Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/abseil-0~20200923.2/CMake/install_test_project/simple.cc Examining data/abseil-0~20200923.2/absl/algorithm/algorithm.h Examining data/abseil-0~20200923.2/absl/algorithm/algorithm_test.cc Examining data/abseil-0~20200923.2/absl/algorithm/container.h Examining data/abseil-0~20200923.2/absl/algorithm/container_test.cc Examining data/abseil-0~20200923.2/absl/algorithm/equal_benchmark.cc Examining data/abseil-0~20200923.2/absl/base/attributes.h Examining data/abseil-0~20200923.2/absl/base/bit_cast_test.cc Examining data/abseil-0~20200923.2/absl/base/call_once.h Examining data/abseil-0~20200923.2/absl/base/call_once_test.cc Examining data/abseil-0~20200923.2/absl/base/casts.h Examining data/abseil-0~20200923.2/absl/base/config.h Examining data/abseil-0~20200923.2/absl/base/config_test.cc Examining data/abseil-0~20200923.2/absl/base/const_init.h Examining data/abseil-0~20200923.2/absl/base/dynamic_annotations.h Examining data/abseil-0~20200923.2/absl/base/exception_safety_testing_test.cc Examining data/abseil-0~20200923.2/absl/base/inline_variable_test.cc Examining data/abseil-0~20200923.2/absl/base/inline_variable_test_a.cc Examining data/abseil-0~20200923.2/absl/base/inline_variable_test_b.cc Examining data/abseil-0~20200923.2/absl/base/internal/atomic_hook.h Examining data/abseil-0~20200923.2/absl/base/internal/atomic_hook_test.cc Examining data/abseil-0~20200923.2/absl/base/internal/atomic_hook_test_helper.cc Examining data/abseil-0~20200923.2/absl/base/internal/atomic_hook_test_helper.h Examining data/abseil-0~20200923.2/absl/base/internal/bits.h Examining data/abseil-0~20200923.2/absl/base/internal/bits_test.cc Examining data/abseil-0~20200923.2/absl/base/internal/cmake_thread_test.cc Examining data/abseil-0~20200923.2/absl/base/internal/cycleclock.cc Examining data/abseil-0~20200923.2/absl/base/internal/cycleclock.h Examining data/abseil-0~20200923.2/absl/base/internal/dynamic_annotations.h Examining data/abseil-0~20200923.2/absl/base/internal/endian.h Examining data/abseil-0~20200923.2/absl/base/internal/endian_test.cc Examining data/abseil-0~20200923.2/absl/base/internal/errno_saver.h Examining data/abseil-0~20200923.2/absl/base/internal/errno_saver_test.cc Examining data/abseil-0~20200923.2/absl/base/internal/exception_safety_testing.cc Examining data/abseil-0~20200923.2/absl/base/internal/exception_safety_testing.h Examining data/abseil-0~20200923.2/absl/base/internal/exception_testing.h Examining data/abseil-0~20200923.2/absl/base/internal/exponential_biased.cc Examining data/abseil-0~20200923.2/absl/base/internal/exponential_biased.h Examining data/abseil-0~20200923.2/absl/base/internal/exponential_biased_test.cc Examining data/abseil-0~20200923.2/absl/base/internal/fast_type_id.h Examining data/abseil-0~20200923.2/absl/base/internal/fast_type_id_test.cc Examining data/abseil-0~20200923.2/absl/base/internal/hide_ptr.h Examining data/abseil-0~20200923.2/absl/base/internal/identity.h Examining data/abseil-0~20200923.2/absl/base/internal/inline_variable.h Examining data/abseil-0~20200923.2/absl/base/internal/inline_variable_testing.h Examining data/abseil-0~20200923.2/absl/base/internal/invoke.h Examining data/abseil-0~20200923.2/absl/base/internal/low_level_alloc.cc Examining data/abseil-0~20200923.2/absl/base/internal/low_level_alloc.h Examining data/abseil-0~20200923.2/absl/base/internal/low_level_alloc_test.cc Examining data/abseil-0~20200923.2/absl/base/internal/low_level_scheduling.h Examining data/abseil-0~20200923.2/absl/base/internal/per_thread_tls.h Examining data/abseil-0~20200923.2/absl/base/internal/periodic_sampler.cc Examining data/abseil-0~20200923.2/absl/base/internal/periodic_sampler.h Examining data/abseil-0~20200923.2/absl/base/internal/periodic_sampler_benchmark.cc Examining data/abseil-0~20200923.2/absl/base/internal/periodic_sampler_test.cc Examining data/abseil-0~20200923.2/absl/base/internal/pretty_function.h Examining data/abseil-0~20200923.2/absl/base/internal/raw_logging.cc Examining data/abseil-0~20200923.2/absl/base/internal/raw_logging.h Examining data/abseil-0~20200923.2/absl/base/internal/scheduling_mode.h Examining data/abseil-0~20200923.2/absl/base/internal/scoped_set_env.cc Examining data/abseil-0~20200923.2/absl/base/internal/scoped_set_env.h Examining data/abseil-0~20200923.2/absl/base/internal/scoped_set_env_test.cc Examining data/abseil-0~20200923.2/absl/base/internal/spinlock.cc Examining data/abseil-0~20200923.2/absl/base/internal/spinlock.h Examining data/abseil-0~20200923.2/absl/base/internal/spinlock_benchmark.cc Examining data/abseil-0~20200923.2/absl/base/internal/spinlock_wait.cc Examining data/abseil-0~20200923.2/absl/base/internal/spinlock_wait.h Examining data/abseil-0~20200923.2/absl/base/internal/strerror.cc Examining data/abseil-0~20200923.2/absl/base/internal/strerror.h Examining data/abseil-0~20200923.2/absl/base/internal/strerror_benchmark.cc Examining data/abseil-0~20200923.2/absl/base/internal/strerror_test.cc Examining data/abseil-0~20200923.2/absl/base/internal/sysinfo.cc Examining data/abseil-0~20200923.2/absl/base/internal/sysinfo.h Examining data/abseil-0~20200923.2/absl/base/internal/sysinfo_test.cc Examining data/abseil-0~20200923.2/absl/base/internal/thread_annotations.h Examining data/abseil-0~20200923.2/absl/base/internal/thread_identity.cc Examining data/abseil-0~20200923.2/absl/base/internal/thread_identity.h Examining data/abseil-0~20200923.2/absl/base/internal/thread_identity_benchmark.cc Examining data/abseil-0~20200923.2/absl/base/internal/thread_identity_test.cc Examining data/abseil-0~20200923.2/absl/base/internal/throw_delegate.cc Examining data/abseil-0~20200923.2/absl/base/internal/throw_delegate.h Examining data/abseil-0~20200923.2/absl/base/internal/tsan_mutex_interface.h Examining data/abseil-0~20200923.2/absl/base/internal/unaligned_access.h Examining data/abseil-0~20200923.2/absl/base/internal/unique_small_name_test.cc Examining data/abseil-0~20200923.2/absl/base/internal/unscaledcycleclock.cc Examining data/abseil-0~20200923.2/absl/base/internal/unscaledcycleclock.h Examining data/abseil-0~20200923.2/absl/base/internal/direct_mmap.h Examining data/abseil-0~20200923.2/absl/base/invoke_test.cc Examining data/abseil-0~20200923.2/absl/base/log_severity.cc Examining data/abseil-0~20200923.2/absl/base/log_severity.h Examining data/abseil-0~20200923.2/absl/base/log_severity_test.cc Examining data/abseil-0~20200923.2/absl/base/macros.h Examining data/abseil-0~20200923.2/absl/base/optimization.h Examining data/abseil-0~20200923.2/absl/base/optimization_test.cc Examining data/abseil-0~20200923.2/absl/base/policy_checks.h Examining data/abseil-0~20200923.2/absl/base/port.h Examining data/abseil-0~20200923.2/absl/base/raw_logging_test.cc Examining data/abseil-0~20200923.2/absl/base/spinlock_test_common.cc Examining data/abseil-0~20200923.2/absl/base/thread_annotations.h Examining data/abseil-0~20200923.2/absl/base/throw_delegate_test.cc Examining data/abseil-0~20200923.2/absl/base/options.h Examining data/abseil-0~20200923.2/absl/container/btree_benchmark.cc Examining data/abseil-0~20200923.2/absl/container/btree_map.h Examining data/abseil-0~20200923.2/absl/container/btree_set.h Examining data/abseil-0~20200923.2/absl/container/btree_test.cc Examining data/abseil-0~20200923.2/absl/container/btree_test.h Examining data/abseil-0~20200923.2/absl/container/fixed_array.h Examining data/abseil-0~20200923.2/absl/container/fixed_array_benchmark.cc Examining data/abseil-0~20200923.2/absl/container/fixed_array_exception_safety_test.cc Examining data/abseil-0~20200923.2/absl/container/fixed_array_test.cc Examining data/abseil-0~20200923.2/absl/container/flat_hash_map.h Examining data/abseil-0~20200923.2/absl/container/flat_hash_map_test.cc Examining data/abseil-0~20200923.2/absl/container/flat_hash_set.h Examining data/abseil-0~20200923.2/absl/container/flat_hash_set_test.cc Examining data/abseil-0~20200923.2/absl/container/inlined_vector.h Examining data/abseil-0~20200923.2/absl/container/inlined_vector_benchmark.cc Examining data/abseil-0~20200923.2/absl/container/inlined_vector_exception_safety_test.cc Examining data/abseil-0~20200923.2/absl/container/inlined_vector_test.cc Examining data/abseil-0~20200923.2/absl/container/internal/btree.h Examining data/abseil-0~20200923.2/absl/container/internal/btree_container.h Examining data/abseil-0~20200923.2/absl/container/internal/common.h Examining data/abseil-0~20200923.2/absl/container/internal/compressed_tuple.h Examining data/abseil-0~20200923.2/absl/container/internal/compressed_tuple_test.cc Examining data/abseil-0~20200923.2/absl/container/internal/container_memory.h Examining data/abseil-0~20200923.2/absl/container/internal/container_memory_test.cc Examining data/abseil-0~20200923.2/absl/container/internal/counting_allocator.h Examining data/abseil-0~20200923.2/absl/container/internal/hash_function_defaults.h Examining data/abseil-0~20200923.2/absl/container/internal/hash_function_defaults_test.cc Examining data/abseil-0~20200923.2/absl/container/internal/hash_generator_testing.cc Examining data/abseil-0~20200923.2/absl/container/internal/hash_generator_testing.h Examining data/abseil-0~20200923.2/absl/container/internal/hash_policy_testing.h Examining data/abseil-0~20200923.2/absl/container/internal/hash_policy_testing_test.cc Examining data/abseil-0~20200923.2/absl/container/internal/hash_policy_traits.h Examining data/abseil-0~20200923.2/absl/container/internal/hash_policy_traits_test.cc Examining data/abseil-0~20200923.2/absl/container/internal/hashtable_debug.h Examining data/abseil-0~20200923.2/absl/container/internal/hashtable_debug_hooks.h Examining data/abseil-0~20200923.2/absl/container/internal/hashtablez_sampler.cc Examining data/abseil-0~20200923.2/absl/container/internal/hashtablez_sampler.h Examining data/abseil-0~20200923.2/absl/container/internal/hashtablez_sampler_force_weak_definition.cc Examining data/abseil-0~20200923.2/absl/container/internal/hashtablez_sampler_test.cc Examining data/abseil-0~20200923.2/absl/container/internal/inlined_vector.h Examining data/abseil-0~20200923.2/absl/container/internal/layout.h Examining data/abseil-0~20200923.2/absl/container/internal/layout_test.cc Examining data/abseil-0~20200923.2/absl/container/internal/node_hash_policy.h Examining data/abseil-0~20200923.2/absl/container/internal/node_hash_policy_test.cc Examining data/abseil-0~20200923.2/absl/container/internal/raw_hash_map.h Examining data/abseil-0~20200923.2/absl/container/internal/raw_hash_set.cc Examining data/abseil-0~20200923.2/absl/container/internal/raw_hash_set.h Examining data/abseil-0~20200923.2/absl/container/internal/raw_hash_set_allocator_test.cc Examining data/abseil-0~20200923.2/absl/container/internal/raw_hash_set_test.cc Examining data/abseil-0~20200923.2/absl/container/internal/test_instance_tracker.cc Examining data/abseil-0~20200923.2/absl/container/internal/test_instance_tracker.h Examining data/abseil-0~20200923.2/absl/container/internal/test_instance_tracker_test.cc Examining data/abseil-0~20200923.2/absl/container/internal/tracked.h Examining data/abseil-0~20200923.2/absl/container/internal/unordered_map_constructor_test.h Examining data/abseil-0~20200923.2/absl/container/internal/unordered_map_lookup_test.h Examining data/abseil-0~20200923.2/absl/container/internal/unordered_map_members_test.h Examining data/abseil-0~20200923.2/absl/container/internal/unordered_map_modifiers_test.h Examining data/abseil-0~20200923.2/absl/container/internal/unordered_map_test.cc Examining data/abseil-0~20200923.2/absl/container/internal/unordered_set_constructor_test.h Examining data/abseil-0~20200923.2/absl/container/internal/unordered_set_lookup_test.h Examining data/abseil-0~20200923.2/absl/container/internal/unordered_set_members_test.h Examining data/abseil-0~20200923.2/absl/container/internal/unordered_set_modifiers_test.h Examining data/abseil-0~20200923.2/absl/container/internal/unordered_set_test.cc Examining data/abseil-0~20200923.2/absl/container/internal/have_sse.h Examining data/abseil-0~20200923.2/absl/container/node_hash_map.h Examining data/abseil-0~20200923.2/absl/container/node_hash_map_test.cc Examining data/abseil-0~20200923.2/absl/container/node_hash_set.h Examining data/abseil-0~20200923.2/absl/container/node_hash_set_test.cc Examining data/abseil-0~20200923.2/absl/debugging/failure_signal_handler.cc Examining data/abseil-0~20200923.2/absl/debugging/failure_signal_handler.h Examining data/abseil-0~20200923.2/absl/debugging/failure_signal_handler_test.cc Examining data/abseil-0~20200923.2/absl/debugging/internal/address_is_readable.cc Examining data/abseil-0~20200923.2/absl/debugging/internal/address_is_readable.h Examining data/abseil-0~20200923.2/absl/debugging/internal/demangle.cc Examining data/abseil-0~20200923.2/absl/debugging/internal/demangle.h Examining data/abseil-0~20200923.2/absl/debugging/internal/demangle_test.cc Examining data/abseil-0~20200923.2/absl/debugging/internal/elf_mem_image.cc Examining data/abseil-0~20200923.2/absl/debugging/internal/elf_mem_image.h Examining data/abseil-0~20200923.2/absl/debugging/internal/examine_stack.h Examining data/abseil-0~20200923.2/absl/debugging/internal/stack_consumption.cc Examining data/abseil-0~20200923.2/absl/debugging/internal/stack_consumption.h Examining data/abseil-0~20200923.2/absl/debugging/internal/stack_consumption_test.cc Examining data/abseil-0~20200923.2/absl/debugging/internal/stacktrace_config.h Examining data/abseil-0~20200923.2/absl/debugging/internal/symbolize.h Examining data/abseil-0~20200923.2/absl/debugging/internal/vdso_support.cc Examining data/abseil-0~20200923.2/absl/debugging/internal/vdso_support.h Examining data/abseil-0~20200923.2/absl/debugging/internal/examine_stack.cc Examining data/abseil-0~20200923.2/absl/debugging/leak_check.cc Examining data/abseil-0~20200923.2/absl/debugging/leak_check.h Examining data/abseil-0~20200923.2/absl/debugging/leak_check_disable.cc Examining data/abseil-0~20200923.2/absl/debugging/leak_check_fail_test.cc Examining data/abseil-0~20200923.2/absl/debugging/leak_check_test.cc Examining data/abseil-0~20200923.2/absl/debugging/stacktrace.cc Examining data/abseil-0~20200923.2/absl/debugging/stacktrace.h Examining data/abseil-0~20200923.2/absl/debugging/symbolize.cc Examining data/abseil-0~20200923.2/absl/debugging/symbolize.h Examining data/abseil-0~20200923.2/absl/debugging/symbolize_test.cc Examining data/abseil-0~20200923.2/absl/flags/commandlineflag.cc Examining data/abseil-0~20200923.2/absl/flags/commandlineflag.h Examining data/abseil-0~20200923.2/absl/flags/commandlineflag_test.cc Examining data/abseil-0~20200923.2/absl/flags/config.h Examining data/abseil-0~20200923.2/absl/flags/config_test.cc Examining data/abseil-0~20200923.2/absl/flags/declare.h Examining data/abseil-0~20200923.2/absl/flags/flag.cc Examining data/abseil-0~20200923.2/absl/flags/flag.h Examining data/abseil-0~20200923.2/absl/flags/flag_benchmark.cc Examining data/abseil-0~20200923.2/absl/flags/flag_test.cc Examining data/abseil-0~20200923.2/absl/flags/flag_test_defs.cc Examining data/abseil-0~20200923.2/absl/flags/internal/commandlineflag.cc Examining data/abseil-0~20200923.2/absl/flags/internal/commandlineflag.h Examining data/abseil-0~20200923.2/absl/flags/internal/flag.cc Examining data/abseil-0~20200923.2/absl/flags/internal/flag.h Examining data/abseil-0~20200923.2/absl/flags/internal/parse.h Examining data/abseil-0~20200923.2/absl/flags/internal/path_util.h Examining data/abseil-0~20200923.2/absl/flags/internal/path_util_test.cc Examining data/abseil-0~20200923.2/absl/flags/internal/private_handle_accessor.cc Examining data/abseil-0~20200923.2/absl/flags/internal/private_handle_accessor.h Examining data/abseil-0~20200923.2/absl/flags/internal/program_name.cc Examining data/abseil-0~20200923.2/absl/flags/internal/program_name.h Examining data/abseil-0~20200923.2/absl/flags/internal/program_name_test.cc Examining data/abseil-0~20200923.2/absl/flags/internal/registry.h Examining data/abseil-0~20200923.2/absl/flags/internal/usage.cc Examining data/abseil-0~20200923.2/absl/flags/internal/usage.h Examining data/abseil-0~20200923.2/absl/flags/internal/usage_test.cc Examining data/abseil-0~20200923.2/absl/flags/marshalling.cc Examining data/abseil-0~20200923.2/absl/flags/marshalling.h Examining data/abseil-0~20200923.2/absl/flags/marshalling_test.cc Examining data/abseil-0~20200923.2/absl/flags/parse.cc Examining data/abseil-0~20200923.2/absl/flags/parse.h Examining data/abseil-0~20200923.2/absl/flags/parse_test.cc Examining data/abseil-0~20200923.2/absl/flags/reflection.cc Examining data/abseil-0~20200923.2/absl/flags/reflection.h Examining data/abseil-0~20200923.2/absl/flags/reflection_test.cc Examining data/abseil-0~20200923.2/absl/flags/usage.cc Examining data/abseil-0~20200923.2/absl/flags/usage.h Examining data/abseil-0~20200923.2/absl/flags/usage_config.cc Examining data/abseil-0~20200923.2/absl/flags/usage_config.h Examining data/abseil-0~20200923.2/absl/flags/usage_config_test.cc Examining data/abseil-0~20200923.2/absl/functional/bind_front.h Examining data/abseil-0~20200923.2/absl/functional/bind_front_test.cc Examining data/abseil-0~20200923.2/absl/functional/function_ref.h Examining data/abseil-0~20200923.2/absl/functional/function_ref_benchmark.cc Examining data/abseil-0~20200923.2/absl/functional/function_ref_test.cc Examining data/abseil-0~20200923.2/absl/functional/internal/front_binder.h Examining data/abseil-0~20200923.2/absl/functional/internal/function_ref.h Examining data/abseil-0~20200923.2/absl/hash/hash.h Examining data/abseil-0~20200923.2/absl/hash/hash_test.cc Examining data/abseil-0~20200923.2/absl/hash/hash_testing.h Examining data/abseil-0~20200923.2/absl/hash/internal/city.cc Examining data/abseil-0~20200923.2/absl/hash/internal/city.h Examining data/abseil-0~20200923.2/absl/hash/internal/city_test.cc Examining data/abseil-0~20200923.2/absl/hash/internal/hash.cc Examining data/abseil-0~20200923.2/absl/hash/internal/hash.h Examining data/abseil-0~20200923.2/absl/hash/internal/print_hash_of.cc Examining data/abseil-0~20200923.2/absl/hash/internal/spy_hash_state.h Examining data/abseil-0~20200923.2/absl/memory/memory.h Examining data/abseil-0~20200923.2/absl/memory/memory_exception_safety_test.cc Examining data/abseil-0~20200923.2/absl/memory/memory_test.cc Examining data/abseil-0~20200923.2/absl/meta/type_traits.h Examining data/abseil-0~20200923.2/absl/meta/type_traits_test.cc Examining data/abseil-0~20200923.2/absl/numeric/int128.cc Examining data/abseil-0~20200923.2/absl/numeric/int128.h Examining data/abseil-0~20200923.2/absl/numeric/int128_benchmark.cc Examining data/abseil-0~20200923.2/absl/numeric/int128_stream_test.cc Examining data/abseil-0~20200923.2/absl/numeric/int128_test.cc Examining data/abseil-0~20200923.2/absl/random/benchmarks.cc Examining data/abseil-0~20200923.2/absl/random/bernoulli_distribution.h Examining data/abseil-0~20200923.2/absl/random/bernoulli_distribution_test.cc Examining data/abseil-0~20200923.2/absl/random/beta_distribution.h Examining data/abseil-0~20200923.2/absl/random/beta_distribution_test.cc Examining data/abseil-0~20200923.2/absl/random/bit_gen_ref.h Examining data/abseil-0~20200923.2/absl/random/bit_gen_ref_test.cc Examining data/abseil-0~20200923.2/absl/random/discrete_distribution.cc Examining data/abseil-0~20200923.2/absl/random/discrete_distribution.h Examining data/abseil-0~20200923.2/absl/random/discrete_distribution_test.cc Examining data/abseil-0~20200923.2/absl/random/distributions.h Examining data/abseil-0~20200923.2/absl/random/distributions_test.cc Examining data/abseil-0~20200923.2/absl/random/examples_test.cc Examining data/abseil-0~20200923.2/absl/random/exponential_distribution.h Examining data/abseil-0~20200923.2/absl/random/exponential_distribution_test.cc Examining data/abseil-0~20200923.2/absl/random/gaussian_distribution.cc Examining data/abseil-0~20200923.2/absl/random/gaussian_distribution.h Examining data/abseil-0~20200923.2/absl/random/gaussian_distribution_test.cc Examining data/abseil-0~20200923.2/absl/random/generators_test.cc Examining data/abseil-0~20200923.2/absl/random/internal/chi_square.cc Examining data/abseil-0~20200923.2/absl/random/internal/chi_square.h Examining data/abseil-0~20200923.2/absl/random/internal/chi_square_test.cc Examining data/abseil-0~20200923.2/absl/random/internal/distribution_caller.h Examining data/abseil-0~20200923.2/absl/random/internal/distribution_test_util.cc Examining data/abseil-0~20200923.2/absl/random/internal/distribution_test_util.h Examining data/abseil-0~20200923.2/absl/random/internal/distribution_test_util_test.cc Examining data/abseil-0~20200923.2/absl/random/internal/explicit_seed_seq.h Examining data/abseil-0~20200923.2/absl/random/internal/explicit_seed_seq_test.cc Examining data/abseil-0~20200923.2/absl/random/internal/fast_uniform_bits.h Examining data/abseil-0~20200923.2/absl/random/internal/fast_uniform_bits_test.cc Examining data/abseil-0~20200923.2/absl/random/internal/fastmath.h Examining data/abseil-0~20200923.2/absl/random/internal/fastmath_test.cc Examining data/abseil-0~20200923.2/absl/random/internal/gaussian_distribution_gentables.cc Examining data/abseil-0~20200923.2/absl/random/internal/generate_real.h Examining data/abseil-0~20200923.2/absl/random/internal/generate_real_test.cc Examining data/abseil-0~20200923.2/absl/random/internal/iostream_state_saver.h Examining data/abseil-0~20200923.2/absl/random/internal/iostream_state_saver_test.cc Examining data/abseil-0~20200923.2/absl/random/internal/mock_helpers.h Examining data/abseil-0~20200923.2/absl/random/internal/mock_overload_set.h Examining data/abseil-0~20200923.2/absl/random/internal/nanobenchmark.cc Examining data/abseil-0~20200923.2/absl/random/internal/nanobenchmark.h Examining data/abseil-0~20200923.2/absl/random/internal/nanobenchmark_test.cc Examining data/abseil-0~20200923.2/absl/random/internal/nonsecure_base.h Examining data/abseil-0~20200923.2/absl/random/internal/nonsecure_base_test.cc Examining data/abseil-0~20200923.2/absl/random/internal/pcg_engine.h Examining data/abseil-0~20200923.2/absl/random/internal/pcg_engine_test.cc Examining data/abseil-0~20200923.2/absl/random/internal/platform.h Examining data/abseil-0~20200923.2/absl/random/internal/pool_urbg.cc Examining data/abseil-0~20200923.2/absl/random/internal/pool_urbg.h Examining data/abseil-0~20200923.2/absl/random/internal/pool_urbg_test.cc Examining data/abseil-0~20200923.2/absl/random/internal/randen.cc Examining data/abseil-0~20200923.2/absl/random/internal/randen.h Examining data/abseil-0~20200923.2/absl/random/internal/randen_benchmarks.cc Examining data/abseil-0~20200923.2/absl/random/internal/randen_detect.cc Examining data/abseil-0~20200923.2/absl/random/internal/randen_detect.h Examining data/abseil-0~20200923.2/absl/random/internal/randen_engine.h Examining data/abseil-0~20200923.2/absl/random/internal/randen_engine_test.cc Examining data/abseil-0~20200923.2/absl/random/internal/randen_hwaes.cc Examining data/abseil-0~20200923.2/absl/random/internal/randen_hwaes.h Examining data/abseil-0~20200923.2/absl/random/internal/randen_hwaes_test.cc Examining data/abseil-0~20200923.2/absl/random/internal/randen_round_keys.cc Examining data/abseil-0~20200923.2/absl/random/internal/randen_slow.cc Examining data/abseil-0~20200923.2/absl/random/internal/randen_slow.h Examining data/abseil-0~20200923.2/absl/random/internal/randen_slow_test.cc Examining data/abseil-0~20200923.2/absl/random/internal/randen_test.cc Examining data/abseil-0~20200923.2/absl/random/internal/randen_traits.h Examining data/abseil-0~20200923.2/absl/random/internal/salted_seed_seq.h Examining data/abseil-0~20200923.2/absl/random/internal/salted_seed_seq_test.cc Examining data/abseil-0~20200923.2/absl/random/internal/seed_material.cc Examining data/abseil-0~20200923.2/absl/random/internal/seed_material.h Examining data/abseil-0~20200923.2/absl/random/internal/seed_material_test.cc Examining data/abseil-0~20200923.2/absl/random/internal/sequence_urbg.h Examining data/abseil-0~20200923.2/absl/random/internal/traits.h Examining data/abseil-0~20200923.2/absl/random/internal/traits_test.cc Examining data/abseil-0~20200923.2/absl/random/internal/uniform_helper.h Examining data/abseil-0~20200923.2/absl/random/internal/uniform_helper_test.cc Examining data/abseil-0~20200923.2/absl/random/internal/wide_multiply.h Examining data/abseil-0~20200923.2/absl/random/internal/wide_multiply_test.cc Examining data/abseil-0~20200923.2/absl/random/log_uniform_int_distribution.h Examining data/abseil-0~20200923.2/absl/random/log_uniform_int_distribution_test.cc Examining data/abseil-0~20200923.2/absl/random/mock_distributions.h Examining data/abseil-0~20200923.2/absl/random/mock_distributions_test.cc Examining data/abseil-0~20200923.2/absl/random/mocking_bit_gen.h Examining data/abseil-0~20200923.2/absl/random/mocking_bit_gen_test.cc Examining data/abseil-0~20200923.2/absl/random/poisson_distribution.h Examining data/abseil-0~20200923.2/absl/random/poisson_distribution_test.cc Examining data/abseil-0~20200923.2/absl/random/random.h Examining data/abseil-0~20200923.2/absl/random/seed_gen_exception.cc Examining data/abseil-0~20200923.2/absl/random/seed_gen_exception.h Examining data/abseil-0~20200923.2/absl/random/seed_sequences.cc Examining data/abseil-0~20200923.2/absl/random/seed_sequences.h Examining data/abseil-0~20200923.2/absl/random/seed_sequences_test.cc Examining data/abseil-0~20200923.2/absl/random/uniform_int_distribution.h Examining data/abseil-0~20200923.2/absl/random/uniform_int_distribution_test.cc Examining data/abseil-0~20200923.2/absl/random/uniform_real_distribution.h Examining data/abseil-0~20200923.2/absl/random/uniform_real_distribution_test.cc Examining data/abseil-0~20200923.2/absl/random/zipf_distribution.h Examining data/abseil-0~20200923.2/absl/random/zipf_distribution_test.cc Examining data/abseil-0~20200923.2/absl/status/internal/status_internal.h Examining data/abseil-0~20200923.2/absl/status/internal/statusor_internal.h Examining data/abseil-0~20200923.2/absl/status/status.cc Examining data/abseil-0~20200923.2/absl/status/status.h Examining data/abseil-0~20200923.2/absl/status/status_payload_printer.cc Examining data/abseil-0~20200923.2/absl/status/status_payload_printer.h Examining data/abseil-0~20200923.2/absl/status/status_test.cc Examining data/abseil-0~20200923.2/absl/status/statusor.cc Examining data/abseil-0~20200923.2/absl/status/statusor.h Examining data/abseil-0~20200923.2/absl/status/statusor_test.cc Examining data/abseil-0~20200923.2/absl/strings/ascii.cc Examining data/abseil-0~20200923.2/absl/strings/ascii.h Examining data/abseil-0~20200923.2/absl/strings/ascii_benchmark.cc Examining data/abseil-0~20200923.2/absl/strings/ascii_test.cc Examining data/abseil-0~20200923.2/absl/strings/charconv.cc Examining data/abseil-0~20200923.2/absl/strings/charconv.h Examining data/abseil-0~20200923.2/absl/strings/charconv_benchmark.cc Examining data/abseil-0~20200923.2/absl/strings/charconv_test.cc Examining data/abseil-0~20200923.2/absl/strings/cord.cc Examining data/abseil-0~20200923.2/absl/strings/cord.h Examining data/abseil-0~20200923.2/absl/strings/cord_test.cc Examining data/abseil-0~20200923.2/absl/strings/cord_test_helpers.h Examining data/abseil-0~20200923.2/absl/strings/escaping.cc Examining data/abseil-0~20200923.2/absl/strings/escaping.h Examining data/abseil-0~20200923.2/absl/strings/escaping_benchmark.cc Examining data/abseil-0~20200923.2/absl/strings/escaping_test.cc Examining data/abseil-0~20200923.2/absl/strings/internal/char_map.h Examining data/abseil-0~20200923.2/absl/strings/internal/char_map_benchmark.cc Examining data/abseil-0~20200923.2/absl/strings/internal/char_map_test.cc Examining data/abseil-0~20200923.2/absl/strings/internal/charconv_bigint.cc Examining data/abseil-0~20200923.2/absl/strings/internal/charconv_bigint.h Examining data/abseil-0~20200923.2/absl/strings/internal/charconv_bigint_test.cc Examining data/abseil-0~20200923.2/absl/strings/internal/charconv_parse.cc Examining data/abseil-0~20200923.2/absl/strings/internal/charconv_parse.h Examining data/abseil-0~20200923.2/absl/strings/internal/charconv_parse_test.cc Examining data/abseil-0~20200923.2/absl/strings/internal/cord_internal.h Examining data/abseil-0~20200923.2/absl/strings/internal/escaping.cc Examining data/abseil-0~20200923.2/absl/strings/internal/escaping.h Examining data/abseil-0~20200923.2/absl/strings/internal/escaping_test_common.h Examining data/abseil-0~20200923.2/absl/strings/internal/memutil.cc Examining data/abseil-0~20200923.2/absl/strings/internal/memutil.h Examining data/abseil-0~20200923.2/absl/strings/internal/memutil_benchmark.cc Examining data/abseil-0~20200923.2/absl/strings/internal/memutil_test.cc Examining data/abseil-0~20200923.2/absl/strings/internal/numbers_test_common.h Examining data/abseil-0~20200923.2/absl/strings/internal/ostringstream.cc Examining data/abseil-0~20200923.2/absl/strings/internal/ostringstream.h Examining data/abseil-0~20200923.2/absl/strings/internal/ostringstream_benchmark.cc Examining data/abseil-0~20200923.2/absl/strings/internal/ostringstream_test.cc Examining data/abseil-0~20200923.2/absl/strings/internal/pow10_helper.cc Examining data/abseil-0~20200923.2/absl/strings/internal/pow10_helper.h Examining data/abseil-0~20200923.2/absl/strings/internal/pow10_helper_test.cc Examining data/abseil-0~20200923.2/absl/strings/internal/resize_uninitialized.h Examining data/abseil-0~20200923.2/absl/strings/internal/resize_uninitialized_test.cc Examining data/abseil-0~20200923.2/absl/strings/internal/stl_type_traits.h Examining data/abseil-0~20200923.2/absl/strings/internal/str_format/arg.cc Examining data/abseil-0~20200923.2/absl/strings/internal/str_format/arg.h Examining data/abseil-0~20200923.2/absl/strings/internal/str_format/arg_test.cc Examining data/abseil-0~20200923.2/absl/strings/internal/str_format/bind.cc Examining data/abseil-0~20200923.2/absl/strings/internal/str_format/bind.h Examining data/abseil-0~20200923.2/absl/strings/internal/str_format/bind_test.cc Examining data/abseil-0~20200923.2/absl/strings/internal/str_format/checker.h Examining data/abseil-0~20200923.2/absl/strings/internal/str_format/checker_test.cc Examining data/abseil-0~20200923.2/absl/strings/internal/str_format/convert_test.cc Examining data/abseil-0~20200923.2/absl/strings/internal/str_format/extension.cc Examining data/abseil-0~20200923.2/absl/strings/internal/str_format/extension.h Examining data/abseil-0~20200923.2/absl/strings/internal/str_format/extension_test.cc Examining data/abseil-0~20200923.2/absl/strings/internal/str_format/float_conversion.cc Examining data/abseil-0~20200923.2/absl/strings/internal/str_format/float_conversion.h Examining data/abseil-0~20200923.2/absl/strings/internal/str_format/output.cc Examining data/abseil-0~20200923.2/absl/strings/internal/str_format/output.h Examining data/abseil-0~20200923.2/absl/strings/internal/str_format/output_test.cc Examining data/abseil-0~20200923.2/absl/strings/internal/str_format/parser.cc Examining data/abseil-0~20200923.2/absl/strings/internal/str_format/parser.h Examining data/abseil-0~20200923.2/absl/strings/internal/str_format/parser_test.cc Examining data/abseil-0~20200923.2/absl/strings/internal/str_join_internal.h Examining data/abseil-0~20200923.2/absl/strings/internal/str_split_internal.h Examining data/abseil-0~20200923.2/absl/strings/internal/utf8.cc Examining data/abseil-0~20200923.2/absl/strings/internal/utf8.h Examining data/abseil-0~20200923.2/absl/strings/internal/utf8_test.cc Examining data/abseil-0~20200923.2/absl/strings/match.cc Examining data/abseil-0~20200923.2/absl/strings/match.h Examining data/abseil-0~20200923.2/absl/strings/match_test.cc Examining data/abseil-0~20200923.2/absl/strings/numbers.cc Examining data/abseil-0~20200923.2/absl/strings/numbers.h Examining data/abseil-0~20200923.2/absl/strings/numbers_benchmark.cc Examining data/abseil-0~20200923.2/absl/strings/numbers_test.cc Examining data/abseil-0~20200923.2/absl/strings/str_cat.cc Examining data/abseil-0~20200923.2/absl/strings/str_cat.h Examining data/abseil-0~20200923.2/absl/strings/str_cat_benchmark.cc Examining data/abseil-0~20200923.2/absl/strings/str_cat_test.cc Examining data/abseil-0~20200923.2/absl/strings/str_format.h Examining data/abseil-0~20200923.2/absl/strings/str_format_test.cc Examining data/abseil-0~20200923.2/absl/strings/str_join.h Examining data/abseil-0~20200923.2/absl/strings/str_join_benchmark.cc Examining data/abseil-0~20200923.2/absl/strings/str_join_test.cc Examining data/abseil-0~20200923.2/absl/strings/str_replace.cc Examining data/abseil-0~20200923.2/absl/strings/str_replace.h Examining data/abseil-0~20200923.2/absl/strings/str_replace_benchmark.cc Examining data/abseil-0~20200923.2/absl/strings/str_replace_test.cc Examining data/abseil-0~20200923.2/absl/strings/str_split.cc Examining data/abseil-0~20200923.2/absl/strings/str_split.h Examining data/abseil-0~20200923.2/absl/strings/str_split_benchmark.cc Examining data/abseil-0~20200923.2/absl/strings/str_split_test.cc Examining data/abseil-0~20200923.2/absl/strings/string_view.cc Examining data/abseil-0~20200923.2/absl/strings/string_view.h Examining data/abseil-0~20200923.2/absl/strings/string_view_benchmark.cc Examining data/abseil-0~20200923.2/absl/strings/string_view_test.cc Examining data/abseil-0~20200923.2/absl/strings/strip.h Examining data/abseil-0~20200923.2/absl/strings/strip_test.cc Examining data/abseil-0~20200923.2/absl/strings/substitute.cc Examining data/abseil-0~20200923.2/absl/strings/substitute.h Examining data/abseil-0~20200923.2/absl/strings/substitute_test.cc Examining data/abseil-0~20200923.2/absl/synchronization/barrier.cc Examining data/abseil-0~20200923.2/absl/synchronization/barrier.h Examining data/abseil-0~20200923.2/absl/synchronization/barrier_test.cc Examining data/abseil-0~20200923.2/absl/synchronization/blocking_counter.cc Examining data/abseil-0~20200923.2/absl/synchronization/blocking_counter.h Examining data/abseil-0~20200923.2/absl/synchronization/blocking_counter_test.cc Examining data/abseil-0~20200923.2/absl/synchronization/internal/create_thread_identity.cc Examining data/abseil-0~20200923.2/absl/synchronization/internal/create_thread_identity.h Examining data/abseil-0~20200923.2/absl/synchronization/internal/graphcycles.cc Examining data/abseil-0~20200923.2/absl/synchronization/internal/graphcycles.h Examining data/abseil-0~20200923.2/absl/synchronization/internal/graphcycles_benchmark.cc Examining data/abseil-0~20200923.2/absl/synchronization/internal/graphcycles_test.cc Examining data/abseil-0~20200923.2/absl/synchronization/internal/kernel_timeout.h Examining data/abseil-0~20200923.2/absl/synchronization/internal/mutex_nonprod.cc Examining data/abseil-0~20200923.2/absl/synchronization/internal/per_thread_sem.cc Examining data/abseil-0~20200923.2/absl/synchronization/internal/per_thread_sem.h Examining data/abseil-0~20200923.2/absl/synchronization/internal/per_thread_sem_test.cc Examining data/abseil-0~20200923.2/absl/synchronization/internal/thread_pool.h Examining data/abseil-0~20200923.2/absl/synchronization/internal/waiter.cc Examining data/abseil-0~20200923.2/absl/synchronization/internal/waiter.h Examining data/abseil-0~20200923.2/absl/synchronization/lifetime_test.cc Examining data/abseil-0~20200923.2/absl/synchronization/mutex.cc Examining data/abseil-0~20200923.2/absl/synchronization/mutex.h Examining data/abseil-0~20200923.2/absl/synchronization/mutex_benchmark.cc Examining data/abseil-0~20200923.2/absl/synchronization/mutex_test.cc Examining data/abseil-0~20200923.2/absl/synchronization/notification.cc Examining data/abseil-0~20200923.2/absl/synchronization/notification.h Examining data/abseil-0~20200923.2/absl/synchronization/notification_test.cc Examining data/abseil-0~20200923.2/absl/time/civil_time.cc Examining data/abseil-0~20200923.2/absl/time/civil_time.h Examining data/abseil-0~20200923.2/absl/time/civil_time_benchmark.cc Examining data/abseil-0~20200923.2/absl/time/civil_time_test.cc Examining data/abseil-0~20200923.2/absl/time/clock.cc Examining data/abseil-0~20200923.2/absl/time/clock.h Examining data/abseil-0~20200923.2/absl/time/clock_benchmark.cc Examining data/abseil-0~20200923.2/absl/time/clock_test.cc Examining data/abseil-0~20200923.2/absl/time/duration.cc Examining data/abseil-0~20200923.2/absl/time/duration_benchmark.cc Examining data/abseil-0~20200923.2/absl/time/duration_test.cc Examining data/abseil-0~20200923.2/absl/time/format.cc Examining data/abseil-0~20200923.2/absl/time/format_benchmark.cc Examining data/abseil-0~20200923.2/absl/time/format_test.cc Examining data/abseil-0~20200923.2/absl/time/internal/cctz/include/cctz/civil_time.h Examining data/abseil-0~20200923.2/absl/time/internal/cctz/include/cctz/civil_time_detail.h Examining data/abseil-0~20200923.2/absl/time/internal/cctz/include/cctz/time_zone.h Examining data/abseil-0~20200923.2/absl/time/internal/cctz/include/cctz/zone_info_source.h Examining data/abseil-0~20200923.2/absl/time/internal/cctz/src/cctz_benchmark.cc Examining data/abseil-0~20200923.2/absl/time/internal/cctz/src/civil_time_detail.cc Examining data/abseil-0~20200923.2/absl/time/internal/cctz/src/civil_time_test.cc Examining data/abseil-0~20200923.2/absl/time/internal/cctz/src/time_zone_fixed.cc Examining data/abseil-0~20200923.2/absl/time/internal/cctz/src/time_zone_fixed.h Examining data/abseil-0~20200923.2/absl/time/internal/cctz/src/time_zone_format.cc Examining data/abseil-0~20200923.2/absl/time/internal/cctz/src/time_zone_format_test.cc Examining data/abseil-0~20200923.2/absl/time/internal/cctz/src/time_zone_if.cc Examining data/abseil-0~20200923.2/absl/time/internal/cctz/src/time_zone_if.h Examining data/abseil-0~20200923.2/absl/time/internal/cctz/src/time_zone_impl.cc Examining data/abseil-0~20200923.2/absl/time/internal/cctz/src/time_zone_impl.h Examining data/abseil-0~20200923.2/absl/time/internal/cctz/src/time_zone_info.cc Examining data/abseil-0~20200923.2/absl/time/internal/cctz/src/time_zone_info.h Examining data/abseil-0~20200923.2/absl/time/internal/cctz/src/time_zone_libc.cc Examining data/abseil-0~20200923.2/absl/time/internal/cctz/src/time_zone_libc.h Examining data/abseil-0~20200923.2/absl/time/internal/cctz/src/time_zone_lookup.cc Examining data/abseil-0~20200923.2/absl/time/internal/cctz/src/time_zone_lookup_test.cc Examining data/abseil-0~20200923.2/absl/time/internal/cctz/src/time_zone_posix.cc Examining data/abseil-0~20200923.2/absl/time/internal/cctz/src/time_zone_posix.h Examining data/abseil-0~20200923.2/absl/time/internal/cctz/src/tzfile.h Examining data/abseil-0~20200923.2/absl/time/internal/cctz/src/zone_info_source.cc Examining data/abseil-0~20200923.2/absl/time/internal/test_util.cc Examining data/abseil-0~20200923.2/absl/time/internal/test_util.h Examining data/abseil-0~20200923.2/absl/time/time.cc Examining data/abseil-0~20200923.2/absl/time/time.h Examining data/abseil-0~20200923.2/absl/time/time_benchmark.cc Examining data/abseil-0~20200923.2/absl/time/time_test.cc Examining data/abseil-0~20200923.2/absl/time/time_zone_test.cc Examining data/abseil-0~20200923.2/absl/types/any.h Examining data/abseil-0~20200923.2/absl/types/any_exception_safety_test.cc Examining data/abseil-0~20200923.2/absl/types/any_test.cc Examining data/abseil-0~20200923.2/absl/types/bad_any_cast.cc Examining data/abseil-0~20200923.2/absl/types/bad_any_cast.h Examining data/abseil-0~20200923.2/absl/types/bad_optional_access.cc Examining data/abseil-0~20200923.2/absl/types/bad_optional_access.h Examining data/abseil-0~20200923.2/absl/types/bad_variant_access.cc Examining data/abseil-0~20200923.2/absl/types/bad_variant_access.h Examining data/abseil-0~20200923.2/absl/types/compare.h Examining data/abseil-0~20200923.2/absl/types/compare_test.cc Examining data/abseil-0~20200923.2/absl/types/internal/conformance_aliases.h Examining data/abseil-0~20200923.2/absl/types/internal/conformance_archetype.h Examining data/abseil-0~20200923.2/absl/types/internal/conformance_profile.h Examining data/abseil-0~20200923.2/absl/types/internal/conformance_testing.h Examining data/abseil-0~20200923.2/absl/types/internal/conformance_testing_helpers.h Examining data/abseil-0~20200923.2/absl/types/internal/conformance_testing_test.cc Examining data/abseil-0~20200923.2/absl/types/internal/optional.h Examining data/abseil-0~20200923.2/absl/types/internal/parentheses.h Examining data/abseil-0~20200923.2/absl/types/internal/span.h Examining data/abseil-0~20200923.2/absl/types/internal/transform_args.h Examining data/abseil-0~20200923.2/absl/types/internal/variant.h Examining data/abseil-0~20200923.2/absl/types/optional.h Examining data/abseil-0~20200923.2/absl/types/optional_exception_safety_test.cc Examining data/abseil-0~20200923.2/absl/types/optional_test.cc Examining data/abseil-0~20200923.2/absl/types/span.h Examining data/abseil-0~20200923.2/absl/types/span_test.cc Examining data/abseil-0~20200923.2/absl/types/variant.h Examining data/abseil-0~20200923.2/absl/types/variant_benchmark.cc Examining data/abseil-0~20200923.2/absl/types/variant_exception_safety_test.cc Examining data/abseil-0~20200923.2/absl/types/variant_test.cc Examining data/abseil-0~20200923.2/absl/utility/utility.h Examining data/abseil-0~20200923.2/absl/utility/utility_test.cc Examining data/abseil-0~20200923.2/ci/absl_alternate_options.h FINAL RESULTS: data/abseil-0~20200923.2/absl/base/internal/exception_safety_testing.h:587:18: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). return absl::StrCat("ThrowingValue<", data/abseil-0~20200923.2/absl/base/internal/exception_safety_testing.h:749:18: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). return absl::StrCat("ThrowingAllocator<", data/abseil-0~20200923.2/absl/base/internal/exponential_biased_test.cc:34:18: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). absl::StrCat(std::string(negation ? "isn't" : "is"), " between ", a, data/abseil-0~20200923.2/absl/base/internal/raw_logging.cc:92:11: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. int n = vsnprintf(*buf, *size, format, ap); data/abseil-0~20200923.2/absl/base/internal/raw_logging.cc:123:11: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. int n = vsnprintf(*buf, *size, format, ap); data/abseil-0~20200923.2/absl/base/invoke_test.cc:59:12: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). return StrCat("&", args...); data/abseil-0~20200923.2/absl/base/invoke_test.cc:63:12: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). return StrCat("const&", args...); data/abseil-0~20200923.2/absl/base/invoke_test.cc:67:12: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). return StrCat("&&", args...); data/abseil-0~20200923.2/absl/base/log_severity_test.cc:65:38: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). const std::string to_parse = absl::StrCat(GetParam()); data/abseil-0~20200923.2/absl/base/log_severity_test.cc:78:38: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). const std::string to_parse = absl::StrCat(GetParam()); data/abseil-0~20200923.2/absl/base/log_severity_test.cc:195:38: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). const std::string expected = absl::StrCat(GetParam()); data/abseil-0~20200923.2/absl/base/raw_logging_test.cc:66:33: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). ABSL_INTERNAL_LOG(INFO, absl::StrCat("Internal log ", 3, " + ", d)); data/abseil-0~20200923.2/absl/container/btree_test.cc:867:22: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). return a < absl::StrCat(b); data/abseil-0~20200923.2/absl/container/btree_test.cc:870:18: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). return absl::StrCat(a) < b; data/abseil-0~20200923.2/absl/container/btree_test.cc:1035:32: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). ASSERT_TRUE(s.insert(absl::StrCat(i).c_str()).second); data/abseil-0~20200923.2/absl/container/inlined_vector_benchmark.cc:248:24: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). state.SetLabel(absl::StrCat("sz=", size)); data/abseil-0~20200923.2/absl/container/internal/layout.h:651:29: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). std::string res = absl::StrCat("@0", types[0], "(", sizes[0], ")"); data/abseil-0~20200923.2/absl/debugging/failure_signal_handler_test.cc:50:34: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). std::string exit_regex = absl::StrCat( data/abseil-0~20200923.2/absl/debugging/failure_signal_handler_test.cc:100:28: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). std::string file = absl::StrCat(tmp_dir, "/signo_", signo); data/abseil-0~20200923.2/absl/debugging/failure_signal_handler_test.cc:102:34: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). std::string exit_regex = absl::StrCat( data/abseil-0~20200923.2/absl/debugging/failure_signal_handler_test.cc:121:24: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). StartsWith(absl::StrCat( data/abseil-0~20200923.2/absl/debugging/failure_signal_handler_test.cc:142:20: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). result = absl::StrCat(info.param); data/abseil-0~20200923.2/absl/flags/commandlineflag_test.cc:34:17: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). absl::StrCat("string_flag", " help")); data/abseil-0~20200923.2/absl/flags/flag_test.cc:473:16: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). return absl::StrCat(ntc.value); data/abseil-0~20200923.2/absl/flags/flag_test.cc:593:17: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). absl::StrCat("AAA", "BBB"), "test string flag non const default"); data/abseil-0~20200923.2/absl/flags/flag_test.cc:608:17: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). absl::StrCat("test ", "flag ", "non const help")); data/abseil-0~20200923.2/absl/flags/flag_test.cc:677:16: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). return absl::StrCat(f.a, ":", f.b); data/abseil-0~20200923.2/absl/flags/flag_test.cc:745:16: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). return absl::StrCat(val.a); data/abseil-0~20200923.2/absl/flags/flag_test.cc:784:16: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). return absl::StrCat(ndc.value); data/abseil-0~20200923.2/absl/flags/flag_test.cc:813:56: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). ABSL_RETIRED_FLAG(std::string, old_str_flag, "", absl::StrCat("old ", "descr")); data/abseil-0~20200923.2/absl/flags/internal/flag.cc:112:29: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). absl::StrCat("Restore saved value of ", flag_impl_.Name(), data/abseil-0~20200923.2/absl/flags/internal/flag.cc:209:20: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). FATAL, absl::StrCat("Flag '", Name(), data/abseil-0~20200923.2/absl/flags/internal/flag.cc:424:17: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). err = absl::StrCat("Illegal value '", value, "' specified for flag '", data/abseil-0~20200923.2/absl/flags/internal/flag.cc:464:38: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). ABSL_INTERNAL_LOG(ERROR, absl::StrCat("Attempt to set flag '", Name(), data/abseil-0~20200923.2/absl/flags/internal/flag.cc:549:15: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). absl::StrCat("Flag ", Name(), " (from ", Filename(), data/abseil-0~20200923.2/absl/flags/internal/usage.cc:191:23: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). printer.Write(absl::StrCat("--", flag.Name())); data/abseil-0~20200923.2/absl/flags/internal/usage.cc:194:23: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). printer.Write(absl::StrCat("(", flag.Help(), ");"), /*wrap_line=*/true); data/abseil-0~20200923.2/absl/flags/internal/usage.cc:205:22: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). dflt_val = absl::StrCat("\"", dflt_val, "\""); data/abseil-0~20200923.2/absl/flags/internal/usage.cc:207:23: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). printer.Write(absl::StrCat("default: ", dflt_val, ";")); data/abseil-0~20200923.2/absl/flags/internal/usage.cc:211:24: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). curr_val = absl::StrCat("\"", curr_val, "\""); data/abseil-0~20200923.2/absl/flags/internal/usage.cc:213:25: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). printer.Write(absl::StrCat("currently: ", curr_val, ";")); data/abseil-0~20200923.2/absl/flags/internal/usage.cc:343:20: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). out, absl::StrCat("/", absl::GetFlag(FLAGS_helpon), "."), data/abseil-0~20200923.2/absl/flags/marshalling.cc:166:45: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). std::string Unparse(short v) { return absl::StrCat(v); } data/abseil-0~20200923.2/absl/flags/marshalling.cc:167:54: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). std::string Unparse(unsigned short v) { return absl::StrCat(v); } data/abseil-0~20200923.2/absl/flags/marshalling.cc:168:43: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). std::string Unparse(int v) { return absl::StrCat(v); } data/abseil-0~20200923.2/absl/flags/marshalling.cc:169:52: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). std::string Unparse(unsigned int v) { return absl::StrCat(v); } data/abseil-0~20200923.2/absl/flags/marshalling.cc:170:44: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). std::string Unparse(long v) { return absl::StrCat(v); } data/abseil-0~20200923.2/absl/flags/marshalling.cc:171:53: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). std::string Unparse(unsigned long v) { return absl::StrCat(v); } data/abseil-0~20200923.2/absl/flags/marshalling.cc:172:49: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). std::string Unparse(long long v) { return absl::StrCat(v); } data/abseil-0~20200923.2/absl/flags/marshalling.cc:173:58: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). std::string Unparse(unsigned long long v) { return absl::StrCat(v); } data/abseil-0~20200923.2/absl/flags/parse.cc:177:15: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). absl::StrCat("Can't open flagfile ", flag_file_name), true); data/abseil-0~20200923.2/absl/flags/parse.cc:211:15: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). absl::StrCat("Unexpected line in the flagfile ", flag_file_name, ": ", data/abseil-0~20200923.2/absl/flags/parse.cc:367:17: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). absl::StrCat("Infinite recursion on flag ", flag_name), true); data/abseil-0~20200923.2/absl/flags/parse.cc:373:39: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). const std::string envname = absl::StrCat("FLAGS_", flag_name); data/abseil-0~20200923.2/absl/flags/parse.cc:378:19: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). absl::StrCat(envname, " not found in environment"), true); data/abseil-0~20200923.2/absl/flags/parse.cc:386:26: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). args.push_back(absl::StrCat("--", flag_name, "=", envval)); data/abseil-0~20200923.2/absl/flags/parse.cc:517:19: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). absl::StrCat( data/abseil-0~20200923.2/absl/flags/parse.cc:529:17: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). absl::StrCat("Negative form with assignment is not valid for the " data/abseil-0~20200923.2/absl/flags/parse.cc:538:15: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). absl::StrCat("Negative form is not valid for the flag '", flag.Name(), data/abseil-0~20200923.2/absl/flags/parse.cc:546:17: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). absl::StrCat("Missing the value for the flag '", flag.Name(), "'"), data/abseil-0~20200923.2/absl/flags/parse.cc:568:19: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). absl::StrCat("Did you really mean to set flag '", flag.Name(), data/abseil-0~20200923.2/absl/flags/parse.cc:750:15: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). absl::StrCat("Unknown command line flag '", flag_name.second, "'"), data/abseil-0~20200923.2/absl/flags/parse_test.cc:179:15: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). absl::StrCat(GetTestTempDir(), flagfile_data.file_name); data/abseil-0~20200923.2/absl/flags/reflection.cc:113:17: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). absl::StrCat( data/abseil-0~20200923.2/absl/flags/reflection.cc:120:17: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). absl::StrCat("Flag '", flag.Name(), data/abseil-0~20200923.2/absl/flags/reflection.cc:129:17: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). absl::StrCat("Flag '", flag.Name(), data/abseil-0~20200923.2/absl/flags/reflection.cc:135:17: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). absl::StrCat( data/abseil-0~20200923.2/absl/flags/reflection.cc:232:15: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). absl::StrCat("Accessing retired flag '", name_, "'"), false); data/abseil-0~20200923.2/absl/flags/reflection_test.cc:119:16: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). return absl::StrCat(f.a, ":", f.b); data/abseil-0~20200923.2/absl/hash/hash_testing.h:166:18: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). return absl::StrCat("#", index, "(", testing::PrintToString(*value), ")"); data/abseil-0~20200923.2/absl/random/beta_distribution_test.cc:446:28: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). std::string name = absl::StrCat("alpha_", ::testing::get<0>(info.param), data/abseil-0~20200923.2/absl/random/exponential_distribution_test.cc:294:29: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). absl::StrCat("lambda ", lambda(), "\n", // data/abseil-0~20200923.2/absl/random/exponential_distribution_test.cc:353:28: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). std::string name = absl::StrCat("lambda_", absl::SixDigits(p.lambda)); data/abseil-0~20200923.2/absl/random/gaussian_distribution_test.cc:322:21: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). INFO, absl::StrCat("mean=", mean(), " stddev=", stddev(), "\n", // data/abseil-0~20200923.2/absl/random/gaussian_distribution_test.cc:398:28: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). std::string name = absl::StrCat("mean_", absl::SixDigits(p.mean), "__stddev_", data/abseil-0~20200923.2/absl/random/internal/distribution_test_util.cc:93:33: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). std::string formatted = absl::StrCat( data/abseil-0~20200923.2/absl/random/internal/randen_engine_test.cc:648:33: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). ABSL_INTERNAL_LOG(INFO, absl::StrCat(static_cast<double>(duration) / data/abseil-0~20200923.2/absl/random/log_uniform_int_distribution_test.cc:112:29: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). absl::StrCat("Range: ", +sample_min, ", ", +sample_max)); data/abseil-0~20200923.2/absl/random/log_uniform_int_distribution_test.cc:187:37: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). ABSL_INTERNAL_LOG(INFO, absl::StrCat(i, ": ", buckets[i])); data/abseil-0~20200923.2/absl/random/log_uniform_int_distribution_test.cc:245:13: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). absl::StrCat("min_", p.min(), "__max_", p.max(), "__base_", p.base()); data/abseil-0~20200923.2/absl/random/poisson_distribution_test.cc:137:35: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). ABSL_INTERNAL_LOG(INFO, absl::StrCat("Range {", param.mean(), "}: ", data/abseil-0~20200923.2/absl/random/poisson_distribution_test.cc:191:35: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). ABSL_INTERNAL_LOG(INFO, absl::StrCat("CDF (mean = ", mean_, ")")); data/abseil-0~20200923.2/absl/random/poisson_distribution_test.cc:194:31: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). absl::StrCat(c.index, ": pmf=", c.pmf, " cdf=", c.cdf)); data/abseil-0~20200923.2/absl/random/poisson_distribution_test.cc:342:28: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). std::string name = absl::StrCat("mean_", absl::SixDigits(p.mean)); data/abseil-0~20200923.2/absl/random/poisson_distribution_test.cc:442:35: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). ABSL_INTERNAL_LOG(INFO, absl::StrCat("VALUES buckets=", counts.size(), data/abseil-0~20200923.2/absl/random/poisson_distribution_test.cc:446:23: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). INFO, absl::StrCat(cutoffs_[i], ": ", counts[i], " vs. E=", e[i])); data/abseil-0~20200923.2/absl/random/poisson_distribution_test.cc:451:15: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). absl::StrCat(kChiSquared, "(data, dof=", dof, ") = ", chi_square, " (", data/abseil-0~20200923.2/absl/random/uniform_int_distribution_test.cc:109:29: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). std::string msg = absl::StrCat("Range: ", +sample_min, ", ", +sample_max); data/abseil-0~20200923.2/absl/random/uniform_int_distribution_test.cc:128:22: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). EXPECT_FALSE(absl::StrCat(+x).empty()) << x; data/abseil-0~20200923.2/absl/random/uniform_real_distribution_test.cc:158:31: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). std::string msg = absl::StrCat("Range: ", static_cast<double>(sample_min), data/abseil-0~20200923.2/absl/random/zipf_distribution_test.cc:106:29: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). absl::StrCat("Range: ", +sample_min, ", ", +sample_max)); data/abseil-0~20200923.2/absl/random/zipf_distribution_test.cc:308:37: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). ABSL_INTERNAL_LOG(INFO, absl::StrCat(points[i], ": ", buckets[i], data/abseil-0~20200923.2/absl/random/zipf_distribution_test.cc:311:35: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). ABSL_INTERNAL_LOG(INFO, absl::StrCat("trials ", trials)); data/abseil-0~20200923.2/absl/random/zipf_distribution_test.cc:313:29: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). absl::StrCat("mean ", avg, " vs. expected ", mean())); data/abseil-0~20200923.2/absl/random/zipf_distribution_test.cc:314:35: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). ABSL_INTERNAL_LOG(INFO, absl::StrCat(kChiSquared, "(data, ", dof, ") = ", data/abseil-0~20200923.2/absl/random/zipf_distribution_test.cc:317:29: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). absl::StrCat(kChiSquared, " @ 0.9995 = ", threshold)); data/abseil-0~20200923.2/absl/random/zipf_distribution_test.cc:345:28: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). std::string name = absl::StrCat("k_", p.k(), "__q_", absl::SixDigits(p.q()), data/abseil-0~20200923.2/absl/status/status_test.cc:80:15: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). absl::StrCat("error code ", test.code, " test message"); data/abseil-0~20200923.2/absl/status/status_test.cc:168:31: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). bad_status.SetPayload(absl::StrCat(kUrl1, ".1"), absl::Cord(kPayload1)); data/abseil-0~20200923.2/absl/status/status_test.cc:169:43: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). EXPECT_THAT(bad_status.GetPayload(absl::StrCat(kUrl1, ".1")), data/abseil-0~20200923.2/absl/status/statusor.cc:53:13: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). absl::StrCat("Attempting to fetch value instead of handling error ", data/abseil-0~20200923.2/absl/status/statusor.cc:63:13: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). absl::StrCat("Attempting to fetch value instead of handling error ", data/abseil-0~20200923.2/absl/strings/charconv_test.cc:283:13: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). absl::StrCat(mantissa, std::string(1000, '0'), "1e", exponent); data/abseil-0~20200923.2/absl/strings/charconv_test.cc:289:35: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). std::string halfway_rep = absl::StrCat(mantissa, "e", exponent); data/abseil-0~20200923.2/absl/strings/charconv_test.cc:553:37: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). std::string candidate = absl::StrCat(mantissa, "e", exponent); data/abseil-0~20200923.2/absl/strings/charconv_test.cc:571:37: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). std::string candidate = absl::StrCat(mantissa, "e", exponent); data/abseil-0~20200923.2/absl/strings/charconv_test.cc:600:31: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). std::string input = absl::StrCat("nan(", n_char_sequence, ")"); data/abseil-0~20200923.2/absl/strings/charconv_test.cc:633:31: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). std::string input = absl::StrCat("nan(", n_char_sequence, ")"); data/abseil-0~20200923.2/absl/strings/charconv_test.cc:740:49: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). auto input_gen = [](int index) { return absl::StrCat("0x1.0p", index); }; data/abseil-0~20200923.2/absl/strings/charconv_test.cc:751:49: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). auto input_gen = [](int index) { return absl::StrCat("0x1.0p", index); }; data/abseil-0~20200923.2/absl/strings/charconv_test.cc:763:49: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). auto input_gen = [](int index) { return absl::StrCat("1.0e", index); }; data/abseil-0~20200923.2/absl/strings/charconv_test.cc:775:49: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). auto input_gen = [](int index) { return absl::StrCat("1.0e", index); }; data/abseil-0~20200923.2/absl/strings/cord.cc:982:29: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). absl::StrCat("Requested prefix size ", n, data/abseil-0~20200923.2/absl/strings/cord.cc:996:29: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). absl::StrCat("Requested suffix size ", n, data/abseil-0~20200923.2/absl/strings/cord.cc:1986:50: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). ABSL_INTERNAL_CHECK(s <= kMaxFlatLength, absl::StrCat("Invalid length ", s)); data/abseil-0~20200923.2/absl/strings/cord_test.cc:1561:35: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). cord_chunks.push_back(absl::StrCat("[", i, "]")); data/abseil-0~20200923.2/absl/strings/escaping.cc:59:22: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). *error = absl::StrCat("invalid surrogate character (0xD800-DFFF): \\", data/abseil-0~20200923.2/absl/strings/internal/str_format/convert_test.cc:82:16: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. int result = vsnprintf(space, kSpaceLength, format, backup_ap); data/abseil-0~20200923.2/absl/strings/internal/str_format/convert_test.cc:103:12: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. result = vsnprintf(buf, length, format, backup_ap); data/abseil-0~20200923.2/absl/strings/internal/str_format/float_conversion.cc:942:13: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. int n = snprintf(&space[0], space.size(), fmt, w, p, v); data/abseil-0~20200923.2/absl/strings/numbers_test.cc:207:30: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). std::string actual = absl::StrCat(absl::Hex(v, absl::kZeroPad16)); data/abseil-0~20200923.2/absl/strings/numbers_test.cc:208:3: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(expected, sizeof(expected), "%016" PRIx64, static_cast<uint64_t>(v)); data/abseil-0~20200923.2/absl/strings/numbers_test.cc:210:18: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). actual = absl::StrCat(absl::Hex(v, absl::kSpacePad16)); data/abseil-0~20200923.2/absl/strings/numbers_test.cc:211:3: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(expected, sizeof(expected), "%16" PRIx64, static_cast<uint64_t>(v)); data/abseil-0~20200923.2/absl/strings/numbers_test.cc:267:25: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). std::string s = absl::StrCat(in_value); data/abseil-0~20200923.2/absl/strings/numbers_test.cc:662:26: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). parse_func(absl::StrCat(std::numeric_limits<IntType>::max(), value), data/abseil-0~20200923.2/absl/strings/numbers_test.cc:668:28: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). parse_func(absl::StrCat(std::numeric_limits<IntType>::min(), value), data/abseil-0~20200923.2/absl/strings/numbers_test.cc:671:37: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). EXPECT_FALSE(parse_func(absl::StrCat("-", value), &parsed_value, base)); data/abseil-0~20200923.2/absl/strings/numbers_test.cc:903:28: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). absl::StrCat("Six-digit failure with double. ", "d=", d, data/abseil-0~20200923.2/absl/strings/numbers_test.cc:956:19: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). absl::StrCat("Exp ", exponent, " powten=", powten, "(", powten, data/abseil-0~20200923.2/absl/strings/numbers_test.cc:986:17: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). absl::StrCat( data/abseil-0~20200923.2/absl/strings/numbers_test.cc:1015:14: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). {absl::StrCat(int32_min, int32_max), false, int32_min}, data/abseil-0~20200923.2/absl/strings/numbers_test.cc:1016:14: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). {absl::StrCat(int32_max, int32_max), false, int32_max}, data/abseil-0~20200923.2/absl/strings/numbers_test.cc:1047:14: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). {absl::StrCat(uint32_max, uint32_max), false, uint32_max}, data/abseil-0~20200923.2/absl/strings/numbers_test.cc:1079:14: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). {absl::StrCat(int64_min, int64_max), false, int64_min}, data/abseil-0~20200923.2/absl/strings/numbers_test.cc:1080:14: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). {absl::StrCat(int64_max, int64_max), false, int64_max}, data/abseil-0~20200923.2/absl/strings/numbers_test.cc:1111:14: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). {absl::StrCat(uint64_max, uint64_max), false, uint64_max}, data/abseil-0~20200923.2/absl/strings/numbers_test.cc:1265:3: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(buf2, sizeof(buf2), "%016" PRIx64, v); data/abseil-0~20200923.2/absl/strings/numbers_test.cc:1267:28: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. size_t expected_digits = snprintf(buf2, sizeof(buf2), "%" PRIx64, v); data/abseil-0~20200923.2/absl/strings/str_cat.cc:98:13: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). std::string StrCat(const AlphaNum& a, const AlphaNum& b) { data/abseil-0~20200923.2/absl/strings/str_cat.cc:110:13: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). std::string StrCat(const AlphaNum& a, const AlphaNum& b, const AlphaNum& c) { data/abseil-0~20200923.2/absl/strings/str_cat.cc:123:13: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). std::string StrCat(const AlphaNum& a, const AlphaNum& b, const AlphaNum& c, data/abseil-0~20200923.2/absl/strings/str_cat.h:327:41: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). ABSL_MUST_USE_RESULT inline std::string StrCat() { return std::string(); } data/abseil-0~20200923.2/absl/strings/str_cat.h:329:41: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). ABSL_MUST_USE_RESULT inline std::string StrCat(const AlphaNum& a) { data/abseil-0~20200923.2/absl/strings/str_cat.h:333:34: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). ABSL_MUST_USE_RESULT std::string StrCat(const AlphaNum& a, const AlphaNum& b); data/abseil-0~20200923.2/absl/strings/str_cat.h:334:34: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). ABSL_MUST_USE_RESULT std::string StrCat(const AlphaNum& a, const AlphaNum& b, data/abseil-0~20200923.2/absl/strings/str_cat.h:336:34: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). ABSL_MUST_USE_RESULT std::string StrCat(const AlphaNum& a, const AlphaNum& b, data/abseil-0~20200923.2/absl/strings/str_cat.h:341:41: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). ABSL_MUST_USE_RESULT inline std::string StrCat( data/abseil-0~20200923.2/absl/strings/str_cat_benchmark.cc:39:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(foo, absl::StrCat(kStringOne, i, kStringTwo, i * 65536ULL).c_str()); data/abseil-0~20200923.2/absl/strings/str_cat_benchmark.cc:39:23: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). strcpy(foo, absl::StrCat(kStringOne, i, kStringTwo, i * 65536ULL).c_str()); data/abseil-0~20200923.2/absl/strings/str_cat_benchmark.cc:64:66: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). std::string(kStringOne) + " " + kStringTwo + ":" + absl::StrCat(i); data/abseil-0~20200923.2/absl/strings/str_cat_benchmark.cc:78:21: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). result += absl::StrCat(i); data/abseil-0~20200923.2/absl/strings/str_cat_benchmark.cc:88:32: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). std::string result = absl::StrCat(kStringOne, " ", kStringTwo, ":", i); data/abseil-0~20200923.2/absl/strings/str_cat_benchmark.cc:99:15: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). absl::StrCat(kStringOne, " ", absl::Hex(int64_t{i} + 0x10000000)); data/abseil-0~20200923.2/absl/strings/str_cat_benchmark.cc:121:32: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). std::string result = absl::StrCat(foo += 1.001f, " != ", int64_t{i}); data/abseil-0~20200923.2/absl/strings/str_cat_benchmark.cc:133:15: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). absl::StrCat(absl::SixDigits(foo += 1.001), " != ", int64_t{i}); data/abseil-0~20200923.2/absl/strings/str_cat_test.cc:39:6: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). TEST(StrCat, Ints) { data/abseil-0~20200923.2/absl/strings/str_cat_test.cc:53:18: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). answer = absl::StrCat(s, us); data/abseil-0~20200923.2/absl/strings/str_cat_test.cc:55:18: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). answer = absl::StrCat(i, ui); data/abseil-0~20200923.2/absl/strings/str_cat_test.cc:57:18: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). answer = absl::StrCat(l, ul); data/abseil-0~20200923.2/absl/strings/str_cat_test.cc:59:18: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). answer = absl::StrCat(ll, ull); data/abseil-0~20200923.2/absl/strings/str_cat_test.cc:61:18: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). answer = absl::StrCat(ptrdiff, size); data/abseil-0~20200923.2/absl/strings/str_cat_test.cc:63:18: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). answer = absl::StrCat(ptrdiff, intptr); data/abseil-0~20200923.2/absl/strings/str_cat_test.cc:65:18: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). answer = absl::StrCat(uintptr, 0); data/abseil-0~20200923.2/absl/strings/str_cat_test.cc:69:6: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). TEST(StrCat, Enums) { data/abseil-0~20200923.2/absl/strings/str_cat_test.cc:71:25: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). EXPECT_EQ("10", absl::StrCat(e)); data/abseil-0~20200923.2/absl/strings/str_cat_test.cc:72:25: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). EXPECT_EQ("-5", absl::StrCat(SmallNumbers(-5))); data/abseil-0~20200923.2/absl/strings/str_cat_test.cc:76:25: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). EXPECT_EQ("-1", absl::StrCat(Option::Briefs)); data/abseil-0~20200923.2/absl/strings/str_cat_test.cc:84:34: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). EXPECT_EQ("10000000000", absl::StrCat(Airplane::Canary)); data/abseil-0~20200923.2/absl/strings/str_cat_test.cc:91:28: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). EXPECT_EQ("65536", absl::StrCat(TwoGig::TwoToTheSixteenth)); data/abseil-0~20200923.2/absl/strings/str_cat_test.cc:92:34: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). EXPECT_EQ("-2147483648", absl::StrCat(TwoGig::TwoToTheThirtyFirst)); data/abseil-0~20200923.2/absl/strings/str_cat_test.cc:93:25: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). EXPECT_EQ("-1", absl::StrCat(static_cast<TwoGig>(-1))); data/abseil-0~20200923.2/absl/strings/str_cat_test.cc:100:28: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). EXPECT_EQ("65536", absl::StrCat(FourGig::TwoToTheSixteenth)); data/abseil-0~20200923.2/absl/strings/str_cat_test.cc:101:33: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). EXPECT_EQ("2147483648", absl::StrCat(FourGig::TwoToTheThirtyFirst)); data/abseil-0~20200923.2/absl/strings/str_cat_test.cc:102:33: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). EXPECT_EQ("4294967295", absl::StrCat(static_cast<FourGig>(-1))); data/abseil-0~20200923.2/absl/strings/str_cat_test.cc:104:34: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). EXPECT_EQ("10000000000", absl::StrCat(Airplane::Canary)); data/abseil-0~20200923.2/absl/strings/str_cat_test.cc:107:6: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). TEST(StrCat, Basics) { data/abseil-0~20200923.2/absl/strings/str_cat_test.cc:129:19: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). EXPECT_EQ(absl::StrCat(), ""); data/abseil-0~20200923.2/absl/strings/str_cat_test.cc:131:18: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). result = absl::StrCat(false, true, 2, 3); data/abseil-0~20200923.2/absl/strings/str_cat_test.cc:134:18: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). result = absl::StrCat(-1); data/abseil-0~20200923.2/absl/strings/str_cat_test.cc:137:18: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). result = absl::StrCat(absl::SixDigits(0.5)); data/abseil-0~20200923.2/absl/strings/str_cat_test.cc:140:18: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). result = absl::StrCat(strs[1], pieces[2]); data/abseil-0~20200923.2/absl/strings/str_cat_test.cc:143:18: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). result = absl::StrCat(stdstrs[1], " ", stdstrs[2]); data/abseil-0~20200923.2/absl/strings/str_cat_test.cc:146:18: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). result = absl::StrCat(strs[0], ", ", pieces[2]); data/abseil-0~20200923.2/absl/strings/str_cat_test.cc:149:18: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). result = absl::StrCat(strs[0], ", ", strs[1], " ", strs[2], "!"); data/abseil-0~20200923.2/absl/strings/str_cat_test.cc:152:18: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). result = absl::StrCat(pieces[0], ", ", pieces[1], " ", pieces[2]); data/abseil-0~20200923.2/absl/strings/str_cat_test.cc:155:18: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). result = absl::StrCat(c_strs[0], ", ", c_strs[1], " ", c_strs[2]); data/abseil-0~20200923.2/absl/strings/str_cat_test.cc:158:18: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). result = absl::StrCat("ASCII ", i32s[0], ", ", i32s[1], " ", i32s[2], "!"); data/abseil-0~20200923.2/absl/strings/str_cat_test.cc:161:18: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). result = absl::StrCat(ui64s[0], ", ", ui64s[1], "!"); data/abseil-0~20200923.2/absl/strings/str_cat_test.cc:168:18: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). result = absl::StrCat("And a ", one.size(), " and a ", data/abseil-0~20200923.2/absl/strings/str_cat_test.cc:175:13: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). absl::StrCat("To output a char by ASCII/numeric value, use +: ", '!' + 0); data/abseil-0~20200923.2/absl/strings/str_cat_test.cc:179:18: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). result = absl::StrCat("A hundred K and a half is ", absl::SixDigits(f)); data/abseil-0~20200923.2/absl/strings/str_cat_test.cc:184:13: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). absl::StrCat("A hundred K and one and a half is ", absl::SixDigits(f)); data/abseil-0~20200923.2/absl/strings/str_cat_test.cc:190:13: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). absl::StrCat("A hundred K and a half squared is ", absl::SixDigits(d)); data/abseil-0~20200923.2/absl/strings/str_cat_test.cc:193:18: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). result = absl::StrCat(1, 2, 333, 4444, 55555, 666666, 7777777, 88888888, data/abseil-0~20200923.2/absl/strings/str_cat_test.cc:198:6: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). TEST(StrCat, CornerCases) { data/abseil-0~20200923.2/absl/strings/str_cat_test.cc:201:18: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). result = absl::StrCat(""); // NOLINT data/abseil-0~20200923.2/absl/strings/str_cat_test.cc:203:18: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). result = absl::StrCat("", ""); data/abseil-0~20200923.2/absl/strings/str_cat_test.cc:205:18: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). result = absl::StrCat("", "", ""); data/abseil-0~20200923.2/absl/strings/str_cat_test.cc:207:18: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). result = absl::StrCat("", "", "", ""); data/abseil-0~20200923.2/absl/strings/str_cat_test.cc:209:18: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). result = absl::StrCat("", "", "", "", ""); data/abseil-0~20200923.2/absl/strings/str_cat_test.cc:247:6: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). TEST(StrCat, CustomAllocator) { data/abseil-0~20200923.2/absl/strings/str_cat_test.cc:254:30: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). std::string result = absl::StrCat(str1, str2); data/abseil-0~20200923.2/absl/strings/str_cat_test.cc:260:6: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). TEST(StrCat, MaxArgs) { data/abseil-0~20200923.2/absl/strings/str_cat_test.cc:263:18: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). result = absl::StrCat(1, 2, 3, 4, 5, 6, 7, 8, 9, "a"); data/abseil-0~20200923.2/absl/strings/str_cat_test.cc:265:18: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). result = absl::StrCat(1, 2, 3, 4, 5, 6, 7, 8, 9, "a", "b"); data/abseil-0~20200923.2/absl/strings/str_cat_test.cc:267:18: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). result = absl::StrCat(1, 2, 3, 4, 5, 6, 7, 8, 9, "a", "b", "c"); data/abseil-0~20200923.2/absl/strings/str_cat_test.cc:269:18: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). result = absl::StrCat(1, 2, 3, 4, 5, 6, 7, 8, 9, "a", "b", "c", "d"); data/abseil-0~20200923.2/absl/strings/str_cat_test.cc:271:18: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). result = absl::StrCat(1, 2, 3, 4, 5, 6, 7, 8, 9, "a", "b", "c", "d", "e"); data/abseil-0~20200923.2/absl/strings/str_cat_test.cc:274:13: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). absl::StrCat(1, 2, 3, 4, 5, 6, 7, 8, 9, "a", "b", "c", "d", "e", "f"); data/abseil-0~20200923.2/absl/strings/str_cat_test.cc:276:18: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). result = absl::StrCat(1, 2, 3, 4, 5, 6, 7, 8, 9, "a", "b", "c", "d", "e", "f", data/abseil-0~20200923.2/absl/strings/str_cat_test.cc:279:18: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). result = absl::StrCat(1, 2, 3, 4, 5, 6, 7, 8, 9, "a", "b", "c", "d", "e", "f", data/abseil-0~20200923.2/absl/strings/str_cat_test.cc:282:18: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). result = absl::StrCat(1, 2, 3, 4, 5, 6, 7, 8, 9, "a", "b", "c", "d", "e", "f", data/abseil-0~20200923.2/absl/strings/str_cat_test.cc:285:18: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). result = absl::StrCat(1, 2, 3, 4, 5, 6, 7, 8, 9, "a", "b", "c", "d", "e", "f", data/abseil-0~20200923.2/absl/strings/str_cat_test.cc:288:18: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). result = absl::StrCat(1, 2, 3, 4, 5, 6, 7, 8, 9, "a", "b", "c", "d", "e", "f", data/abseil-0~20200923.2/absl/strings/str_cat_test.cc:291:18: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). result = absl::StrCat(1, 2, 3, 4, 5, 6, 7, 8, 9, "a", "b", "c", "d", "e", "f", data/abseil-0~20200923.2/absl/strings/str_cat_test.cc:294:18: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). result = absl::StrCat(1, 2, 3, 4, 5, 6, 7, 8, 9, "a", "b", "c", "d", "e", "f", data/abseil-0~20200923.2/absl/strings/str_cat_test.cc:297:18: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). result = absl::StrCat(1, 2, 3, 4, 5, 6, 7, 8, 9, "a", "b", "c", "d", "e", "f", data/abseil-0~20200923.2/absl/strings/str_cat_test.cc:300:18: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). result = absl::StrCat(1, 2, 3, 4, 5, 6, 7, 8, 9, "a", "b", "c", "d", "e", "f", data/abseil-0~20200923.2/absl/strings/str_cat_test.cc:303:18: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). result = absl::StrCat(1, 2, 3, 4, 5, 6, 7, 8, 9, "a", "b", "c", "d", "e", "f", data/abseil-0~20200923.2/absl/strings/str_cat_test.cc:306:18: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). result = absl::StrCat(1, 2, 3, 4, 5, 6, 7, 8, 9, "a", "b", "c", "d", "e", "f", data/abseil-0~20200923.2/absl/strings/str_cat_test.cc:310:18: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). result = absl::StrCat( data/abseil-0~20200923.2/absl/strings/str_cat_test.cc:414:6: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). TEST(StrCat, VectorBoolReferenceTypes) { data/abseil-0~20200923.2/absl/strings/str_cat_test.cc:422:30: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). std::string result = absl::StrCat(v[0], v[1], cv[0], cv[1]); // NOLINT data/abseil-0~20200923.2/absl/strings/str_cat_test.cc:428:6: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). TEST(StrCat, AvoidsMemcpyWithNullptr) { data/abseil-0~20200923.2/absl/strings/str_cat_test.cc:429:19: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). EXPECT_EQ(absl::StrCat(42, absl::string_view{}), "42"); data/abseil-0~20200923.2/absl/strings/str_cat_test.cc:432:19: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). EXPECT_EQ(absl::StrCat(1, 2, 3, 4, 5, absl::string_view{}), "12345"); data/abseil-0~20200923.2/absl/strings/str_cat_test.cc:486:30: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). std::string actual = absl::StrCat(absl::Hex(v, absl::kNoPad)); data/abseil-0~20200923.2/absl/strings/str_cat_test.cc:487:3: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(expected, sizeof(expected), nopad_format, v); data/abseil-0~20200923.2/absl/strings/str_cat_test.cc:492:15: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). absl::StrCat(absl::Hex(v, static_cast<absl::PadSpec>(spec))); data/abseil-0~20200923.2/absl/strings/str_cat_test.cc:493:5: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(expected, sizeof(expected), zeropad_format, data/abseil-0~20200923.2/absl/strings/str_cat_test.cc:500:15: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). absl::StrCat(absl::Hex(v, static_cast<absl::PadSpec>(spec))); data/abseil-0~20200923.2/absl/strings/str_cat_test.cc:501:5: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(expected, sizeof(expected), spacepad_format, data/abseil-0~20200923.2/absl/strings/str_cat_test.cc:512:30: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). std::string actual = absl::StrCat(absl::Dec(v, absl::kNoPad)); data/abseil-0~20200923.2/absl/strings/str_cat_test.cc:513:3: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(expected, sizeof(expected), nopad_format, v); data/abseil-0~20200923.2/absl/strings/str_cat_test.cc:518:15: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). absl::StrCat(absl::Dec(v, static_cast<absl::PadSpec>(spec))); data/abseil-0~20200923.2/absl/strings/str_cat_test.cc:519:5: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(expected, sizeof(expected), zeropad_format, data/abseil-0~20200923.2/absl/strings/str_cat_test.cc:528:15: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). absl::StrCat(absl::Dec(v, static_cast<absl::PadSpec>(spec))); data/abseil-0~20200923.2/absl/strings/str_cat_test.cc:529:5: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(expected, sizeof(expected), spacepad_format, data/abseil-0~20200923.2/absl/strings/str_cat_test.cc:600:25: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). EXPECT_EQ("ff", absl::StrCat(absl::Hex(minus_one_8bit))); data/abseil-0~20200923.2/absl/strings/str_cat_test.cc:603:27: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). EXPECT_EQ("ffff", absl::StrCat(absl::Hex(minus_one_16bit))); data/abseil-0~20200923.2/absl/strings/str_format_test.cc:51:5: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(buf, sizeof(buf), fmt, 123); data/abseil-0~20200923.2/absl/strings/str_format_test.cc:172:22: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. int fmt_result = snprintf(&*buf.begin(), buf.size(), fmt.c_str(), // data/abseil-0~20200923.2/absl/strings/str_format_test.cc:203:11: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. int r = vsnprintf(&*buf.begin(), buf.size(), fmt, va); data/abseil-0~20200923.2/absl/strings/str_format_test.cc:717:23: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). s->Append(absl::StrCat("x=", p.x, " y=", p.y)); data/abseil-0~20200923.2/absl/strings/str_format_test.cc:719:23: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). s->Append(absl::StrCat(p.x, ",", p.y)); data/abseil-0~20200923.2/absl/strings/str_replace_test.cc:158:49: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). count = absl::StrReplaceAll({{"$count", absl::StrCat(5)}, data/abseil-0~20200923.2/absl/strings/substitute_test.cc:68:19: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). EXPECT_EQ(absl::StrCat("0x", absl::Hex(int_p)), str); data/abseil-0~20200923.2/absl/synchronization/internal/per_thread_sem_test.cc:119:23: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). std::string out = StrCat( data/abseil-0~20200923.2/absl/synchronization/mutex.cc:337:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(e->name, name); // NOLINT(runtime/printf) data/abseil-0~20200923.2/absl/time/civil_time.cc:42:10: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). return StrCat(cs.year(), data/abseil-0~20200923.2/absl/time/civil_time.cc:58:28: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). const std::string norm = StrCat(NormalizeYear(y), endp); data/abseil-0~20200923.2/absl/time/civil_time.cc:62:17: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). if (ParseTime(StrCat("%Y", fmt), norm, utc, &t, nullptr)) { data/abseil-0~20200923.2/absl/types/internal/conformance_profile.h:281:15: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). absl::StrCat("Expected:\n ", data/abseil-0~20200923.2/absl/types/internal/conformance_testing.h:130:32: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). std::string result = absl::StrCat(" ", name); data/abseil-0~20200923.2/absl/types/internal/conformance_testing.h:151:16: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). return absl::StrCat("Given:\n", decls.outputDeclaration(width)..., "\n"); data/abseil-0~20200923.2/absl/types/internal/conformance_testing.h:166:30: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). test_name, absl::StrCat(context, \ data/abseil-0~20200923.2/absl/types/internal/conformance_testing.h:191:30: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). test_name, absl::StrCat(context, \ data/abseil-0~20200923.2/absl/types/internal/conformance_testing.h:227:28: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). test_name, absl::StrCat(context, data/abseil-0~20200923.2/absl/types/internal/conformance_testing.h:467:42: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). std::string preliminary_info = absl::StrCat( data/abseil-0~20200923.2/absl/types/span_test.cc:39:17: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). absl::StrCat("data() ", negation ? "isn't " : "is ", data/abseil-0~20200923.2/absl/utility/utility_test.cc:194:18: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). return absl::StrCat("&", args...); data/abseil-0~20200923.2/absl/utility/utility_test.cc:198:18: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). return absl::StrCat("const&", args...); data/abseil-0~20200923.2/absl/utility/utility_test.cc:202:18: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). return absl::StrCat("&&", args...); data/abseil-0~20200923.2/absl/base/internal/low_level_alloc.cc:140:67: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. static int LLA_SkiplistLevels(size_t size, size_t base, uint32_t *random) { data/abseil-0~20200923.2/absl/base/internal/low_level_alloc.cc:145:38: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. int level = IntLog2(size, base) + (random != nullptr ? Random(random) : 1); data/abseil-0~20200923.2/absl/base/internal/low_level_alloc.cc:145:65: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. int level = IntLog2(size, base) + (random != nullptr ? Random(random) : 1); data/abseil-0~20200923.2/absl/base/internal/low_level_alloc.cc:219:12: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. uint32_t random ABSL_GUARDED_BY(mu); data/abseil-0~20200923.2/absl/base/internal/low_level_alloc.cc:357:7: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. random(0) { data/abseil-0~20200923.2/absl/base/internal/low_level_alloc.cc:484:44: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. &arena->random); data/abseil-0~20200923.2/absl/base/internal/low_level_alloc.cc:499:42: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. &arena->random); data/abseil-0~20200923.2/absl/base/internal/scoped_set_env.cc:64:23: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. const char* val = ::getenv(var_name_.c_str()); data/abseil-0~20200923.2/absl/base/internal/scoped_set_env_test.cc:40:23: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. const char* val = ::getenv(name); data/abseil-0~20200923.2/absl/debugging/failure_signal_handler_test.cc:77:32: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. const char* tmp_dir = std::getenv(var); data/abseil-0~20200923.2/absl/flags/parse.cc:240:23: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. const char* val = ::getenv(var_name); data/abseil-0~20200923.2/absl/flags/parse_test.cc:80:23: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. const char* val = ::getenv(env_var_name); data/abseil-0~20200923.2/absl/numeric/int128_benchmark.cc:44:37: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. T a{absl::MakeUint128(uniform_h(random), uniform_h(random))}; data/abseil-0~20200923.2/absl/numeric/int128_benchmark.cc:44:56: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. T a{absl::MakeUint128(uniform_h(random), uniform_h(random))}; data/abseil-0~20200923.2/absl/numeric/int128_benchmark.cc:45:37: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. T b{absl::MakeUint128(uniform_h(random), uniform_h(random))}; data/abseil-0~20200923.2/absl/numeric/int128_benchmark.cc:45:56: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. T b{absl::MakeUint128(uniform_h(random), uniform_h(random))}; data/abseil-0~20200923.2/absl/numeric/int128_benchmark.cc:84:37: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. T a{absl::MakeUint128(uniform_h(random), uniform_h(random))}; data/abseil-0~20200923.2/absl/numeric/int128_benchmark.cc:84:56: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. T a{absl::MakeUint128(uniform_h(random), uniform_h(random))}; data/abseil-0~20200923.2/absl/numeric/int128_benchmark.cc:85:34: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. H b{std::max(H{2}, uniform_h(random))}; data/abseil-0~20200923.2/absl/numeric/int128_benchmark.cc:122:42: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. absl::MakeUint128(uniform_uint64(random), uniform_uint64(random)), data/abseil-0~20200923.2/absl/numeric/int128_benchmark.cc:122:66: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. absl::MakeUint128(uniform_uint64(random), uniform_uint64(random)), data/abseil-0~20200923.2/absl/numeric/int128_benchmark.cc:123:42: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. absl::MakeUint128(uniform_uint64(random), uniform_uint64(random))); data/abseil-0~20200923.2/absl/numeric/int128_benchmark.cc:123:66: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. absl::MakeUint128(uniform_uint64(random), uniform_uint64(random))); data/abseil-0~20200923.2/absl/numeric/int128_benchmark.cc:175:23: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. T a = uniform_128(random); data/abseil-0~20200923.2/absl/numeric/int128_benchmark.cc:176:23: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. T b = uniform_128(random); data/abseil-0~20200923.2/absl/numeric/int128_benchmark.cc:217:26: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. T a = uniform_int128(random); data/abseil-0~20200923.2/absl/numeric/int128_benchmark.cc:218:40: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. H b = std::max(H{2}, uniform_int64(random)); data/abseil-0~20200923.2/absl/numeric/int128_benchmark.cc:255:41: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. values.emplace_back(uniform_uint128(random), uniform_uint128(random)); data/abseil-0~20200923.2/absl/numeric/int128_benchmark.cc:255:66: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. values.emplace_back(uniform_uint128(random), uniform_uint128(random)); data/abseil-0~20200923.2/absl/numeric/int128_test.cc:421:20: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. std::minstd_rand random(testing::UnitTest::GetInstance()->random_seed()); data/abseil-0~20200923.2/absl/numeric/int128_test.cc:425:42: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. absl::MakeUint128(uniform_uint64(random), uniform_uint64(random)); data/abseil-0~20200923.2/absl/numeric/int128_test.cc:425:66: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. absl::MakeUint128(uniform_uint64(random), uniform_uint64(random)); data/abseil-0~20200923.2/absl/numeric/int128_test.cc:427:42: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. absl::MakeUint128(uniform_uint64(random), uniform_uint64(random)); data/abseil-0~20200923.2/absl/numeric/int128_test.cc:427:66: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. absl::MakeUint128(uniform_uint64(random), uniform_uint64(random)); data/abseil-0~20200923.2/absl/random/internal/pcg_engine.h:148:10: [3] (random) setstate: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. is.setstate(is.rdstate() | std::ios_base::failbit); data/abseil-0~20200923.2/absl/random/internal/pcg_engine.h:167:10: [3] (random) setstate: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. is.setstate(is.rdstate() | std::ios_base::failbit); data/abseil-0~20200923.2/absl/random/seed_sequences_test.cc:42:18: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. std::mt19937 random(seed_seq); data/abseil-0~20200923.2/absl/random/seed_sequences_test.cc:44:18: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. EXPECT_NE(0, random()); data/abseil-0~20200923.2/absl/strings/internal/str_format/bind.cc:191:47: [3] (random) setstate: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. if (!FormatUntyped(&os, format_, args_)) os.setstate(std::ios::failbit); data/abseil-0~20200923.2/absl/synchronization/mutex_test.cc:1046:24: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. const char *file = getenv(kVarName); data/abseil-0~20200923.2/absl/time/internal/cctz/src/time_zone_info.cc:635:22: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. tzdir_env = std::getenv("TZDIR"); data/abseil-0~20200923.2/absl/time/internal/cctz/src/time_zone_lookup.cc:149:17: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. tz_env = std::getenv("TZ"); data/abseil-0~20200923.2/absl/time/internal/cctz/src/time_zone_lookup.cc:165:26: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. localtime_env = std::getenv("LOCALTIME"); data/abseil-0~20200923.2/absl/time/internal/cctz/src/time_zone_lookup_test.cc:1030:26: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. const char* const ep = getenv("TZ"); data/abseil-0~20200923.2/absl/base/bit_cast_test.cc:29:19: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. struct marshall { char buf[N]; }; data/abseil-0~20200923.2/absl/base/casts.h:157:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(static_cast<void*>(std::addressof(dest)), data/abseil-0~20200923.2/absl/base/dynamic_annotations.h:460:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char x[8] __attribute__((aligned(8))); \ data/abseil-0~20200923.2/absl/base/exception_safety_testing_test.cc:337:37: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. alignas(ThrowingValue<>) unsigned char buf[sizeof(ThrowingValue<>)]; data/abseil-0~20200923.2/absl/base/exception_safety_testing_test.cc:338:37: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. alignas(ThrowingValue<>) unsigned char data/abseil-0~20200923.2/absl/base/exception_safety_testing_test.cc:903:29: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. alignas(Tracked) unsigned char storage[sizeof(Tracked)]; data/abseil-0~20200923.2/absl/base/exception_safety_testing_test.cc:925:29: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. alignas(Tracked) unsigned char storage[sizeof(Tracked)]; data/abseil-0~20200923.2/absl/base/internal/dynamic_annotations.h:375:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char x[8] __attribute__((aligned(8))); \ data/abseil-0~20200923.2/absl/base/internal/endian_test.cc:118:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char actual_value[sizeof(host_value)]; data/abseil-0~20200923.2/absl/base/internal/endian_test.cc:119:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(actual_value, &host_value, sizeof(host_value)); data/abseil-0~20200923.2/absl/base/internal/endian_test.cc:122:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char expected_value[sizeof(host_value)]; data/abseil-0~20200923.2/absl/base/internal/endian_test.cc:123:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(expected_value, &host_value, sizeof(host_value)); data/abseil-0~20200923.2/absl/base/internal/endian_test.cc:229:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buffer[10]; data/abseil-0~20200923.2/absl/base/internal/low_level_alloc.cc:226:40: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. alignas(LowLevelAlloc::Arena) unsigned char default_arena_storage[sizeof( data/abseil-0~20200923.2/absl/base/internal/low_level_alloc.cc:228:40: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. alignas(LowLevelAlloc::Arena) unsigned char unhooked_arena_storage[sizeof( data/abseil-0~20200923.2/absl/base/internal/low_level_alloc.cc:232:36: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. LowLevelAlloc::Arena) unsigned char unhooked_async_sig_safe_arena_storage data/abseil-0~20200923.2/absl/base/internal/raw_logging.cc:135:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[kLogBufSize]; data/abseil-0~20200923.2/absl/base/internal/scoped_set_env.cc:52:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[kMaxEnvVarValueSize]; data/abseil-0~20200923.2/absl/base/internal/scoped_set_env_test.cc:28:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/abseil-0~20200923.2/absl/base/internal/strerror.cc:55:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[100]; data/abseil-0~20200923.2/absl/base/internal/sysinfo.cc:124:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int fd = open(file, O_RDONLY); data/abseil-0~20200923.2/absl/base/internal/sysinfo.cc:126:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char line[1024]; data/abseil-0~20200923.2/absl/base/internal/thread_identity.h:147:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char data[128]; data/abseil-0~20200923.2/absl/base/internal/unaligned_access.h:114:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&t, p, sizeof t); data/abseil-0~20200923.2/absl/base/internal/unaligned_access.h:120:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&t, p, sizeof t); data/abseil-0~20200923.2/absl/base/internal/unaligned_access.h:126:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&t, p, sizeof t); data/abseil-0~20200923.2/absl/base/internal/unaligned_access.h:130:53: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. inline void UnalignedStore16(void *p, uint16_t v) { memcpy(p, &v, sizeof v); } data/abseil-0~20200923.2/absl/base/internal/unaligned_access.h:132:53: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. inline void UnalignedStore32(void *p, uint32_t v) { memcpy(p, &v, sizeof v); } data/abseil-0~20200923.2/absl/base/internal/unaligned_access.h:134:53: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. inline void UnalignedStore64(void *p, uint64_t v) { memcpy(p, &v, sizeof v); } data/abseil-0~20200923.2/absl/container/btree_test.h:64:29: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. inline char* GenerateDigits(char buf[16], unsigned val, unsigned maxval) { data/abseil-0~20200923.2/absl/container/btree_test.h:99:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[16]; data/abseil-0~20200923.2/absl/container/btree_test.h:109:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[16]; data/abseil-0~20200923.2/absl/container/fixed_array.h:433:29: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. alignas(StorageElement) char buff_[sizeof(StorageElement[inline_elements])]; data/abseil-0~20200923.2/absl/container/fixed_array_test.cc:481:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf.data(), "foo"); // NOLINT(runtime/printf) data/abseil-0~20200923.2/absl/container/fixed_array_test.cc:486:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char c[1 << 20]; data/abseil-0~20200923.2/absl/container/fixed_array_test.cc:633:34: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. alignas(FixedArrType) unsigned char buff[sizeof(FixedArrType)]; data/abseil-0~20200923.2/absl/container/internal/common.h:113:39: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. alignas(slot_type) mutable unsigned char slot_space_[sizeof(slot_type)] = {}; data/abseil-0~20200923.2/absl/container/internal/container_memory_test.cc:44:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(mem, "abc", 3); data/abseil-0~20200923.2/absl/container/internal/container_memory_test.cc:52:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(mem, "abc", 3); data/abseil-0~20200923.2/absl/container/internal/inlined_vector.h:457:25: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. alignas(value_type) char inlined_data[sizeof(value_type[N])]; data/abseil-0~20200923.2/absl/container/internal/layout_test.cc:367:39: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. alignas(max_align_t) const unsigned char p[100] = {}; data/abseil-0~20200923.2/absl/container/internal/layout_test.cc:439:39: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. alignas(max_align_t) const unsigned char p[100] = {}; data/abseil-0~20200923.2/absl/container/internal/layout_test.cc:515:33: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. alignas(max_align_t) unsigned char p[100]; data/abseil-0~20200923.2/absl/container/internal/layout_test.cc:567:33: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. alignas(max_align_t) unsigned char p[100]; data/abseil-0~20200923.2/absl/container/internal/layout_test.cc:620:39: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. alignas(max_align_t) const unsigned char p[100] = {}; data/abseil-0~20200923.2/absl/container/internal/layout_test.cc:656:33: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. alignas(max_align_t) unsigned char p[100]; data/abseil-0~20200923.2/absl/container/internal/layout_test.cc:689:39: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. alignas(max_align_t) const unsigned char p[100] = {}; data/abseil-0~20200923.2/absl/container/internal/layout_test.cc:717:39: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. alignas(max_align_t) const unsigned char p[100] = {}; data/abseil-0~20200923.2/absl/container/internal/layout_test.cc:739:33: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. alignas(max_align_t) unsigned char p[100]; data/abseil-0~20200923.2/absl/container/internal/layout_test.cc:767:33: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. alignas(max_align_t) unsigned char p[100]; data/abseil-0~20200923.2/absl/container/internal/layout_test.cc:789:39: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. alignas(max_align_t) const unsigned char p[100] = {}; data/abseil-0~20200923.2/absl/container/internal/layout_test.cc:903:39: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. alignas(max_align_t) const unsigned char p[100] = {}; data/abseil-0~20200923.2/absl/container/internal/layout_test.cc:1005:33: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. alignas(max_align_t) unsigned char p[100]; data/abseil-0~20200923.2/absl/container/internal/layout_test.cc:1081:33: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. alignas(max_align_t) unsigned char p[100]; data/abseil-0~20200923.2/absl/container/internal/layout_test.cc:1207:39: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. alignas(max_align_t) const unsigned char p[100] = {}; data/abseil-0~20200923.2/absl/container/internal/layout_test.cc:1241:33: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. alignas(max_align_t) unsigned char p[100] = {}; data/abseil-0~20200923.2/absl/container/internal/layout_test.cc:1275:33: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. alignas(max_align_t) unsigned char p[x.AllocSize() + 1]; data/abseil-0~20200923.2/absl/container/internal/layout_test.cc:1281:33: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. alignas(max_align_t) unsigned char p[x.AllocSize()]; data/abseil-0~20200923.2/absl/container/internal/layout_test.cc:1289:27: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. alignas(2 * M) unsigned char p[x.AllocSize()]; data/abseil-0~20200923.2/absl/container/internal/layout_test.cc:1344:41: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. alignas(max_align_t) const unsigned char c[n] = {}; data/abseil-0~20200923.2/absl/container/internal/layout_test.cc:1351:41: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. alignas(max_align_t) const unsigned char c[n] = {}; data/abseil-0~20200923.2/absl/container/internal/layout_test.cc:1358:41: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. alignas(max_align_t) const unsigned char c[n] = {}; data/abseil-0~20200923.2/absl/container/internal/layout_test.cc:1365:41: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. alignas(max_align_t) const unsigned char c[n] = {}; data/abseil-0~20200923.2/absl/container/internal/layout_test.cc:1372:41: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. alignas(max_align_t) const unsigned char c[n] = {}; data/abseil-0~20200923.2/absl/container/internal/layout_test.cc:1379:41: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. alignas(max_align_t) const unsigned char c[n] = {}; data/abseil-0~20200923.2/absl/container/internal/layout_test.cc:1428:24: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. alignas(max_align_t) char c[x.AllocSize()] = {}; data/abseil-0~20200923.2/absl/container/internal/layout_test.cc:1429:33: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. alignas(max_align_t) unsigned char uc[x.AllocSize()] = {}; data/abseil-0~20200923.2/absl/container/internal/layout_test.cc:1430:31: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. alignas(max_align_t) signed char sc[x.AllocSize()] = {}; data/abseil-0~20200923.2/absl/container/internal/layout_test.cc:1431:30: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. alignas(max_align_t) const char cc[x.AllocSize()] = {}; data/abseil-0~20200923.2/absl/container/internal/layout_test.cc:1432:39: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. alignas(max_align_t) const unsigned char cuc[x.AllocSize()] = {}; data/abseil-0~20200923.2/absl/container/internal/layout_test.cc:1433:37: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. alignas(max_align_t) const signed char csc[x.AllocSize()] = {}; data/abseil-0~20200923.2/absl/container/internal/layout_test.cc:1473:20: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. alignas(int32_t) char c[x.AllocSize()] = {}; data/abseil-0~20200923.2/absl/container/internal/layout_test.cc:1537:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(layout.Pointer<char>(p_.get()), s, size + 1); data/abseil-0~20200923.2/absl/container/internal/raw_hash_set.h:483:8: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. std::memcpy(ctrl + capacity + 1, ctrl, Group::kWidth); data/abseil-0~20200923.2/absl/container/internal/raw_hash_set.h:1093:33: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. alignas(slot_type) unsigned char raw[sizeof(slot_type)]; data/abseil-0~20200923.2/absl/container/internal/raw_hash_set.h:1578:33: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. alignas(slot_type) unsigned char raw[sizeof(slot_type)]; data/abseil-0~20200923.2/absl/debugging/failure_signal_handler.cc:223:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[64]; data/abseil-0~20200923.2/absl/debugging/failure_signal_handler_test.cc:89:16: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). error_file = fopen(file, "w"); data/abseil-0~20200923.2/absl/debugging/internal/demangle.cc:441:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[kMaxLength]; data/abseil-0~20200923.2/absl/debugging/internal/demangle_test.cc:33:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char demangled[4096]; data/abseil-0~20200923.2/absl/debugging/internal/demangle_test.cc:43:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp[10]; data/abseil-0~20200923.2/absl/debugging/internal/demangle_test.cc:62:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp[20]; data/abseil-0~20200923.2/absl/debugging/internal/demangle_test.cc:92:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char g_demangle_buffer[4096]; data/abseil-0~20200923.2/absl/debugging/internal/examine_stack.cc:121:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp[1024]; data/abseil-0~20200923.2/absl/debugging/internal/examine_stack.cc:126:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/abseil-0~20200923.2/absl/debugging/internal/examine_stack.cc:141:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[100]; data/abseil-0~20200923.2/absl/debugging/internal/examine_stack.cc:180:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[100]; data/abseil-0~20200923.2/absl/debugging/internal/stack_consumption_test.cc:31:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[100]; data/abseil-0~20200923.2/absl/debugging/internal/vdso_support.cc:79:14: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int fd = open("/proc/self/auxv", O_RDONLY); data/abseil-0~20200923.2/absl/debugging/symbolize_test.cc:103:36: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static ABSL_PER_THREAD_TLS_KEYWORD char symbolize_test_thread_small[1]; data/abseil-0~20200923.2/absl/debugging/symbolize_test.cc:104:36: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static ABSL_PER_THREAD_TLS_KEYWORD char data/abseil-0~20200923.2/absl/debugging/symbolize_test.cc:116:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char kHpageTextPadding[kHpageSize * 4] ABSL_ATTRIBUTE_SECTION_VARIABLE( data/abseil-0~20200923.2/absl/debugging/symbolize_test.cc:120:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char try_symbolize_buffer[4096]; data/abseil-0~20200923.2/absl/debugging/symbolize_test.cc:201:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char g_symbolize_buffer[4096]; data/abseil-0~20200923.2/absl/debugging/symbolize_test.cc:269:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char kPadding0[kPageSize * 4] ABSL_ATTRIBUTE_SECTION_VARIABLE(.text) = data/abseil-0~20200923.2/absl/debugging/symbolize_test.cc:271:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char kPadding1[kPageSize * 4] ABSL_ATTRIBUTE_SECTION_VARIABLE(.text) = data/abseil-0~20200923.2/absl/debugging/symbolize_test.cc:308:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[512]; data/abseil-0~20200923.2/absl/debugging/symbolize_test.cc:401:31: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int fd = TEMP_FAILURE_RETRY(open("/proc/self/exe", O_RDONLY)); data/abseil-0~20200923.2/absl/debugging/symbolize_test.cc:524:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[64]; data/abseil-0~20200923.2/absl/flags/flag_test.cc:851:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char bytes[14]; data/abseil-0~20200923.2/absl/flags/internal/flag.cc:161:14: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. std::memcpy(buf.data(), &default_value_, Sizeof(op_)); data/abseil-0~20200923.2/absl/flags/internal/flag.cc:237:12: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. std::memcpy(&one_word_val, src, Sizeof(op_)); data/abseil-0~20200923.2/absl/flags/internal/flag.cc:243:12: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. std::memcpy(&two_words_val, src, Sizeof(op_)); data/abseil-0~20200923.2/absl/flags/internal/flag.cc:443:12: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. std::memcpy(dst, &one_word_val, Sizeof(op_)); data/abseil-0~20200923.2/absl/flags/internal/flag.cc:449:12: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. std::memcpy(dst, &two_words_val, Sizeof(op_)); data/abseil-0~20200923.2/absl/flags/internal/flag.h:181:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char value[N]; data/abseil-0~20200923.2/absl/flags/internal/flag.h:387:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. alignas(T) char value[sizeof(T)]; data/abseil-0~20200923.2/absl/flags/internal/flag.h:397:10: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. std::memcpy(&dst, static_cast<const void*>(&one_word_val), sizeof(T)); data/abseil-0~20200923.2/absl/flags/internal/flag.h:409:10: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. std::memcpy(&dst, static_cast<const void*>(&two_words_val), sizeof(T)); data/abseil-0~20200923.2/absl/flags/internal/flag.h:607:32: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. alignas(absl::Mutex) mutable char data_guard_[sizeof(absl::Mutex)]; data/abseil-0~20200923.2/absl/flags/internal/registry.h:91:37: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. alignas(kRetiredFlagObjAlignment) char buf_[kRetiredFlagObjSize]; data/abseil-0~20200923.2/absl/flags/parse.cc:228:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/abseil-0~20200923.2/absl/flags/parse_test.cc:72:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[MAX_PATH]; data/abseil-0~20200923.2/absl/flags/parse_test.cc:99:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char temp_path_buffer[MAX_PATH]; data/abseil-0~20200923.2/absl/hash/hash_test.cc:861:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buffer1[kNumStructs * sizeof(StructWithPadding)]; data/abseil-0~20200923.2/absl/hash/hash_test.cc:865:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buffer2[kNumStructs * sizeof(StructWithPadding)]; data/abseil-0~20200923.2/absl/hash/internal/city_test.cc:32:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char data[kDataSize]; data/abseil-0~20200923.2/absl/hash/internal/city_test.cc:44:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(data + i, &u, 1); // uint8_t -> char data/abseil-0~20200923.2/absl/hash/internal/hash.h:111:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buf_[PiecewiseChunkSize()]; data/abseil-0~20200923.2/absl/hash/internal/hash.h:958:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf_ + position_, data, size); data/abseil-0~20200923.2/absl/hash/internal/hash.h:967:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf_ + position_, data, bytes_needed); data/abseil-0~20200923.2/absl/hash/internal/hash.h:980:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf_, data, size); data/abseil-0~20200923.2/absl/hash/internal/print_hash_of.cc:22:42: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). printf("%zu\n", absl::Hash<int>{}(std::atoi(argv[1]))); // NOLINT data/abseil-0~20200923.2/absl/random/internal/generate_real.h:137:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(static_cast<void*>(&result), static_cast<const void*>(&val), data/abseil-0~20200923.2/absl/random/internal/nanobenchmark.cc:101:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char brand_string[49]; data/abseil-0~20200923.2/absl/random/internal/nanobenchmark.cc:112:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(brand_string + i * 16, &abcd, sizeof(abcd)); data/abseil-0~20200923.2/absl/random/internal/pool_urbg.cc:126:10: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. std::memcpy(out, &state_[next_], to_copy); data/abseil-0~20200923.2/absl/random/internal/randen_round_keys.cc:90:28: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. alignas(16) const unsigned char kRandenRoundKeysBE[kKeyBytes] = { data/abseil-0~20200923.2/absl/random/internal/randen_round_keys.cc:275:28: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. alignas(16) const unsigned char kRandenRoundKeys[kKeyBytes] = { data/abseil-0~20200923.2/absl/random/internal/randen_traits.h:81:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. extern const unsigned char kRandenRoundKeys[RandenTraits::kKeyBytes]; data/abseil-0~20200923.2/absl/random/internal/randen_traits.h:82:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. extern const unsigned char kRandenRoundKeysBE[RandenTraits::kKeyBytes]; data/abseil-0~20200923.2/absl/random/internal/seed_material.cc:132:21: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int dev_urandom = open(kEntropyFile, O_RDONLY); data/abseil-0~20200923.2/absl/status/internal/statusor_internal.h:38:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. void test(char (*)[sizeof(std::declval<U>().operator absl::StatusOr<T>())]); data/abseil-0~20200923.2/absl/strings/ascii.cc:60:25: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ABSL_DLL const unsigned char kPropertyBits[256] = { data/abseil-0~20200923.2/absl/strings/ascii.cc:82:16: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ABSL_DLL const char kToLower[256] = { data/abseil-0~20200923.2/absl/strings/ascii.cc:120:16: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ABSL_DLL const char kToUpper[256] = { data/abseil-0~20200923.2/absl/strings/ascii.h:67:32: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ABSL_DLL extern const unsigned char kPropertyBits[256]; data/abseil-0~20200923.2/absl/strings/ascii.h:70:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ABSL_DLL extern const char kToUpper[256]; data/abseil-0~20200923.2/absl/strings/ascii.h:73:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ABSL_DLL extern const char kToLower[256]; data/abseil-0~20200923.2/absl/strings/charconv.cc:295:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. volatile char n_char_sequence[kNanBufferSize]; data/abseil-0~20200923.2/absl/strings/cord.cc:405:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(rep->data, data, len); data/abseil-0~20200923.2/absl/strings/cord.cc:469:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(result->data, data_, len); data/abseil-0~20200923.2/absl/strings/cord.cc:742:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(data_ + inline_length, src_data, src_size); data/abseil-0~20200923.2/absl/strings/cord.cc:752:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(region, src_data, appended); data/abseil-0~20200923.2/absl/strings/cord.cc:765:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(root->data, data_, inline_length); data/abseil-0~20200923.2/absl/strings/cord.cc:766:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(root->data + inline_length, src_data, appended); data/abseil-0~20200923.2/absl/strings/cord.cc:873:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char data[InlineRep::kMaxInline + 1] = {0}; data/abseil-0~20200923.2/absl/strings/cord.cc:875:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(data, src.data(), src.size()); data/abseil-0~20200923.2/absl/strings/cord.cc:876:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(data + src.size(), contents_.data(), cur_size); data/abseil-0~20200923.2/absl/strings/cord.cc:877:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(reinterpret_cast<void*>(&contents_), data, data/abseil-0~20200923.2/absl/strings/cord.cc:1476:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dst, fragment.data(), fragment.size()); data/abseil-0~20200923.2/absl/strings/cord.cc:1480:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dst, chunk.data(), chunk.size()); data/abseil-0~20200923.2/absl/strings/cord.cc:1534:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(data, current_chunk_.data(), current_chunk_.size()); data/abseil-0~20200923.2/absl/strings/cord.cc:1539:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(data, current_chunk_.data(), n); data/abseil-0~20200923.2/absl/strings/cord.h:709:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&(*dst)[0], data_, sizeof(data_) - 1); data/abseil-0~20200923.2/absl/strings/cord.h:730:44: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. alignas(absl::cord_internal::CordRep*) char data_[kMaxInline + 1]; data/abseil-0~20200923.2/absl/strings/cord.h:809:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&buf1, src, 8); data/abseil-0~20200923.2/absl/strings/cord.h:810:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&buf2, src + n - 8, 8); data/abseil-0~20200923.2/absl/strings/cord.h:814:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dst, &buf1, 8); data/abseil-0~20200923.2/absl/strings/cord.h:815:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dst + n - 8, &buf2, 8); data/abseil-0~20200923.2/absl/strings/cord.h:819:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&buf1, src, 4); data/abseil-0~20200923.2/absl/strings/cord.h:820:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&buf2, src + n - 4, 4); data/abseil-0~20200923.2/absl/strings/cord.h:825:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dst, &buf1, 4); data/abseil-0~20200923.2/absl/strings/cord.h:826:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dst + n - 4, &buf2, 4); data/abseil-0~20200923.2/absl/strings/cord.h:950:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(data_, &rep, sizeof(rep)); data/abseil-0~20200923.2/absl/strings/cord.h:964:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(data_, &rep, sizeof(rep)); data/abseil-0~20200923.2/absl/strings/cord_test.cc:135:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(data, str.data(), str.size()); data/abseil-0~20200923.2/absl/strings/cord_test.cc:523:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[30]; data/abseil-0~20200923.2/absl/strings/escaping.cc:140:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(d, octal_start, octal_size); data/abseil-0~20200923.2/absl/strings/escaping.cc:173:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(d, hex_start, hex_size); data/abseil-0~20200923.2/absl/strings/escaping.cc:206:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(d, hex_start, 5); // u0000 data/abseil-0~20200923.2/absl/strings/escaping.cc:254:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(d, hex_start, 9); // U00000000 data/abseil-0~20200923.2/absl/strings/escaping.cc:353:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. constexpr char c_escaped_len[256] = { data/abseil-0~20200923.2/absl/strings/escaping.cc:799:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. constexpr char kHexValueLenient[256] = { data/abseil-0~20200923.2/absl/strings/escaping_test.cc:90:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char chars[2]; data/abseil-0~20200923.2/absl/strings/internal/cord_internal.h:96:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char data[1]; // Starting point for flat array: MUST BE LAST FIELD of CordRep data/abseil-0~20200923.2/absl/strings/internal/memutil.cc:39:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(copy, s, slen); data/abseil-0~20200923.2/absl/strings/internal/memutil.h:77:34: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. return reinterpret_cast<char*>(memcpy(dest + destlen, src, srclen)); data/abseil-0~20200923.2/absl/strings/internal/memutil_test.cc:55:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char a[1000]; data/abseil-0~20200923.2/absl/strings/internal/str_format/arg.cc:118:12: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. std::memcpy(p, table + 2 * (static_cast<size_t>(v) & 0xFF), 2); data/abseil-0~20200923.2/absl/strings/internal/str_format/arg.cc:164:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char storage_[128 / 3 + 1 + 1]; data/abseil-0~20200923.2/absl/strings/internal/str_format/arg.h:299:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[kInlinedSpace]; data/abseil-0~20200923.2/absl/strings/internal/str_format/arg.h:391:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(data.buf, &value, sizeof(value)); data/abseil-0~20200923.2/absl/strings/internal/str_format/arg.h:397:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&value, arg.buf, sizeof(T)); data/abseil-0~20200923.2/absl/strings/internal/str_format/convert_test.cc:54:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[64]; data/abseil-0~20200923.2/absl/strings/internal/str_format/convert_test.cc:75:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char space[kSpaceLength]; data/abseil-0~20200923.2/absl/strings/internal/str_format/extension.h:103:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(pos_, v.data(), n); data/abseil-0~20200923.2/absl/strings/internal/str_format/extension.h:128:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf_[1024]; data/abseil-0~20200923.2/absl/strings/internal/str_format/float_conversion.cc:213:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char digits_[kDigitsPerChunk]; data/abseil-0~20200923.2/absl/strings/internal/str_format/float_conversion.cc:497:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[integral_size + /* . */ 1 + /* max digits uint128 */ 128]; data/abseil-0~20200923.2/absl/strings/internal/str_format/float_conversion.cc:865:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char digits_buffer[kBufSizeForHexFloatRepr]; data/abseil-0~20200923.2/absl/strings/internal/str_format/float_conversion.cc:903:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char exp_buffer[kBufSizeForExpDecRepr]; data/abseil-0~20200923.2/absl/strings/internal/str_format/float_conversion.cc:917:8: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. std::memcpy(out, v.data(), v.size()); data/abseil-0~20200923.2/absl/strings/internal/str_format/float_conversion.cc:926:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fmt[32]; data/abseil-0~20200923.2/absl/strings/internal/str_format/float_conversion.cc:987:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char data[kBufferLength]; data/abseil-0~20200923.2/absl/strings/internal/str_format/float_conversion.cc:1000:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char text[4], *ptr = text; data/abseil-0~20200923.2/absl/strings/internal/str_format/output.cc:36:8: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. std::memcpy(buffer_, v.data(), to_write); data/abseil-0~20200923.2/absl/strings/internal/str_format/output_test.cc:48:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[16]; data/abseil-0~20200923.2/absl/strings/internal/str_format/parser.cc:290:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(data_pos, s.data(), s.size()); data/abseil-0~20200923.2/absl/strings/internal/str_format/parser.h:203:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(data_.get(), other.data_.get(), text_size); data/abseil-0~20200923.2/absl/strings/internal/str_join_internal.h:243:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(result_buf, start->data(), start->size()); data/abseil-0~20200923.2/absl/strings/internal/str_join_internal.h:246:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(result_buf, s.data(), s.size()); data/abseil-0~20200923.2/absl/strings/internal/str_join_internal.h:248:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(result_buf, it->data(), it->size()); data/abseil-0~20200923.2/absl/strings/internal/utf8_test.cc:37:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf0[7] = {'\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00'}; data/abseil-0~20200923.2/absl/strings/internal/utf8_test.cc:38:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf1[7] = {'\xFF', '\xFF', '\xFF', '\xFF', '\xFF', '\xFF', '\xFF'}; data/abseil-0~20200923.2/absl/strings/internal/utf8_test.cc:54:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[32] = "Don't Tread On Me"; data/abseil-0~20200923.2/absl/strings/internal/utf8_test.cc:57:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf2[32] = "Negative is invalid but sane"; data/abseil-0~20200923.2/absl/strings/numbers.cc:130:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char one_ASCII_final_digits[10][2] { data/abseil-0~20200923.2/absl/strings/numbers.cc:176:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buffer, one_ASCII_final_digits[i], 2); data/abseil-0~20200923.2/absl/strings/numbers.cc:256:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buffer, one_ASCII_final_digits[u32], 2); data/abseil-0~20200923.2/absl/strings/numbers.cc:347:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char digits[6]; data/abseil-0~20200923.2/absl/strings/numbers.cc:485:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(out, "nan"); // NOLINT(runtime/printf) data/abseil-0~20200923.2/absl/strings/numbers.cc:499:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(out, "inf"); // NOLINT(runtime/printf) data/abseil-0~20200923.2/absl/strings/numbers.cc:510:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(out, &digits[0], 6), out += 6; data/abseil-0~20200923.2/absl/strings/numbers.cc:514:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(out, &digits[0], 5), out += 5; data/abseil-0~20200923.2/absl/strings/numbers.cc:522:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(out, &digits[0], 4), out += 4; data/abseil-0~20200923.2/absl/strings/numbers.cc:531:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(out, &digits[0], 3), out += 3; data/abseil-0~20200923.2/absl/strings/numbers.cc:533:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(out, &digits[3], 3); data/abseil-0~20200923.2/absl/strings/numbers.cc:540:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(out, &digits[0], 2), out += 2; data/abseil-0~20200923.2/absl/strings/numbers.cc:542:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(out, &digits[2], 4); data/abseil-0~20200923.2/absl/strings/numbers.cc:549:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(out, &digits[0], 1), out += 1; data/abseil-0~20200923.2/absl/strings/numbers.cc:551:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(out, &digits[1], 5); data/abseil-0~20200923.2/absl/strings/numbers.cc:571:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(out, &digits[0], 6); data/abseil-0~20200923.2/absl/strings/numbers.cc:581:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(out, &digits[1], 5), out += 5; data/abseil-0~20200923.2/absl/strings/numbers.cc:906:32: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ABSL_CONST_INIT ABSL_DLL const char kHexTable[513] = data/abseil-0~20200923.2/absl/strings/numbers.cc:924:32: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ABSL_CONST_INIT ABSL_DLL const char two_ASCII_digits[100][2] = { data/abseil-0~20200923.2/absl/strings/numbers.h:110:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ABSL_DLL extern const char kHexChar[17]; // 0123456789abcdef data/abseil-0~20200923.2/absl/strings/numbers.h:111:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ABSL_DLL extern const char data/abseil-0~20200923.2/absl/strings/numbers.h:113:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ABSL_DLL extern const char data/abseil-0~20200923.2/absl/strings/numbers.h:124:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf, two_ASCII_digits[i], 2); data/abseil-0~20200923.2/absl/strings/numbers.h:237:10: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. std::memcpy(out + 2 * i, hex, 2); data/abseil-0~20200923.2/absl/strings/numbers_benchmark.cc:32:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[absl::numbers_internal::kFastToBufferSize]; data/abseil-0~20200923.2/absl/strings/numbers_benchmark.cc:275:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[16]; data/abseil-0~20200923.2/absl/strings/numbers_test.cc:86:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[maxlen + 5]; data/abseil-0~20200923.2/absl/strings/numbers_test.cc:154:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[absl::numbers_internal::kFastToBufferSize]; data/abseil-0~20200923.2/absl/strings/numbers_test.cc:164:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[absl::numbers_internal::kFastToBufferSize + 3]; data/abseil-0~20200923.2/absl/strings/numbers_test.cc:181:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[absl::numbers_internal::kFastToBufferSize]; data/abseil-0~20200923.2/absl/strings/numbers_test.cc:191:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[absl::numbers_internal::kFastToBufferSize + 1]; data/abseil-0~20200923.2/absl/strings/numbers_test.cc:206:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char expected[16 + 1]; data/abseil-0~20200923.2/absl/strings/numbers_test.cc:818:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[16]; // more than enough for %.9g data/abseil-0~20200923.2/absl/strings/numbers_test.cc:895:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sixdigitsbuf[kSixDigitsToBufferSize] = {0}; data/abseil-0~20200923.2/absl/strings/numbers_test.cc:897:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char snprintfbuf[kSixDigitsToBufferSize] = {0}; data/abseil-0~20200923.2/absl/strings/numbers_test.cc:953:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[kSixDigitsToBufferSize]; data/abseil-0~20200923.2/absl/strings/numbers_test.cc:977:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sixdigitsbuf[kSixDigitsToBufferSize] = {0}; data/abseil-0~20200923.2/absl/strings/numbers_test.cc:979:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char snprintfbuf[kSixDigitsToBufferSize] = {0}; data/abseil-0~20200923.2/absl/strings/numbers_test.cc:983:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char b1[32], b2[kSixDigitsToBufferSize]; data/abseil-0~20200923.2/absl/strings/numbers_test.cc:1261:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[16]; data/abseil-0~20200923.2/absl/strings/numbers_test.cc:1264:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf2[17]; data/abseil-0~20200923.2/absl/strings/str_cat.cc:93:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(out, x.data(), x.size()); data/abseil-0~20200923.2/absl/strings/str_cat.cc:152:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(out, piece.data(), this_size); data/abseil-0~20200923.2/absl/strings/str_cat.cc:184:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(out, piece.data(), this_size); data/abseil-0~20200923.2/absl/strings/str_cat.h:287:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char digits_[numbers_internal::kFastToBufferSize]; data/abseil-0~20200923.2/absl/strings/str_cat_benchmark.cc:36:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char foo[100]; data/abseil-0~20200923.2/absl/strings/str_cat_benchmark.cc:52:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char on_stack[1000]; data/abseil-0~20200923.2/absl/strings/str_cat_test.cc:484:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char expected[256]; data/abseil-0~20200923.2/absl/strings/str_cat_test.cc:510:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char expected[256]; data/abseil-0~20200923.2/absl/strings/str_format_test.cc:50:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[4096]{}; data/abseil-0~20200923.2/absl/strings/str_format_test.cc:243:27: [2] (tmpfile) tmpfile: Function tmpfile() has a security flaw on some systems (e.g., older System V systems) (CWE-377). TempFile() : file_(std::tmpfile()) {} data/abseil-0~20200923.2/absl/strings/str_format_test.cc:283:23: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). std::FILE* f = std::fopen("/dev/null", "w"); data/abseil-0~20200923.2/absl/strings/str_format_test.cc:311:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[16]; data/abseil-0~20200923.2/absl/strings/str_join_test.cc:442:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[128]; data/abseil-0~20200923.2/absl/strings/str_replace_benchmark.cc:60:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&(*big_string)[r % (big_string->size() - phrase.size())], data/abseil-0~20200923.2/absl/strings/str_replace_benchmark.cc:70:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&(*after_replacing_the)[pos], "box", 3); data/abseil-0~20200923.2/absl/strings/string_view.cc:31:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fill_buf[32]; data/abseil-0~20200923.2/absl/strings/string_view_test.cc:310:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char test[absl::string_view::npos & 1] = {0}; data/abseil-0~20200923.2/absl/strings/string_view_test.cc:358:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[4] = { '%', '%', '%', '%' }; data/abseil-0~20200923.2/absl/strings/substitute.h:184:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char scratch_[numbers_internal::kFastToBufferSize]; data/abseil-0~20200923.2/absl/strings/substitute_test.cc:87:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char char_buf[16]; data/abseil-0~20200923.2/absl/synchronization/internal/graphcycles_test.cc:398:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[20]; data/abseil-0~20200923.2/absl/synchronization/internal/waiter.h:145:27: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. alignas(void*) unsigned char mu_storage_[sizeof(void*)]; data/abseil-0~20200923.2/absl/synchronization/internal/waiter.h:146:27: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. alignas(void*) unsigned char cv_storage_[sizeof(void*)]; data/abseil-0~20200923.2/absl/synchronization/mutex.cc:304:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[1]; // actually longer---NUL-terminated string data/abseil-0~20200923.2/absl/synchronization/mutex.cc:419:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[ABSL_ARRAYSIZE(pcs) * 24]; data/abseil-0~20200923.2/absl/synchronization/mutex.cc:1264:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sym[kSymLen]; data/abseil-0~20200923.2/absl/synchronization/mutex.cc:1294:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[6100]; data/abseil-0~20200923.2/absl/synchronization/mutex_test.cc:1040:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char file[MAX_PATH]; data/abseil-0~20200923.2/absl/time/duration.cc:727:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[sizeof("2562047788015216")]; // hours in max duration data/abseil-0~20200923.2/absl/time/duration.cc:741:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[kBufferSize]; // also large enough to hold integer part data/abseil-0~20200923.2/absl/time/internal/cctz/src/time_zone_fixed.cc:107:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[prefix_len + sizeof("-24:00:00")]; data/abseil-0~20200923.2/absl/time/internal/cctz/src/time_zone_format.cc:341:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[3 + kDigits10_64]; // enough for longest conversion data/abseil-0~20200923.2/absl/time/internal/cctz/src/time_zone_info.cc:586:10: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). return fopen(path, mode); // TODO: Enable the close-on-exec flag. data/abseil-0~20200923.2/absl/time/internal/cctz/src/time_zone_info.cc:682:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char hbuf[24]; // covers header.zonetab_offset too data/abseil-0~20200923.2/absl/time/internal/cctz/src/time_zone_info.cc:692:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ebuf[52]; // covers entry.unused too data/abseil-0~20200923.2/absl/time/internal/cctz/src/time_zone_lookup.cc:125:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sysprop[PROP_VALUE_MAX]; data/abseil-0~20200923.2/absl/time/internal/cctz/src/tzfile.h:45:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tzh_magic[4]; /* TZ_MAGIC */ data/abseil-0~20200923.2/absl/time/internal/cctz/src/tzfile.h:46:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tzh_version[1]; /* '\0' or '2' or '3' as of 2013 */ data/abseil-0~20200923.2/absl/time/internal/cctz/src/tzfile.h:47:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tzh_reserved[15]; /* reserved; must be zero */ data/abseil-0~20200923.2/absl/time/internal/cctz/src/tzfile.h:48:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tzh_ttisutcnt[4]; /* coded number of trans. time flags */ data/abseil-0~20200923.2/absl/time/internal/cctz/src/tzfile.h:49:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tzh_ttisstdcnt[4]; /* coded number of trans. time flags */ data/abseil-0~20200923.2/absl/time/internal/cctz/src/tzfile.h:50:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tzh_leapcnt[4]; /* coded number of leap seconds */ data/abseil-0~20200923.2/absl/time/internal/cctz/src/tzfile.h:51:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tzh_timecnt[4]; /* coded number of transition times */ data/abseil-0~20200923.2/absl/time/internal/cctz/src/tzfile.h:52:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tzh_typecnt[4]; /* coded number of local time types */ data/abseil-0~20200923.2/absl/time/internal/cctz/src/tzfile.h:53:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tzh_charcnt[4]; /* coded number of abbr. chars */ data/abseil-0~20200923.2/absl/time/internal/test_util.cc:91:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ptr, data_, len); data/abseil-0~20200923.2/absl/types/span_test.cc:823:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char bytes[10000]; data/abseil-0~20200923.2/absl/algorithm/algorithm.h:74:15: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. std::equal(first1, last1, first2); data/abseil-0~20200923.2/absl/algorithm/container.h:405:16: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. std::equal(container_algorithm_internal::c_begin(c1), data/abseil-0~20200923.2/absl/algorithm/container.h:431:15: [1] (buffer) is_permutation: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. std::is_permutation(begin(c1), end(c1), begin(c2)); data/abseil-0~20200923.2/absl/algorithm/equal_benchmark.cc:54:28: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. const bool same = std::equal(xs.begin(), xs.end(), ys.begin()); data/abseil-0~20200923.2/absl/base/internal/raw_logging.cc:169:59: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). absl::raw_logging_internal::SafeWriteToStderr(buffer, strlen(buffer)); data/abseil-0~20200923.2/absl/base/internal/sysinfo.cc:129:15: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). int len = read(fd, line, sizeof(line) - 1); data/abseil-0~20200923.2/absl/container/btree_benchmark.cc:592:17: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. return std::equal(values.begin(), values.begin() + std::min(Size, Copies), data/abseil-0~20200923.2/absl/container/btree_test.cc:2125:52: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. : a == b ? absl::strong_ordering::equal data/abseil-0~20200923.2/absl/container/internal/btree_container.h:167:17: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. return std::equal(x.begin(), x.end(), y.begin()); data/abseil-0~20200923.2/absl/container/internal/layout_test.cc:1523:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const size_t size = strlen(s); data/abseil-0~20200923.2/absl/container/internal/unordered_map_constructor_test.h:62:5: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. E equal; data/abseil-0~20200923.2/absl/container/internal/unordered_map_constructor_test.h:63:28: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. TypeParam m(123, hasher, equal); data/abseil-0~20200923.2/absl/container/internal/unordered_map_constructor_test.h:65:25: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. EXPECT_EQ(m.key_eq(), equal); data/abseil-0~20200923.2/absl/container/internal/unordered_map_constructor_test.h:76:5: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. E equal; data/abseil-0~20200923.2/absl/container/internal/unordered_map_constructor_test.h:78:28: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. TypeParam m(123, hasher, equal, alloc); data/abseil-0~20200923.2/absl/container/internal/unordered_map_constructor_test.h:80:25: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. EXPECT_EQ(m.key_eq(), equal); data/abseil-0~20200923.2/absl/container/internal/unordered_map_constructor_test.h:177:5: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. E equal; data/abseil-0~20200923.2/absl/container/internal/unordered_map_constructor_test.h:182:58: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. TypeParam m(values.begin(), values.end(), 123, hasher, equal, alloc); data/abseil-0~20200923.2/absl/container/internal/unordered_map_constructor_test.h:184:25: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. EXPECT_EQ(m.key_eq(), equal); data/abseil-0~20200923.2/absl/container/internal/unordered_map_constructor_test.h:241:5: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. E equal; data/abseil-0~20200923.2/absl/container/internal/unordered_map_constructor_test.h:243:28: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. TypeParam m(123, hasher, equal, alloc); data/abseil-0~20200923.2/absl/container/internal/unordered_map_constructor_test.h:262:5: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. E equal; data/abseil-0~20200923.2/absl/container/internal/unordered_map_constructor_test.h:264:28: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. TypeParam m(123, hasher, equal, alloc); data/abseil-0~20200923.2/absl/container/internal/unordered_map_constructor_test.h:285:5: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. E equal; data/abseil-0~20200923.2/absl/container/internal/unordered_map_constructor_test.h:287:28: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. TypeParam m(123, hasher, equal, alloc); data/abseil-0~20200923.2/absl/container/internal/unordered_map_constructor_test.h:307:5: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. E equal; data/abseil-0~20200923.2/absl/container/internal/unordered_map_constructor_test.h:309:28: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. TypeParam m(123, hasher, equal, alloc); data/abseil-0~20200923.2/absl/container/internal/unordered_map_constructor_test.h:333:5: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. E equal; data/abseil-0~20200923.2/absl/container/internal/unordered_map_constructor_test.h:335:36: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. TypeParam m(values, 123, hasher, equal, alloc); data/abseil-0~20200923.2/absl/container/internal/unordered_map_constructor_test.h:337:25: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. EXPECT_EQ(m.key_eq(), equal); data/abseil-0~20200923.2/absl/container/internal/unordered_map_constructor_test.h:392:5: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. E equal; data/abseil-0~20200923.2/absl/container/internal/unordered_map_constructor_test.h:395:51: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. TypeParam m({gen(), gen(), gen()}, 123, hasher, equal, alloc); data/abseil-0~20200923.2/absl/container/internal/unordered_map_constructor_test.h:412:5: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. E equal; data/abseil-0~20200923.2/absl/container/internal/unordered_map_constructor_test.h:415:51: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. TypeParam m({gen(), gen(), gen()}, 123, hasher, equal, alloc); data/abseil-0~20200923.2/absl/container/internal/unordered_set_constructor_test.h:64:5: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. E equal; data/abseil-0~20200923.2/absl/container/internal/unordered_set_constructor_test.h:65:28: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. TypeParam m(123, hasher, equal); data/abseil-0~20200923.2/absl/container/internal/unordered_set_constructor_test.h:67:25: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. EXPECT_EQ(m.key_eq(), equal); data/abseil-0~20200923.2/absl/container/internal/unordered_set_constructor_test.h:78:5: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. E equal; data/abseil-0~20200923.2/absl/container/internal/unordered_set_constructor_test.h:80:28: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. TypeParam m(123, hasher, equal, alloc); data/abseil-0~20200923.2/absl/container/internal/unordered_set_constructor_test.h:82:25: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. EXPECT_EQ(m.key_eq(), equal); data/abseil-0~20200923.2/absl/container/internal/unordered_set_constructor_test.h:90:26: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. EXPECT_EQ(cm.key_eq(), equal); data/abseil-0~20200923.2/absl/container/internal/unordered_set_constructor_test.h:187:5: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. E equal; data/abseil-0~20200923.2/absl/container/internal/unordered_set_constructor_test.h:192:58: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. TypeParam m(values.begin(), values.end(), 123, hasher, equal, alloc); data/abseil-0~20200923.2/absl/container/internal/unordered_set_constructor_test.h:194:25: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. EXPECT_EQ(m.key_eq(), equal); data/abseil-0~20200923.2/absl/container/internal/unordered_set_constructor_test.h:251:5: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. E equal; data/abseil-0~20200923.2/absl/container/internal/unordered_set_constructor_test.h:253:28: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. TypeParam m(123, hasher, equal, alloc); data/abseil-0~20200923.2/absl/container/internal/unordered_set_constructor_test.h:260:34: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. EXPECT_NE(TypeParam(0, hasher, equal, alloc), n); data/abseil-0~20200923.2/absl/container/internal/unordered_set_constructor_test.h:273:5: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. E equal; data/abseil-0~20200923.2/absl/container/internal/unordered_set_constructor_test.h:275:28: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. TypeParam m(123, hasher, equal, alloc); data/abseil-0~20200923.2/absl/container/internal/unordered_set_constructor_test.h:296:5: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. E equal; data/abseil-0~20200923.2/absl/container/internal/unordered_set_constructor_test.h:298:28: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. TypeParam m(123, hasher, equal, alloc); data/abseil-0~20200923.2/absl/container/internal/unordered_set_constructor_test.h:318:5: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. E equal; data/abseil-0~20200923.2/absl/container/internal/unordered_set_constructor_test.h:320:28: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. TypeParam m(123, hasher, equal, alloc); data/abseil-0~20200923.2/absl/container/internal/unordered_set_constructor_test.h:344:5: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. E equal; data/abseil-0~20200923.2/absl/container/internal/unordered_set_constructor_test.h:346:36: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. TypeParam m(values, 123, hasher, equal, alloc); data/abseil-0~20200923.2/absl/container/internal/unordered_set_constructor_test.h:348:25: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. EXPECT_EQ(m.key_eq(), equal); data/abseil-0~20200923.2/absl/container/internal/unordered_set_constructor_test.h:403:5: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. E equal; data/abseil-0~20200923.2/absl/container/internal/unordered_set_constructor_test.h:406:51: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. TypeParam m({gen(), gen(), gen()}, 123, hasher, equal, alloc); data/abseil-0~20200923.2/absl/container/internal/unordered_set_constructor_test.h:423:5: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. E equal; data/abseil-0~20200923.2/absl/container/internal/unordered_set_constructor_test.h:426:51: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. TypeParam m({gen(), gen(), gen()}, 123, hasher, equal, alloc); data/abseil-0~20200923.2/absl/debugging/failure_signal_handler.cc:219:55: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). absl::raw_logging_internal::SafeWriteToStderr(data, strlen(data)); data/abseil-0~20200923.2/absl/debugging/failure_signal_handler_test.cc:66:32: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ABSL_RAW_CHECK(fwrite(msg, strlen(msg), 1, error_file) == 1, data/abseil-0~20200923.2/absl/debugging/internal/address_is_readable.cc:121:14: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while (read(read_fd, &c, 1) == -1 && errno == EINTR) { data/abseil-0~20200923.2/absl/debugging/internal/vdso_support.cc:87:12: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while (read(fd, &aux, sizeof(aux)) == sizeof(aux)) { data/abseil-0~20200923.2/absl/debugging/symbolize_test.cc:136:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(try_symbolize_buffer, heap_buffer.get(), data/abseil-0~20200923.2/absl/debugging/symbolize_test.cc:169:38: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(kNonStaticFunc) + 1)); data/abseil-0~20200923.2/absl/debugging/symbolize_test.cc:172:38: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(kNonStaticFunc) + 0)); data/abseil-0~20200923.2/absl/debugging/symbolize_test.cc:175:38: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(kNonStaticFunc) - 1)); data/abseil-0~20200923.2/absl/debugging/symbolize_test.cc:358:3: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(args->symbol_buf, message->c_str(), data/abseil-0~20200923.2/absl/debugging/symbolize_test.cc:359:35: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). args->symbol_buf_size - strlen(args->symbol_buf) - 1); data/abseil-0~20200923.2/absl/debugging/symbolize_test.cc:499:38: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(kNonStaticFunc) + 1)); data/abseil-0~20200923.2/absl/debugging/symbolize_test.cc:502:38: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(kNonStaticFunc) + 0)); data/abseil-0~20200923.2/absl/debugging/symbolize_test.cc:505:38: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(kNonStaticFunc) - 1)); data/abseil-0~20200923.2/absl/random/internal/iostream_state_saver.h:186:24: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). inline absl::uint128 read(IStream& in) { data/abseil-0~20200923.2/absl/random/internal/iostream_state_saver.h:205:22: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). inline __uint128_t read(IStream& in) { data/abseil-0~20200923.2/absl/random/internal/pcg_engine.h:142:24: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). auto mult = helper.read(is); data/abseil-0~20200923.2/absl/random/internal/pcg_engine.h:143:23: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). auto inc = helper.read(is); data/abseil-0~20200923.2/absl/random/internal/pcg_engine.h:144:23: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). auto tmp = helper.read(is); data/abseil-0~20200923.2/absl/random/internal/randen_engine.h:165:17: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. std::equal(std::begin(state_), std::end(state_), data/abseil-0~20200923.2/absl/random/internal/seed_material.cc:139:22: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). int bytes_read = read(dev_urandom, buffer, buffer_size); data/abseil-0~20200923.2/absl/strings/ascii_test.cc:206:45: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). std::transform(mutable_buf, mutable_buf + strlen(mutable_buf), data/abseil-0~20200923.2/absl/strings/ascii_test.cc:222:45: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). std::transform(mutable_buf, mutable_buf + strlen(mutable_buf), data/abseil-0~20200923.2/absl/strings/charconv_benchmark.cc:36:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const char* pi_end = pi + strlen(pi); data/abseil-0~20200923.2/absl/strings/charconv_benchmark.cc:57:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const char* pi_end = pi + strlen(pi); data/abseil-0~20200923.2/absl/strings/charconv_benchmark.cc:78:37: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const char* numstr_end = numstr + strlen(numstr); data/abseil-0~20200923.2/absl/strings/charconv_benchmark.cc:99:37: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const char* numstr_end = numstr + strlen(numstr); data/abseil-0~20200923.2/absl/strings/internal/memutil.h:121:57: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). return int_memmatch<true>(phaystack, haylen, pneedle, strlen(pneedle)); data/abseil-0~20200923.2/absl/strings/internal/memutil.h:126:58: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). return int_memmatch<false>(phaystack, haylen, pneedle, strlen(pneedle)); data/abseil-0~20200923.2/absl/strings/internal/str_format/arg.cc:361:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = std::strlen(v); data/abseil-0~20200923.2/absl/strings/internal/str_format/bind_test.cc:16:44: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). return ConsumeUnboundConversion(s, s + strlen(s), props, next) == data/abseil-0~20200923.2/absl/strings/internal/str_format/bind_test.cc:17:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). s + strlen(s); data/abseil-0~20200923.2/absl/strings/internal/str_format/parser_test.cc:80:48: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). return ConsumeUnboundConversion(fmt, fmt + strlen(fmt), &o, &next) == data/abseil-0~20200923.2/absl/strings/internal/str_format/parser_test.cc:81:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). fmt + strlen(fmt); data/abseil-0~20200923.2/absl/strings/numbers_test.cc:750:64: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). safe_strtou32_base(absl::string_view(tmp.data(), strlen(e.str)), data/abseil-0~20200923.2/absl/strings/numbers_test.cc:780:64: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). safe_strtou64_base(absl::string_view(tmp.data(), strlen(e.str)), data/abseil-0~20200923.2/absl/strings/str_replace_benchmark.cc:87:47: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). after_replacing_many->replace(next_pos, strlen(needle_string), data/abseil-0~20200923.2/absl/strings/str_replace_benchmark.cc:89:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). next_pos += strlen(replacement_string); data/abseil-0~20200923.2/absl/strings/string_view.h:546:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). return str ? strlen(str) : 0; data/abseil-0~20200923.2/absl/strings/string_view_test.cc:129:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). s1.remove_prefix(strlen("BUNGIE-JUM")); data/abseil-0~20200923.2/absl/strings/string_view_test.cc:132:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). s2.remove_prefix(strlen("SLEE")); data/abseil-0~20200923.2/absl/strings/string_view_test.cc:710:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int utf8_len = strlen(utf8.data()); data/abseil-0~20200923.2/absl/strings/string_view_test.cc:942:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). EXPECT_EQ(strlen(kHi), s.size()); data/abseil-0~20200923.2/absl/strings/string_view_test.cc:961:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). EXPECT_EQ(strlen(kHi), s.size()); data/abseil-0~20200923.2/absl/strings/substitute_test.cc:88:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). Risk is low because the source is a constant string. strncpy(char_buf, "print me too", sizeof(char_buf)); data/abseil-0~20200923.2/absl/synchronization/mutex.cc:329:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t l = strlen(name); data/abseil-0~20200923.2/absl/synchronization/mutex.cc:1277:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len += strlen(&buf[len]); data/abseil-0~20200923.2/absl/synchronization/mutex.cc:1365:35: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len += static_cast<int>(strlen(&b->buf[len])); data/abseil-0~20200923.2/absl/synchronization/mutex.cc:1381:44: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). StackString(stack, depth, b->buf + strlen(b->buf), data/abseil-0~20200923.2/absl/synchronization/mutex.cc:1382:55: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). static_cast<int>(sizeof(b->buf) - strlen(b->buf)), data/abseil-0~20200923.2/absl/time/format.cc:114:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). {kInfiniteFutureStr, strlen(kInfiniteFutureStr), InfiniteFuture()}, data/abseil-0~20200923.2/absl/time/format.cc:115:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). {kInfinitePastStr, strlen(kInfinitePastStr), InfinitePast()}, data/abseil-0~20200923.2/absl/time/internal/cctz/src/time_zone_fixed.cc:65:13: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. if (!std::equal(kFixedZonePrefix, ep, name.begin())) return false; data/abseil-0~20200923.2/absl/time/internal/cctz/src/time_zone_format.cc:66:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). (input.eof() ? strlen(s) : static_cast<std::size_t>(input.tellg())); data/abseil-0~20200923.2/absl/types/compare.h:74:16: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. equivalent = equal, data/abseil-0~20200923.2/absl/types/compare.h:123:38: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. ABSL_COMPARE_INLINE_BASECLASS_DECL(equal); data/abseil-0~20200923.2/absl/types/compare.h:147:38: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. ABSL_COMPARE_INLINE_BASECLASS_DECL(equal); data/abseil-0~20200923.2/absl/types/compare.h:205:54: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. ABSL_COMPARE_INLINE_SUBCLASS_DECL(strong_equality, equal); data/abseil-0~20200923.2/absl/types/compare.h:244:43: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. ABSL_COMPARE_INLINE_INIT(strong_equality, equal, compare_internal::eq::equal); data/abseil-0~20200923.2/absl/types/compare.h:244:72: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. ABSL_COMPARE_INLINE_INIT(strong_equality, equal, compare_internal::eq::equal); data/abseil-0~20200923.2/absl/types/compare.h:447:54: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. ABSL_COMPARE_INLINE_SUBCLASS_DECL(strong_ordering, equal); data/abseil-0~20200923.2/absl/types/compare.h:457:43: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. return value_ == 0 ? strong_equality::equal : strong_equality::nonequal; data/abseil-0~20200923.2/absl/types/compare.h:531:43: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. ABSL_COMPARE_INLINE_INIT(strong_ordering, equal, compare_internal::eq::equal); data/abseil-0~20200923.2/absl/types/compare.h:531:72: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. ABSL_COMPARE_INLINE_INIT(strong_ordering, equal, compare_internal::eq::equal); data/abseil-0~20200923.2/absl/types/compare_test.cc:47:46: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. EXPECT_TRUE(Identity(0 == strong_equality::equal)); data/abseil-0~20200923.2/absl/types/compare_test.cc:54:54: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. const strong_equality values[] = {strong_equality::equal, data/abseil-0~20200923.2/absl/types/compare_test.cc:63:72: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. EXPECT_TRUE(Identity(strong_equality::equivalent == strong_equality::equal)); data/abseil-0~20200923.2/absl/types/compare_test.cc:129:46: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. EXPECT_TRUE(Identity(0 == strong_ordering::equal)); data/abseil-0~20200923.2/absl/types/compare_test.cc:137:47: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. strong_ordering::less, strong_ordering::equal, strong_ordering::greater}; data/abseil-0~20200923.2/absl/types/compare_test.cc:145:72: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. EXPECT_TRUE(Identity(strong_ordering::equivalent == strong_ordering::equal)); data/abseil-0~20200923.2/absl/types/compare_test.cc:150:62: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. Identity(implicit_cast<weak_equality>(strong_equality::equal) == 0)); data/abseil-0~20200923.2/absl/types/compare_test.cc:191:62: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. Identity(implicit_cast<weak_equality>(strong_ordering::equal) == 0)); data/abseil-0~20200923.2/absl/types/compare_test.cc:200:64: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. Identity(implicit_cast<strong_equality>(strong_ordering::equal) == 0)); data/abseil-0~20200923.2/absl/types/compare_test.cc:213:65: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. Identity(implicit_cast<partial_ordering>(strong_ordering::equal) == 0)); data/abseil-0~20200923.2/absl/types/compare_test.cc:230:62: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. Identity(implicit_cast<weak_ordering>(strong_ordering::equal) == 0)); data/abseil-0~20200923.2/absl/types/variant_test.cc:1802:50: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int operator()(const char* s) const { return strlen(s); } ANALYSIS SUMMARY: Hits = 738 Lines analyzed = 194069 in approximately 4.17 seconds (46585 lines/second) Physical Source Lines of Code (SLOC) = 128353 Hits@level = [0] 83 [1] 135 [2] 295 [3] 44 [4] 264 [5] 0 Hits@level+ = [0+] 821 [1+] 738 [2+] 603 [3+] 308 [4+] 264 [5+] 0 Hits/KSLOC@level+ = [0+] 6.39642 [1+] 5.74977 [2+] 4.69798 [3+] 2.39963 [4+] 2.05683 [5+] 0 Dot directories skipped = 2 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.