-base-1.4.4.8/ldap/servers/snmp/ldap-agent.c:692:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                              strlen(ctx->hdr_tbl.dsLocation));
data/389-ds-base-1.4.4.8/ldap/servers/snmp/ldap-agent.c:698:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                              strlen(ctx->hdr_tbl.dsContact));
data/389-ds-base-1.4.4.8/ldap/servers/snmp/ldap-agent.c:746:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                              strlen(ctx->hdr_tbl.dsDescription));
data/389-ds-base-1.4.4.8/ldap/servers/snmp/ldap-agent.c:751:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                              strlen(ctx->hdr_tbl.dsVersion));
data/389-ds-base-1.4.4.8/ldap/servers/snmp/ldap-agent.c:757:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                              strlen(ctx->hdr_tbl.dsLocation));
data/389-ds-base-1.4.4.8/ldap/servers/snmp/main.c:149:42:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            if ((log_hdl->token = malloc(strlen(agent_logdir) +
data/389-ds-base-1.4.4.8/ldap/servers/snmp/main.c:150:42:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                                         strlen(LDAP_AGENT_LOGFILE) + 2)) != NULL) {
data/389-ds-base-1.4.4.8/ldap/servers/snmp/main.c:151:17:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
                strncpy((char *)log_hdl->token, agent_logdir, strlen(agent_logdir) + 1);
data/389-ds-base-1.4.4.8/ldap/servers/snmp/main.c:151:63:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                strncpy((char *)log_hdl->token, agent_logdir, strlen(agent_logdir) + 1);
data/389-ds-base-1.4.4.8/ldap/servers/snmp/main.c:153:38:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                if (*(agent_logdir + strlen(agent_logdir)) != '/')
data/389-ds-base-1.4.4.8/ldap/servers/snmp/main.c:154:21:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
                    strcat((char *)log_hdl->token, "/");
data/389-ds-base-1.4.4.8/ldap/servers/snmp/main.c:156:43:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                ((char *)log_hdl->token)[(strlen(agent_logdir) + strlen(LDAP_AGENT_LOGFILE) + 1)] = (char)0;
data/389-ds-base-1.4.4.8/ldap/servers/snmp/main.c:156:66:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                ((char *)log_hdl->token)[(strlen(agent_logdir) + strlen(LDAP_AGENT_LOGFILE) + 1)] = (char)0;
data/389-ds-base-1.4.4.8/ldap/servers/snmp/main.c:289:27:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if ((pidfile = malloc(strlen(LOCALSTATEDIR) + strlen("/run/") +
data/389-ds-base-1.4.4.8/ldap/servers/snmp/main.c:289:51:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if ((pidfile = malloc(strlen(LOCALSTATEDIR) + strlen("/run/") +
data/389-ds-base-1.4.4.8/ldap/servers/snmp/main.c:290:27:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                          strlen(LDAP_AGENT_PIDFILE) + 1)) != NULL) {
data/389-ds-base-1.4.4.8/ldap/servers/snmp/main.c:291:9:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
        strncpy(pidfile, LOCALSTATEDIR, strlen(LOCALSTATEDIR) + 1);
data/389-ds-base-1.4.4.8/ldap/servers/snmp/main.c:291:41:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        strncpy(pidfile, LOCALSTATEDIR, strlen(LOCALSTATEDIR) + 1);
data/389-ds-base-1.4.4.8/ldap/servers/snmp/main.c:295:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        pidfile[strlen(LOCALSTATEDIR)] = (char)0;
data/389-ds-base-1.4.4.8/ldap/servers/snmp/main.c:305:27:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    for (p = (conf_path + strlen(conf_path) - 1); p >= conf_path; p--) {
data/389-ds-base-1.4.4.8/ldap/servers/snmp/main.c:308:17:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
                strncpy(agent_logdir, conf_path, (p - conf_path));
data/389-ds-base-1.4.4.8/ldap/servers/snmp/main.c:331:53:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                if ((agentx_master = (char *)malloc(strlen(p) + 1)) != NULL)
data/389-ds-base-1.4.4.8/ldap/servers/snmp/main.c:343:52:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                if ((agent_logdir = (char *)malloc(strlen(p) + 1)) != NULL)
data/389-ds-base-1.4.4.8/ldap/servers/snmp/main.c:367:43:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                serv_p->dse_ldif = malloc(strlen(p) + strlen(SYSCONFDIR) +
data/389-ds-base-1.4.4.8/ldap/servers/snmp/main.c:367:55:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                serv_p->dse_ldif = malloc(strlen(p) + strlen(SYSCONFDIR) +
data/389-ds-base-1.4.4.8/ldap/servers/snmp/main.c:368:43:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                                          strlen(PACKAGE_NAME) + 12);
data/389-ds-base-1.4.4.8/ldap/servers/snmp/main.c:370:48:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                    snprintf(serv_p->dse_ldif, strlen(p) + strlen(SYSCONFDIR) +
data/389-ds-base-1.4.4.8/ldap/servers/snmp/main.c:370:60:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                    snprintf(serv_p->dse_ldif, strlen(p) + strlen(SYSCONFDIR) +
data/389-ds-base-1.4.4.8/ldap/servers/snmp/main.c:371:52:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                                                   strlen(PACKAGE_NAME) + 12,
data/389-ds-base-1.4.4.8/ldap/servers/snmp/main.c:374:39:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                    serv_p->dse_ldif[(strlen(p) + strlen(SYSCONFDIR) +
data/389-ds-base-1.4.4.8/ldap/servers/snmp/main.c:374:51:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                    serv_p->dse_ldif[(strlen(p) + strlen(SYSCONFDIR) +
data/389-ds-base-1.4.4.8/ldap/servers/snmp/main.c:375:39:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                                      strlen(PACKAGE_NAME) + 11)] = (char)0;
data/389-ds-base-1.4.4.8/ldap/servers/snmp/main.c:386:49:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                serv_p->stats_sem_name = malloc(strlen(p) + 8);
data/389-ds-base-1.4.4.8/ldap/servers/snmp/main.c:388:54:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                    snprintf(serv_p->stats_sem_name, strlen(p) + 8, "/%s.stats", p);
data/389-ds-base-1.4.4.8/ldap/servers/snmp/main.c:452:80:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                            serv_p->stats_file = malloc(vlen + (instancename ? strlen(instancename) : 0) + 8);
data/389-ds-base-1.4.4.8/ldap/servers/snmp/main.c:454:69:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                                snprintf(serv_p->stats_file, vlen + strlen(instancename) + 8,
data/389-ds-base-1.4.4.8/ldap/servers/snmp/main.c:456:60:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                                serv_p->stats_file[(vlen + strlen(instancename) + 7)] = (char)0;
data/389-ds-base-1.4.4.8/lib/base/dnsdmain.cpp:140:14:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    dnlen = strlen(domain);
data/389-ds-base-1.4.4.8/lib/base/dnsdmain.cpp:146:10:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	hnlen = strlen(hname);
data/389-ds-base-1.4.4.8/lib/base/file.cpp:54:41:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if(S_ISREG(finfo->st_mode) && (path[strlen(path) - 1] == '/')) {
data/389-ds-base-1.4.4.8/lib/base/file.cpp:276:14:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    msglen = strlen(lmsg);
data/389-ds-base-1.4.4.8/lib/base/pool.cpp:466:12:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	int len = strlen(orig_str);
data/389-ds-base-1.4.4.8/lib/base/shexp.cpp:115:45:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    char *e2 = (char *) MALLOC(sizeof(char)*strlen(exp));
data/389-ds-base-1.4.4.8/lib/base/shexp.cpp:228:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    for(x=strlen(exp)-1;x;--x) {
data/389-ds-base-1.4.4.8/lib/base/system.cpp:225:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    int len = strlen(ptr);
data/389-ds-base-1.4.4.8/lib/ldaputil/cert.c:381:36:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        auto char *typeEnd = AVA + strlen(AVA);
data/389-ds-base-1.4.4.8/lib/ldaputil/cert.c:383:41:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            memmove(typeEnd + 1, value, strlen(value) + 1);
data/389-ds-base-1.4.4.8/lib/ldaputil/cert.c:392:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    return (AVA + strlen(AVA) + 1);
data/389-ds-base-1.4.4.8/lib/ldaputil/certmap.c:768:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        len = strlen(certmap_info->searchAttr) + strlen(subjectDN) +
data/389-ds-base-1.4.4.8/lib/ldaputil/certmap.c:768:50:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        len = strlen(certmap_info->searchAttr) + strlen(subjectDN) +
data/389-ds-base-1.4.4.8/lib/ldaputil/certmap.c:769:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
              strlen("=") + 1;
data/389-ds-base-1.4.4.8/lib/ldaputil/certmap.c:972:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    *len += strlen(buf);
data/389-ds-base-1.4.4.8/lib/ldaputil/certmap.c:1004:5:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
    strcat(filter + *flen, ")");
data/389-ds-base-1.4.4.8/lib/ldaputil/certmap.c:1107:27:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            (*filter_out)[strlen(*filter_out) - 1] = 0;
data/389-ds-base-1.4.4.8/lib/ldaputil/certmap.c:1110:13:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
            strcat(filter + flen, ")");
data/389-ds-base-1.4.4.8/lib/ldaputil/dbconf.c:145:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        end = ptr + strlen(ptr) - 1;
data/389-ds-base-1.4.4.8/lib/ldaputil/dbconf.c:157:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    int dbname_len = strlen(dbname);
data/389-ds-base-1.4.4.8/lib/ldaputil/dbconf.c:667:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        heap += strlen(db->dbname) + 1;
data/389-ds-base-1.4.4.8/lib/ldaputil/encode.c:137:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    int len = strlen(val);
data/389-ds-base-1.4.4.8/lib/ldaputil/examples/plugin.c:116:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    len = strlen("cn=, ou=, o=, c=") + strlen(cn_val[0]) + strlen(ou_val) +
data/389-ds-base-1.4.4.8/lib/ldaputil/examples/plugin.c:116:40:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    len = strlen("cn=, ou=, o=, c=") + strlen(cn_val[0]) + strlen(ou_val) +
data/389-ds-base-1.4.4.8/lib/ldaputil/examples/plugin.c:116:60:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    len = strlen("cn=, ou=, o=, c=") + strlen(cn_val[0]) + strlen(ou_val) +
data/389-ds-base-1.4.4.8/lib/ldaputil/examples/plugin.c:117:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          strlen(o_val[0]) + (c_val ? strlen(c_val[0]) : strlen("US")) + 1;
data/389-ds-base-1.4.4.8/lib/ldaputil/examples/plugin.c:117:39:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          strlen(o_val[0]) + (c_val ? strlen(c_val[0]) : strlen("US")) + 1;
data/389-ds-base-1.4.4.8/lib/ldaputil/examples/plugin.c:117:58:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          strlen(o_val[0]) + (c_val ? strlen(c_val[0]) : strlen("US")) + 1;
data/389-ds-base-1.4.4.8/lib/ldaputil/examples/plugin.c:126:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        len = strlen("mail=") + strlen(e_val[0]) + 1;
data/389-ds-base-1.4.4.8/lib/ldaputil/examples/plugin.c:126:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        len = strlen("mail=") + strlen(e_val[0]) + 1;
data/389-ds-base-1.4.4.8/lib/ldaputil/init.c:48:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    int suffix_len = strlen(DLL_SUFFIX);
data/389-ds-base-1.4.4.8/lib/ldaputil/init.c:57:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            int len = strlen(libname);
data/389-ds-base-1.4.4.8/lib/libaccess/acl.tab.cpp:50:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        len = strlen(s);
data/389-ds-base-1.4.4.8/lib/libaccess/acl.tab.cpp:164:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                	len = strlen(val);
data/389-ds-base-1.4.4.8/lib/libaccess/acl.yy.cpp:562:14:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
			     (c = getc( aclin )) != EOF && c != '\n'; ++n ) \
data/389-ds-base-1.4.4.8/lib/libaccess/acl.yy.cpp:1879:8:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	len = strlen(s);
data/389-ds-base-1.4.4.8/lib/libaccess/acl.yy.cpp:1942:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		acl_buffer_length = strlen(buffer);
data/389-ds-base-1.4.4.8/lib/libaccess/aclerror.cpp:118:7:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
		    strncpy(msgbuf, efp->ef_errv[0], maxlen);
data/389-ds-base-1.4.4.8/lib/libaccess/aclerror.cpp:125:11:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
		        strncpy(msgbuf, XP_GetAdminStr(DBT_AclerrfmtAclerrfail), maxlen);
data/389-ds-base-1.4.4.8/lib/libaccess/aclerror.cpp:128:25:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
                        strncpy(msgbuf, aclerrnomem, maxlen);
data/389-ds-base-1.4.4.8/lib/libaccess/aclerror.cpp:131:11:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
		        strncpy(msgbuf, aclerrinternal, maxlen);
data/389-ds-base-1.4.4.8/lib/libaccess/aclerror.cpp:134:11:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
		        strncpy(msgbuf, aclerrinval, maxlen);
data/389-ds-base-1.4.4.8/lib/libaccess/aclerror.cpp:140:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                len = strlen(msgbuf);
data/389-ds-base-1.4.4.8/lib/libaccess/aclutil.cpp:161:12:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	int len = strlen(token);
data/389-ds-base-1.4.4.8/lib/libaccess/aclutil.cpp:195:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	*len = strlen(token);
data/389-ds-base-1.4.4.8/lib/libaccess/authdb.cpp:149:6:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
	    strncpy(dbtypestr, url, prefix_len);
data/389-ds-base-1.4.4.8/lib/libaccess/lasdns.cpp:138:39:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    end_attr_pattern = attr_pattern + strlen(attr_pattern);
data/389-ds-base-1.4.4.8/lib/libaccess/lasip.cpp:78:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (strlen(netmaskstr) >= sizeof(token)) {
data/389-ds-base-1.4.4.8/lib/libaccess/lasip.cpp:82:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (strlen(ipstr) >= sizeof(token)) {
data/389-ds-base-1.4.4.8/lib/libaccess/lasip.cpp:96:13:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
            strncpy(token, netmaskstr, dotidx);
data/389-ds-base-1.4.4.8/lib/libaccess/lasip.cpp:116:13:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
            strncpy(token, ipstr, dotidx);
data/389-ds-base-1.4.4.8/lib/libaccess/lasip.cpp:257:38:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        delimiter    = (delimiter <= strlen(curptr)) ? delimiter : strlen(curptr);
data/389-ds-base-1.4.4.8/lib/libaccess/lasip.cpp:257:68:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        delimiter    = (delimiter <= strlen(curptr)) ? delimiter : strlen(curptr);
data/389-ds-base-1.4.4.8/lib/libaccess/lasip.cpp:258:9:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
        strncpy(token, curptr, delimiter);
data/389-ds-base-1.4.4.8/lib/libaccess/lasip.cpp:278:47:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                    delimiter = (delimiter <= strlen(curptr)) ? delimiter : strlen(curptr);
data/389-ds-base-1.4.4.8/lib/libaccess/lasip.cpp:278:77:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                    delimiter = (delimiter <= strlen(curptr)) ? delimiter : strlen(curptr);
data/389-ds-base-1.4.4.8/lib/libaccess/lasip.cpp:282:21:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
                    strncpy(token2, curptr, delimiter);
data/389-ds-base-1.4.4.8/lib/libaccess/lasip.cpp:315:47:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                    delimiter = (delimiter <= strlen(curptr)) ?	delimiter : strlen(curptr);
data/389-ds-base-1.4.4.8/lib/libaccess/lasip.cpp:315:77:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                    delimiter = (delimiter <= strlen(curptr)) ?	delimiter : strlen(curptr);
data/389-ds-base-1.4.4.8/lib/libaccess/lasip.cpp:316:21:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
                    strncpy(token2, curptr, delimiter);
data/389-ds-base-1.4.4.8/lib/libaccess/lastod.cpp:147:3:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
		strncpy(start, pattern, dash-pattern);
data/389-ds-base-1.4.4.8/lib/libaccess/lastod.cpp:151:7:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		if (strlen(dash+1) >= sizeof(end)) {
data/389-ds-base-1.4.4.8/lib/libaccess/lasuser.cpp:117:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    int len = strlen(user);
data/389-ds-base-1.4.4.8/lib/libaccess/nsautherr.cpp:86:3:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
		strncpy(msgbuf, nsaerrnomem, maxlen);
data/389-ds-base-1.4.4.8/lib/libaccess/nsautherr.cpp:87:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		len = strlen(nsaerrnomem);
data/389-ds-base-1.4.4.8/lib/libaccess/nsautherr.cpp:92:3:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
		strncpy(msgbuf, nsaerrinval, maxlen);
data/389-ds-base-1.4.4.8/lib/libaccess/nsautherr.cpp:93:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		len = strlen(nsaerrinval);
data/389-ds-base-1.4.4.8/lib/libadmin/template.c:63:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (strlen(tmp) > (unsigned)BIG_LINE)
data/389-ds-base-1.4.4.8/lib/libadmin/util.c:42:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    result = (char *)MALLOC(strlen("/tmp/lock.%%s.") + strlen(port) + 4);
data/389-ds-base-1.4.4.8/lib/libadmin/util.c:42:56:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    result = (char *)MALLOC(strlen("/tmp/lock.%%s.") + strlen(port) + 4);
data/389-ds-base-1.4.4.8/lib/libadmin/util.c:57:27:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    ans = (char *)MALLOC((strlen(str) * strlen(linefeed)) + 32);
data/389-ds-base-1.4.4.8/lib/libadmin/util.c:57:41:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    ans = (char *)MALLOC((strlen(str) * strlen(linefeed)) + 32);
data/389-ds-base-1.4.4.8/lib/libadmin/util.c:139:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            int len = strlen(cookie);
data/389-ds-base-1.4.4.8/lib/libsi18n/makstrdb.c:113:21:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120). Risk is low because the source is a
  constant string.
                    strncpy(cptr, "in DB file", 10);
data/389-ds-base-1.4.4.8/lib/libsi18n/makstrdb.c:141:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    dbfile = (char *)malloc(strlen(DATABASE_NAME) + 20);
data/389-ds-base-1.4.4.8/lib/libsi18n/txtfile.c:74:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    nLeft = strlen(txtfile->fbCurrent);
data/389-ds-base-1.4.4.8/lib/libsi18n/txtfile.c:103:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        return strlen(linebuf);
data/389-ds-base-1.4.4.8/lib/libsi18n/txtfile.c:112:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                return strlen(linebuf);
data/389-ds-base-1.4.4.8/lib/libsi18n/txtfile.c:126:59:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                txtfile->fbCurrent = txtfile->fbCurrent + strlen(linebuf);
data/389-ds-base-1.4.4.8/lib/libsi18n/txtfile.c:129:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        return strlen(linebuf);
data/389-ds-base-1.4.4.8/src/contrib/back-ldif/config.c:186:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        if ((len = strlen(line)) < 2) {
data/389-ds-base-1.4.4.8/src/contrib/back-ldif/delete.c:125:53:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        if (slapi_dn_issuffix(childdn, parentdn) && strlen(childdn) > strlen(parentdn)) {
data/389-ds-base-1.4.4.8/src/contrib/back-ldif/delete.c:125:71:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        if (slapi_dn_issuffix(childdn, parentdn) && strlen(childdn) > strlen(parentdn)) {
data/389-ds-base-1.4.4.8/src/contrib/back-ldif/modrdn.c:106:32:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        newdn = (char *)malloc(strlen(pdn) + strlen(newrdn) + 3);
data/389-ds-base-1.4.4.8/src/contrib/back-ldif/modrdn.c:106:46:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        newdn = (char *)malloc(strlen(pdn) + strlen(newrdn) + 3);
data/389-ds-base-1.4.4.8/src/contrib/back-ldif/modrdn.c:174:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    bv.bv_len = strlen(newdn);
data/389-ds-base-1.4.4.8/src/contrib/back-ldif/modrdn.c:230:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    bv->bv_len = strlen(s);
data/389-ds-base-1.4.4.8/src/contrib/back-ldif/monitor.c:60:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    val.bv_len = strlen(buf);
data/389-ds-base-1.4.4.8/src/contrib/back-ldif/monitor.c:69:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    val.bv_len = strlen(buf);
data/389-ds-base-1.4.4.8/src/contrib/back-ldif/monitor.c:75:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    val.bv_len = strlen(buf);
data/389-ds-base-1.4.4.8/src/contrib/back-ldif/monitor.c:81:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    val.bv_len = strlen(buf);
data/389-ds-base-1.4.4.8/src/contrib/back-ldif/monitor.c:90:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    val.bv_len = strlen(buf);
data/389-ds-base-1.4.4.8/src/libsds/test/benchmark_par.c:136:17:  [1] (obsolete) usleep:
  This C routine is considered obsolete (as opposed to the shell command by
  the same name). The interaction of this function with SIGALRM and other
  timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
  unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
                usleep(info->write_delay);
data/389-ds-base-1.4.4.8/src/libsds/test/benchmark_par.c:143:17:  [1] (obsolete) usleep:
  This C routine is considered obsolete (as opposed to the shell command by
  the same name). The interaction of this function with SIGALRM and other
  timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
  unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
                usleep(info->write_delay);
data/389-ds-base-1.4.4.8/src/libsds/test/benchmark_par.c:150:17:  [1] (obsolete) usleep:
  This C routine is considered obsolete (as opposed to the shell command by
  the same name). The interaction of this function with SIGALRM and other
  timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
  unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
                usleep(info->read_delay);
data/389-ds-base-1.4.4.8/src/libsds/test/benchmark_par.c:176:13:  [1] (obsolete) usleep:
  This C routine is considered obsolete (as opposed to the shell command by
  the same name). The interaction of this function with SIGALRM and other
  timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
  unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
            usleep(info->read_delay);
data/389-ds-base-1.4.4.8/src/libsds/test/benchmark_par.c:204:13:  [1] (obsolete) usleep:
  This C routine is considered obsolete (as opposed to the shell command by
  the same name). The interaction of this function with SIGALRM and other
  timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
  unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
            usleep(info->write_delay);
data/389-ds-base-1.4.4.8/src/libsds/test/benchmark_par.c:232:13:  [1] (obsolete) usleep:
  This C routine is considered obsolete (as opposed to the shell command by
  the same name). The interaction of this function with SIGALRM and other
  timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
  unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
            usleep(info->write_delay);
data/389-ds-base-1.4.4.8/src/rewriters/adfilter.c:204:61:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        (strncasecmp(bval->bv_val, objectsid_string_header, strlen(objectsid_string_header)) == 0)) {
data/389-ds-base-1.4.4.8/src/rewriters/adfilter.c:265:39:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            lenb64 = LDIF_SIZE_NEEDED(strlen("encodedb64"), bin_sid.length);
data/389-ds-base-1.4.4.8/src/rewriters/adfilter.c:368:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        bval->bv_len = strlen(newval);
data/389-ds-base-1.4.4.8/src/svrcore/src/pk11.c:159:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      store->length = strlen(pin)+1;
data/389-ds-base-1.4.4.8/src/svrcore/src/systemd-ask-pass.c:97:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy(saddr.sun_path, *path, 50);
data/389-ds-base-1.4.4.8/src/svrcore/src/systemd-ask-pass.c:262:5:  [1] (access) umask:
  Ensure that umask is given most restrictive possible setting (e.g., 066 or
  077) (CWE-732).
    umask( S_IWGRP | S_IWOTH );
data/389-ds-base-1.4.4.8/src/svrcore/src/systemd-ask-pass.c:396:17:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120). Risk is low because the source is a
  constant character.
                strncpy(token, "", PASS_MAX - 1);
data/389-ds-base-1.4.4.8/src/svrcore/src/systemd-ask-pass.c:398:17:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
                strncpy(token, tbuf + 1, PASS_MAX - 1);

ANALYSIS SUMMARY:

Hits = 3769
Lines analyzed = 441968 in approximately 10.68 seconds (41379 lines/second)
Physical Source Lines of Code (SLOC) = 307945
Hits@level = [0] 1485 [1] 1496 [2] 1652 [3]  50 [4] 556 [5]  15
Hits@level+ = [0+] 5254 [1+] 3769 [2+] 2273 [3+] 621 [4+] 571 [5+]  15
Hits/KSLOC@level+ = [0+] 17.0615 [1+] 12.2392 [2+] 7.38119 [3+] 2.01659 [4+] 1.85423 [5+] 0.04871
Dot directories skipped = 3 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.