Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/atlc-4.6.1/tests/Test_threads_b.c
Examining data/atlc-4.6.1/tests/try_linux.c
Examining data/atlc-4.6.1/tests/try_portable.c
Examining data/atlc-4.6.1/tests/try_solaris.c
Examining data/atlc-4.6.1/tests/try_aix.c
Examining data/atlc-4.6.1/tests/Test_threads_a.c
Examining data/atlc-4.6.1/tests/sysdata.c
Examining data/atlc-4.6.1/tests/defs.h
Examining data/atlc-4.6.1/tests/try_bsd.c
Examining data/atlc-4.6.1/tests/try_hpux.c
Examining data/atlc-4.6.1/tests/try_irix.c
Examining data/atlc-4.6.1/tests/try_tru64.c
Examining data/atlc-4.6.1/tests/MPI_16a_PI.c
Examining data/atlc-4.6.1/tests/try_unicos.c
Examining data/atlc-4.6.1/tests/benchmark.c
Examining data/atlc-4.6.1/src/finite_difference_mpi.c
Examining data/atlc-4.6.1/src/Erdata.h
Examining data/atlc-4.6.1/src/check_for_shorts.c
Examining data/atlc-4.6.1/src/bmp.h
Examining data/atlc-4.6.1/src/fill_image_vector_for_create_bmp_for_symmetrical_stripline.c
Examining data/atlc-4.6.1/src/check_error.c
Examining data/atlc-4.6.1/src/create_bmp_for_microstrip_coupler.c
Examining data/atlc-4.6.1/src/write_bitmap.c
Examining data/atlc-4.6.1/src/usage_create_bmp_for_symmetrical_stripline.c
Examining data/atlc-4.6.1/src/print_copyright.c
Examining data/atlc-4.6.1/src/check_parameters_of_create_bmp_for_rect_in_rect.c
Examining data/atlc-4.6.1/src/calculate_impedance_for_create_bmp_for_symmetrical_stripline.c
Examining data/atlc-4.6.1/src/usage_create_bmp_for_rect_cen_in_rect.c
Examining data/atlc-4.6.1/src/fill_circ_in_circ.c
Examining data/atlc-4.6.1/src/usage_create_bmp_for_circ_in_circ.c
Examining data/atlc-4.6.1/src/find_energy_per_metre.c
Examining data/atlc-4.6.1/src/create_bmp_for_symmetrical_stripline.c
Examining data/atlc-4.6.1/src/definitions.h
Examining data/atlc-4.6.1/src/find_electric_fields.c
Examining data/atlc-4.6.1/src/fill_rect_in_rect.c
Examining data/atlc-4.6.1/src/read_bitmap_file_headers.c
Examining data/atlc-4.6.1/src/memory.c
Examining data/atlc-4.6.1/src/usage_create_bmp_for_rect_in_rect.c
Examining data/atlc-4.6.1/src/convert_create_bmp_for_circ_in_rect_dimensions_to_integers.c
Examining data/atlc-4.6.1/src/set_oddity_from_Greens_paper.c
Examining data/atlc-4.6.1/src/write_bitmap_out.c
Examining data/atlc-4.6.1/src/check_parameters_of_create_bmp_for_circ_in_circ.c
Examining data/atlc-4.6.1/src/convert_create_bmp_for_circ_in_circ_dimensions_to_integers.c
Examining data/atlc-4.6.1/src/atlc.c
Examining data/atlc-4.6.1/src/find_maximum_values.c
Examining data/atlc-4.6.1/src/create_bmp_for_circ_in_circ.c
Examining data/atlc-4.6.1/src/align_bitmap_image.c
Examining data/atlc-4.6.1/src/design_coupler.c
Examining data/atlc-4.6.1/src/usage_create_any_bitmap.c
Examining data/atlc-4.6.1/src/find_optimal_dimensions_for_microstrip_coupler.c
Examining data/atlc-4.6.1/src/check_parameters_for_find_optimal_dimensions_for_microstrip_coupler.c
Examining data/atlc-4.6.1/src/calculate_integer_values.c
Examining data/atlc-4.6.1/src/create_bmp_for_rect_cen_in_rect.c
Examining data/atlc-4.6.1/src/create_bmp_for_rect_cen_in_rect_coupler.c
Examining data/atlc-4.6.1/src/finite_difference_multi_threaded.c
Examining data/atlc-4.6.1/src/create_bmp_for_stripline_coupler.c
Examining data/atlc-4.6.1/src/usage_atlc.c
Examining data/atlc-4.6.1/src/finite_difference_single_threaded.c
Examining data/atlc-4.6.1/src/readbin.c
Examining data/atlc-4.6.1/src/exit_with_msg_and_exit_code.c
Examining data/atlc-4.6.1/src/set_data_to_sensible_starting_values.c
Examining data/atlc-4.6.1/src/create_bmp_for_rect_in_rect.c
Examining data/atlc-4.6.1/src/exit_codes.h
Examining data/atlc-4.6.1/src/update_voltage_array.c
Examining data/atlc-4.6.1/src/write_fields_for_directional_couplers.c
Examining data/atlc-4.6.1/src/usage_find_optimal_dimensions_for_microstrip_coupler.c
Examining data/atlc-4.6.1/src/check_parameters_of_create_bmp_for_circ_in_rect.c
Examining data/atlc-4.6.1/src/convert_create_bmp_for_rect_in_circ_dimensions_to_integers.c
Examining data/atlc-4.6.1/src/get_file_pointer_with_right_filename.c
Examining data/atlc-4.6.1/src/create_any_bitmap.c
Examining data/atlc-4.6.1/src/usage_create_bmp_for_microstrip_coupler.c
Examining data/atlc-4.6.1/src/convert_create_bmp_for_rect_in_rect_dimensions_to_integers.c
Examining data/atlc-4.6.1/src/usage_create_bmp_for_rect_in_circ.c
Examining data/atlc-4.6.1/src/gsl_types.h
Examining data/atlc-4.6.1/src/fill_rect_in_circ.c
Examining data/atlc-4.6.1/src/calculate_colour_data.c
Examining data/atlc-4.6.1/src/usage_create_bmp_for_stripline_coupler.c
Examining data/atlc-4.6.1/src/give_examples_of_using_design_coupler.c
Examining data/atlc-4.6.1/src/write_fields_for_two_conductor_lines.c
Examining data/atlc-4.6.1/src/usage_create_bmp_for_circ_in_rect.c
Examining data/atlc-4.6.1/src/fill_circ_in_rect.c
Examining data/atlc-4.6.1/src/check_parameters_of_create_bmp_for_rect_in_circ.c
Examining data/atlc-4.6.1/src/setup_arrays.c
Examining data/atlc-4.6.1/src/usage_readbin.c
Examining data/atlc-4.6.1/src/fill_make_coupler.c
Examining data/atlc-4.6.1/src/get_Er1_and_Er2_colours.c
Examining data/atlc-4.6.1/src/usage_create_bmp_for_rect_cen_in_rect_coupler.c
Examining data/atlc-4.6.1/src/calculate_Zodd_and_Zeven.c
Examining data/atlc-4.6.1/src/create_bmp_for_rect_in_circ.c
Examining data/atlc-4.6.1/src/check_parameters_of_create_bmp_for_microstrip_coupler.c
Examining data/atlc-4.6.1/src/gsl_definitions.h
Examining data/atlc-4.6.1/src/check_for_boundaries.c
Examining data/atlc-4.6.1/src/elliptic_integral.c
Examining data/atlc-4.6.1/src/fill_image_vector_for_create_bmp_for_microstrip_coupler.c
Examining data/atlc-4.6.1/src/print_data_for_two_conductor_lines.c
Examining data/atlc-4.6.1/src/print_data_for_directional_couplers.c
Examining data/atlc-4.6.1/src/get_options.c
Examining data/atlc-4.6.1/src/usage_design_coupler.c
Examining data/atlc-4.6.1/src/convert_create_bmp_for_coupled_microstrip_dimensions_to_integers.c
Examining data/atlc-4.6.1/src/do_fd_calculation.c
Examining data/atlc-4.6.1/src/create_bmp_for_circ_in_rect.c
Examining data/atlc-4.6.1/src/gsl_sf_ellint_Kcomp.c
Examining data/atlc-4.6.1/src/byteswap.c
Examining data/atlc-4.6.1/src/swap_conductor_voltages.c
Examining data/atlc-4.6.1/docs/qex-december-1996/ATLC.C
Examining data/atlc-4.6.1/tools/src/coax.c
Examining data/atlc-4.6.1/tools/src/mymd5sum.c
Examining data/atlc-4.6.1/tools/src/get_options.c
Examining data/atlc-4.6.1/tools/src/md5.h
Examining data/atlc-4.6.1/tools/src/dualcoax.c
Examining data/atlc-4.6.1/tools/src/myfilelength.c
Examining data/atlc-4.6.1/tools/src/locatediff.c
Examining data/atlc-4.6.1/tools/src/usage_coax.c
FINAL RESULTS:
data/atlc-4.6.1/src/atlc.c:139:14: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void) strcpy(output_prefix,my_optarg);
data/atlc-4.6.1/src/atlc.c:194:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void) strcpy(inputfile_name, argv[my_optind]);
data/atlc-4.6.1/src/atlc.c:195:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void) strcpy(outputfile_name, output_prefix);
data/atlc-4.6.1/src/atlc.c:196:12: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
(void) strcat(output_prefix,inputfile_name);
data/atlc-4.6.1/src/atlc.c:197:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void) strcpy(outputfile_name,output_prefix);
data/atlc-4.6.1/src/find_optimal_dimensions_for_microstrip_coupler.c:109:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void) strcpy(outfile_name, argv[my_optind+6]);
data/atlc-4.6.1/src/find_optimal_dimensions_for_microstrip_coupler.c:115:25: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if( (exit_code=pclose(popen("rm 1.txt 1.bmp","w"))) != 0)
data/atlc-4.6.1/src/find_optimal_dimensions_for_microstrip_coupler.c:126:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd,"create_bmp_for_microstrip_coupler %f %f %f %f %f %f %f %s\n",w, s, g, h, t, Er1, Er2,temporary_bmp_file);
data/atlc-4.6.1/src/find_optimal_dimensions_for_microstrip_coupler.c:127:24: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if( (exit_code=pclose(popen(cmd,"w"))) != 0)
data/atlc-4.6.1/src/find_optimal_dimensions_for_microstrip_coupler.c:132:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd,"atlc -S -s %s > %s\n", temporary_bmp_file, temporary_txt_file);
data/atlc-4.6.1/src/find_optimal_dimensions_for_microstrip_coupler.c:133:19: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
exit_code=pclose(popen(cmd,"w"));
data/atlc-4.6.1/src/find_optimal_dimensions_for_microstrip_coupler.c:134:24: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if( (exit_code=pclose(popen(cmd,"w"))) != 0)
data/atlc-4.6.1/src/find_optimal_dimensions_for_microstrip_coupler.c:141:2: [4] (buffer) fscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
fscanf(fp,"%s %d %s %lf %s %lf %s %lf %s %lf %s %lf %s %lf %s %lf",null,&x,null,&Er_odd,null,&Er_even, null, &Zodd,null,&Zeven,null,&Zo, null, &Zdiff,null,&Zcomm);
data/atlc-4.6.1/src/get_file_pointer_with_right_filename.c:55:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void) strcpy(temp,basename);
data/atlc-4.6.1/src/get_file_pointer_with_right_filename.c:56:10: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
(void) strcat(temp,extension);
data/atlc-4.6.1/tests/benchmark.c:139:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str,"%s -s -S -t0 %s > /dev/null 2> /dev/null \n", argv[1], argv[2]);
data/atlc-4.6.1/tests/benchmark.c:141:10: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
pclose(popen(str, "w"));
data/atlc-4.6.1/tests/benchmark.c:149:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str,"%s -s -S %s > /dev/null\n", argv[1], argv[2]);
data/atlc-4.6.1/tests/benchmark.c:151:10: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
pclose(popen(str, "w"));
data/atlc-4.6.1/tests/try_portable.c:98:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(data->sysname,operating_system.sysname);
data/atlc-4.6.1/tests/try_portable.c:107:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(data->nodename,operating_system.nodename);
data/atlc-4.6.1/tests/try_portable.c:116:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(data->release,operating_system.release);
data/atlc-4.6.1/tests/try_portable.c:125:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(data->version,operating_system.version);
data/atlc-4.6.1/tests/try_portable.c:133:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(data->machine,operating_system.machine);
data/atlc-4.6.1/tests/try_solaris.c:100:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(data->cpu_type,infop.pi_processor_type);
data/atlc-4.6.1/tests/try_solaris.c:101:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(data->fpu_type,infop.pi_fputypes);
data/atlc-4.6.1/tests/try_unicos.c:69:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(data->hw_platform,mftype[sysconf(_SC_CRAY_MFTYPE)] );
data/atlc-4.6.1/docs/qex-december-1996/ATLC.C:17:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
W=atoi(argv[1]); /* Read shield width (in grid points) from command line. */
data/atlc-4.6.1/docs/qex-december-1996/ATLC.C:18:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
H=atoi(argv[2]); /* Read shield height (in grid points) from command line. */
data/atlc-4.6.1/docs/qex-december-1996/ATLC.C:19:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
w=atoi(argv[3]); /* Read strip width (in grid points) from command line. */
data/atlc-4.6.1/docs/qex-december-1996/ATLC.C:20:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
h=atoi(argv[4]); /* Read strip height (in grid points) from command line. */
data/atlc-4.6.1/docs/qex-december-1996/ATLC.C:21:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
t=atoi(argv[5]); /* Read strip thickness (in grid points) from command line. */
data/atlc-4.6.1/src/atlc.c:152:25: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
number_of_workers=atol(my_optarg);
data/atlc-4.6.1/src/atlc.c:235:26: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if( (image_data_fp=fopen(inputfile_name, "rb")) == NULL)
data/atlc-4.6.1/src/bmp.h:27:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zzMagic[2]; /* 00 "BM" */
data/atlc-4.6.1/src/byteswap.c:40:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char b[8],c[8];
data/atlc-4.6.1/src/byteswap.c:41:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy(b,a,8);
data/atlc-4.6.1/src/byteswap.c:50:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy(a,c,8);
data/atlc-4.6.1/src/create_bmp_for_circ_in_circ.c:84:16: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bmp_size=atol(my_optarg);
data/atlc-4.6.1/src/create_bmp_for_circ_in_circ.c:106:26: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if( (image_data_fp=fopen(filename,"wb")) == NULL)
data/atlc-4.6.1/src/create_bmp_for_circ_in_rect.c:73:16: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bmp_size=atol(my_optarg);
data/atlc-4.6.1/src/create_bmp_for_circ_in_rect.c:89:25: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((image_data_fp=fopen(argv[my_optind+6],"wb"))==NULL)
data/atlc-4.6.1/src/create_bmp_for_microstrip_coupler.c:58:20: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pcb.bmp_size=atol(my_optarg);
data/atlc-4.6.1/src/create_bmp_for_microstrip_coupler.c:92:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
image_data_fp=fopen(argv[my_optind+7],"wb");
data/atlc-4.6.1/src/create_bmp_for_rect_cen_in_rect.c:68:16: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bmp_size=atol(my_optarg);
data/atlc-4.6.1/src/create_bmp_for_rect_cen_in_rect.c:83:25: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((image_data_fp=fopen(argv[my_optind+5],"wb"))==NULL)
data/atlc-4.6.1/src/create_bmp_for_rect_cen_in_rect_coupler.c:41:16: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bmp_size=atol(my_optarg);
data/atlc-4.6.1/src/create_bmp_for_rect_cen_in_rect_coupler.c:57:25: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((image_data_fp=fopen(argv[my_optind+5],"wb"))==NULL)
data/atlc-4.6.1/src/create_bmp_for_rect_in_circ.c:62:16: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bmp_size=atol(my_optarg);
data/atlc-4.6.1/src/create_bmp_for_rect_in_circ.c:67:25: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((image_data_fp=fopen(my_optarg,"wb"))==NULL)
data/atlc-4.6.1/src/create_bmp_for_rect_in_rect.c:71:16: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bmp_size=atol(my_optarg);
data/atlc-4.6.1/src/create_bmp_for_rect_in_rect.c:91:25: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((image_data_fp=fopen(argv[my_optind+10],"wb"))==NULL)
data/atlc-4.6.1/src/create_bmp_for_stripline_coupler.c:66:16: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bmp_size=atol(my_optarg);
data/atlc-4.6.1/src/create_bmp_for_stripline_coupler.c:93:22: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if( (image_data_fp=fopen(argv[my_optind+4],"wb")) ==NULL)
data/atlc-4.6.1/src/create_bmp_for_symmetrical_stripline.c:81:5: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
W=atoi(argv[my_optind]);
data/atlc-4.6.1/src/create_bmp_for_symmetrical_stripline.c:82:5: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
H=atoi(argv[my_optind+1])+2*BORDER;
data/atlc-4.6.1/src/create_bmp_for_symmetrical_stripline.c:89:5: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
w=atoi(argv[my_optind+2]);
data/atlc-4.6.1/src/create_bmp_for_symmetrical_stripline.c:103:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fp=fopen(argv[my_optind+3],"wb")) == NULL)
data/atlc-4.6.1/src/definitions.h:266:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char zzMagic[2]; /* 00 "BM" */
data/atlc-4.6.1/src/find_optimal_dimensions_for_microstrip_coupler.c:113:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
(void) strcpy(temporary_bmp_file,"1.bmp");
data/atlc-4.6.1/src/find_optimal_dimensions_for_microstrip_coupler.c:114:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
(void) strcpy(temporary_txt_file,"1.txt");
data/atlc-4.6.1/src/find_optimal_dimensions_for_microstrip_coupler.c:139:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp=fopen(temporary_txt_file,"r")) ==NULL)
data/atlc-4.6.1/src/find_optimal_dimensions_for_microstrip_coupler.c:153:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp_best=fopen(outfile_name,"a")) == NULL)
data/atlc-4.6.1/src/get_file_pointer_with_right_filename.c:57:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fp=fopen(temp,"w+b"))==NULL)
data/atlc-4.6.1/src/get_options.c:74:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errbuf[2];
data/atlc-4.6.1/src/read_bitmap_file_headers.c:71:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp=fopen(filename,"rb");
data/atlc-4.6.1/src/readbin.c:60:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp=fopen(argv[my_optind],"rb");
data/atlc-4.6.1/tests/MPI_16a_PI.c:52:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char processor_name[MPI_MAX_PROCESSOR_NAME];
data/atlc-4.6.1/tests/benchmark.c:67:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy((char *) data.eff,"unknown");
data/atlc-4.6.1/tests/benchmark.c:69:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy((char *) data.eff,"N/A");
data/atlc-4.6.1/tests/benchmark.c:72:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy((char *) data.mhz,"unknown");
data/atlc-4.6.1/tests/benchmark.c:73:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy((char *) data.cpu_type,"unknown");
data/atlc-4.6.1/tests/benchmark.c:74:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy((char *) data.fpu_type,"unknown");
data/atlc-4.6.1/tests/benchmark.c:75:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy((char *) data.max_cpus,"unknown");
data/atlc-4.6.1/tests/benchmark.c:76:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy((char *) data.cpus,"unknown");
data/atlc-4.6.1/tests/benchmark.c:77:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy((char *) data.sysname,"unknown");
data/atlc-4.6.1/tests/benchmark.c:78:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy((char *) data.nodename,"unknown");
data/atlc-4.6.1/tests/benchmark.c:79:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy((char *) data.release,"unknown");
data/atlc-4.6.1/tests/benchmark.c:80:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy((char *) data.version,"unknown");
data/atlc-4.6.1/tests/benchmark.c:81:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy((char *) data.machine,"unknown");
data/atlc-4.6.1/tests/benchmark.c:82:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy((char *) data.hw_provider,"unknown");
data/atlc-4.6.1/tests/benchmark.c:83:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy((char *) data.hw_platform,"unknown");
data/atlc-4.6.1/tests/benchmark.c:84:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy((char *) data.speedup,"N/A ");
data/atlc-4.6.1/tests/benchmark.c:85:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy((char *) data.t2,"N/A ");
data/atlc-4.6.1/tests/benchmark.c:86:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy((char *) data.L1data,"unknown");
data/atlc-4.6.1/tests/benchmark.c:87:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy((char *) data.L1instruction,"unknown");
data/atlc-4.6.1/tests/benchmark.c:88:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy((char *) data.L2,"unknown");
data/atlc-4.6.1/tests/benchmark.c:125:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp=fopen(argv[1],"rb")) == NULL)
data/atlc-4.6.1/tests/benchmark.c:130:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp=fopen(argv[2],"rb")) == NULL)
data/atlc-4.6.1/tests/benchmark.c:143:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(data.t1,"%d",(int) (finished1-start1));
data/atlc-4.6.1/tests/benchmark.c:153:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(data.t2,"%d",(int) (finished2-start2));
data/atlc-4.6.1/tests/benchmark.c:154:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(data.speedup,"%.3f\n",atof(data.t1)/atof(data.t2)); /* other N/A */
data/atlc-4.6.1/tests/benchmark.c:162:6: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if(atoi(data.cpus) != 0)
data/atlc-4.6.1/tests/benchmark.c:163:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(data.eff,"%.3f",atof(data.speedup)/atoi(data.cpus)); /* otherwise unknown */
data/atlc-4.6.1/tests/benchmark.c:163:48: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
sprintf(data.eff,"%.3f",atof(data.speedup)/atoi(data.cpus)); /* otherwise unknown */
data/atlc-4.6.1/tests/defs.h:43:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mhz[MAX_SIZE]; /* Speed in MHz. Note its a string */
data/atlc-4.6.1/tests/defs.h:44:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cpus[MAX_SIZE]; /* Number of CPUs running */
data/atlc-4.6.1/tests/defs.h:45:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char max_cpus[MAX_SIZE]; /* Maximum number of CPUs support by system */
data/atlc-4.6.1/tests/defs.h:46:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sysname[MAX_SIZE]; /* System name - got by uname */
data/atlc-4.6.1/tests/defs.h:47:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nodename[MAX_SIZE]; /* nodename - got via uname */
data/atlc-4.6.1/tests/defs.h:48:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char release[MAX_SIZE]; /* Got via uname, but often wrong */
data/atlc-4.6.1/tests/defs.h:49:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char version[MAX_SIZE]; /* Version of the OS. Sometimes wrong. */
data/atlc-4.6.1/tests/defs.h:50:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char machine[MAX_SIZE]; /* Machine name */
data/atlc-4.6.1/tests/defs.h:51:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cpu_type[MAX_SIZE*3]; /* The CPU type */
data/atlc-4.6.1/tests/defs.h:52:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fpu_type[MAX_SIZE*3]; /* The FPU type */
data/atlc-4.6.1/tests/defs.h:53:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char memory[MAX_SIZE]; /* The memory in Mb */
data/atlc-4.6.1/tests/defs.h:54:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hw_provider[MAX_SIZE]; /* The hardware provider - Sun, IBM etc */
data/atlc-4.6.1/tests/defs.h:55:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hw_platform[MAX_SIZE]; /* The hardware platform - eg sun4u */
data/atlc-4.6.1/tests/defs.h:56:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char t1[MAX_SIZE]; /* Time in s to run benchmark single threaded */
data/atlc-4.6.1/tests/defs.h:57:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char t2[MAX_SIZE]; /* Time in s to run benchmark multi threaded */
data/atlc-4.6.1/tests/defs.h:58:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char speedup[MAX_SIZE]; /* t1/t2 */
data/atlc-4.6.1/tests/defs.h:59:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char eff[MAX_SIZE]; /* The efficiency - t1/(t2*cpus) */
data/atlc-4.6.1/tests/defs.h:60:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char L1data[MAX_SIZE]; /* Size of level 1 data cache in kb */
data/atlc-4.6.1/tests/defs.h:61:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char L1instruction[MAX_SIZE]; /* Size of level 1 instuction cache in kb */
data/atlc-4.6.1/tests/defs.h:62:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char L2[MAX_SIZE]; /* Size of L2 cache */
data/atlc-4.6.1/tests/sysdata.c:59:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy((char *) data.mhz,"unknown");
data/atlc-4.6.1/tests/sysdata.c:60:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy((char *) data.cpu_type,"unknown");
data/atlc-4.6.1/tests/sysdata.c:61:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy((char *) data.fpu_type,"unknown");
data/atlc-4.6.1/tests/sysdata.c:62:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy((char *) data.max_cpus,"unknown");
data/atlc-4.6.1/tests/sysdata.c:63:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy((char *) data.cpus,"unknown");
data/atlc-4.6.1/tests/sysdata.c:64:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy((char *) data.memory,"unknown");
data/atlc-4.6.1/tests/sysdata.c:65:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy((char *) data.sysname,"unknown");
data/atlc-4.6.1/tests/sysdata.c:66:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy((char *) data.nodename,"unknown");
data/atlc-4.6.1/tests/sysdata.c:67:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy((char *) data.release,"unknown");
data/atlc-4.6.1/tests/sysdata.c:68:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy((char *) data.version,"unknown");
data/atlc-4.6.1/tests/sysdata.c:69:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy((char *) data.machine,"unknown");
data/atlc-4.6.1/tests/sysdata.c:70:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy((char *) data.hw_provider,"unknown");
data/atlc-4.6.1/tests/sysdata.c:71:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy((char *) data.hw_platform,"unknown");
data/atlc-4.6.1/tests/sysdata.c:72:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy((char *) data.L1data,"unknown");
data/atlc-4.6.1/tests/sysdata.c:73:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy((char *) data.L1instruction,"unknown");
data/atlc-4.6.1/tests/sysdata.c:74:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy((char *) data.L2,"unknown");
data/atlc-4.6.1/tests/try_aix.c:57:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(data->hw_provider,"IBM");
data/atlc-4.6.1/tests/try_aix.c:62:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(data->hw_platform,"7015-930");
data/atlc-4.6.1/tests/try_aix.c:63:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(data->mhz,"25");
data/atlc-4.6.1/tests/try_aix.c:64:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(data->cpu_type,"Power");
data/atlc-4.6.1/tests/try_aix.c:69:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(data->hw_platform,"7015-930_or_7016-730");
data/atlc-4.6.1/tests/try_aix.c:70:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(data->mhz,"25");
data/atlc-4.6.1/tests/try_aix.c:71:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(data->cpu_type,"Power");
data/atlc-4.6.1/tests/try_aix.c:75:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(data->hw_platform,"7013-540");
data/atlc-4.6.1/tests/try_aix.c:76:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(data->mhz,"30");
data/atlc-4.6.1/tests/try_aix.c:77:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(data->cpu_type,"Power");
data/atlc-4.6.1/tests/try_aix.c:81:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(data->hw_platform,"7013-540");
data/atlc-4.6.1/tests/try_aix.c:82:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(data->mhz,"30");
data/atlc-4.6.1/tests/try_aix.c:83:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(data->cpu_type,"Power");
data/atlc-4.6.1/tests/try_aix.c:87:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(data->hw_platform,"7013-53H");
data/atlc-4.6.1/tests/try_aix.c:88:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(data->mhz,"33");
data/atlc-4.6.1/tests/try_aix.c:89:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(data->cpu_type,"Power");
data/atlc-4.6.1/tests/try_aix.c:93:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(data->hw_platform,"7013-550");
data/atlc-4.6.1/tests/try_aix.c:94:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(data->mhz,"41.6");
data/atlc-4.6.1/tests/try_aix.c:95:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(data->cpu_type,"Power");
data/atlc-4.6.1/tests/try_aix.c:99:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(data->hw_platform,"7015-930");
data/atlc-4.6.1/tests/try_aix.c:100:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(data->mhz,"25");
data/atlc-4.6.1/tests/try_aix.c:101:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(data->cpu_type,"Power");
data/atlc-4.6.1/tests/try_aix.c:105:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(data->hw_platform,"7015-950");
data/atlc-4.6.1/tests/try_aix.c:106:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(data->mhz,"41");
data/atlc-4.6.1/tests/try_aix.c:107:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(data->cpu_type,"Power");
data/atlc-4.6.1/tests/try_aix.c:111:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(data->hw_platform,"7013-520");
data/atlc-4.6.1/tests/try_aix.c:112:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(data->mhz,"20");
data/atlc-4.6.1/tests/try_aix.c:113:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(data->cpu_type,"Power");
data/atlc-4.6.1/tests/try_aix.c:117:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(data->hw_platform,"7012-320");
data/atlc-4.6.1/tests/try_aix.c:118:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(data->mhz,"20");
data/atlc-4.6.1/tests/try_aix.c:119:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(data->cpu_type,"Power");
data/atlc-4.6.1/tests/try_aix.c:123:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(data->hw_platform,"7013-52H");
data/atlc-4.6.1/tests/try_aix.c:124:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(data->mhz,"25");
data/atlc-4.6.1/tests/try_aix.c:125:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(data->cpu_type,"Power");
data/atlc-4.6.1/tests/try_aix.c:129:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(data->hw_platform,"7012-32H");
data/atlc-4.6.1/tests/try_aix.c:130:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(data->mhz,"25");
data/atlc-4.6.1/tests/try_aix.c:131:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(data->cpu_type,"Power");
data/atlc-4.6.1/tests/try_aix.c:135:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(data->hw_platform,"7012-340");
data/atlc-4.6.1/tests/try_aix.c:136:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(data->mhz,"33");
data/atlc-4.6.1/tests/try_aix.c:137:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(data->cpu_type,"Power");
data/atlc-4.6.1/tests/try_aix.c:141:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(data->hw_platform,"7012-350");
data/atlc-4.6.1/tests/try_aix.c:142:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(data->mhz,"41");
data/atlc-4.6.1/tests/try_aix.c:143:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(data->cpu_type,"Power");
data/atlc-4.6.1/tests/try_aix.c:147:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(data->hw_platform,"7011-220");
data/atlc-4.6.1/tests/try_aix.c:148:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(data->mhz,"33");
data/atlc-4.6.1/tests/try_aix.c:149:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(data->cpu_type,"RSC");
data/atlc-4.6.1/tests/try_aix.c:153:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(data->hw_platform,"7008-M20_or_7008-M2A");
data/atlc-4.6.1/tests/try_aix.c:154:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(data->mhz,"33");
data/atlc-4.6.1/tests/try_aix.c:155:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(data->cpu_type,"Power");
data/atlc-4.6.1/tests/try_aix.c:159:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(data->hw_platform,"7011-250");
data/atlc-4.6.1/tests/try_aix.c:160:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(data->mhz,"66");
data/atlc-4.6.1/tests/try_aix.c:161:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(data->cpu_type,"PowerPC");
data/atlc-4.6.1/tests/try_aix.c:165:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(data->hw_platform,"7011-230");
data/atlc-4.6.1/tests/try_aix.c:166:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(data->mhz,"45");
data/atlc-4.6.1/tests/try_aix.c:167:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(data->cpu_type,"RSC");
data/atlc-4.6.1/tests/try_aix.c:171:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(data->hw_platform,"7009-C10");
data/atlc-4.6.1/tests/try_aix.c:172:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(data->mhz,"80");
data/atlc-4.6.1/tests/try_aix.c:173:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(data->cpu_type,"PowerPC");
data/atlc-4.6.1/tests/try_aix.c:177:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(data->hw_platform,"9076-SP2_Thin_or_9076-SP2_Thin");
data/atlc-4.6.1/tests/try_aix.c:178:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(data->mhz,"67");
data/atlc-4.6.1/tests/try_aix.c:179:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(data->cpu_type,"Power2");
data/atlc-4.6.1/tests/try_aix.c:183:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(data->hw_platform,"7012-380_or_7030-3AT");
data/atlc-4.6.1/tests/try_aix.c:184:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(data->mhz,"59");
data/atlc-4.6.1/tests/try_aix.c:185:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(data->cpu_type,"Power2");
data/atlc-4.6.1/tests/try_aix.c:189:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(data->hw_platform,"9076-SP2_Thin_w-L2");
data/atlc-4.6.1/tests/try_aix.c:190:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(data->mhz,"67");
data/atlc-4.6.1/tests/try_aix.c:191:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(data->cpu_type,"Power2");
data/atlc-4.6.1/tests/try_aix.c:195:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(data->memory,"%ld",sysconf(_SC_AIX_REALMEM)/1024);
data/atlc-4.6.1/tests/try_bsd.c:87:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(data->cpus,"%d ", cpus);
data/atlc-4.6.1/tests/try_bsd.c:101:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(data->memory,"%d", ram/(1024*1024));
data/atlc-4.6.1/tests/try_hpux.c:93:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(data->max_cpus,"%ld",max_CPUs);
data/atlc-4.6.1/tests/try_hpux.c:98:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(data->cpus,"%ld",CPUs_online);
data/atlc-4.6.1/tests/try_hpux.c:102:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(data->cpu_type,"%ld",_CPU_REVISION);
data/atlc-4.6.1/tests/try_hpux.c:103:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(data->fpu_type,"%ld",_FPU_MODEL);
data/atlc-4.6.1/tests/try_hpux.c:111:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(data->memory,"%ld",(long) (0.5+ram));
data/atlc-4.6.1/tests/try_hpux.c:119:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(data->mhz,"%.1f",clock_speed_in_Hz/1000000);
data/atlc-4.6.1/tests/try_irix.c:67:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(data->cpus,"%ld ",CPUs_online);
data/atlc-4.6.1/tests/try_irix.c:77:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(data->mhz,"%d",(int) invp->inv_controller);
data/atlc-4.6.1/tests/try_irix.c:79:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(data->cpu_type,"%d",invp->inv_state);
data/atlc-4.6.1/tests/try_irix.c:81:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(data->fpu_type,"%d",invp->inv_state);
data/atlc-4.6.1/tests/try_irix.c:89:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(data->memory,"%d", invp->inv_state);
data/atlc-4.6.1/tests/try_irix.c:91:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(data->L1data,"%d", invp->inv_state/1024);
data/atlc-4.6.1/tests/try_irix.c:93:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(data->L1instruction,"%d", invp->inv_state/1024);
data/atlc-4.6.1/tests/try_irix.c:95:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(data->L2,"%d", invp->inv_state/1024);
data/atlc-4.6.1/tests/try_irix.c:97:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(data->L2,"%d", invp->inv_state/1024);
data/atlc-4.6.1/tests/try_irix.c:102:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(data->hw_provider,"SGI");
data/atlc-4.6.1/tests/try_linux.c:82:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(data->cpus,"%d", sysconf( _SC_NPROCESSORS_CONF));
data/atlc-4.6.1/tests/try_portable.c:153:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(data->cpus,"%ld",sysconf(_SC_NPROCESSORS_ONLN));
data/atlc-4.6.1/tests/try_solaris.c:93:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(data->max_cpus,"%ld",max_CPUs);
data/atlc-4.6.1/tests/try_solaris.c:104:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(data->mhz,"%d",clock_speed_in_MHz);
data/atlc-4.6.1/tests/try_tru64.c:67:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hw[100];
data/atlc-4.6.1/tests/try_tru64.c:84:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(data->max_cpus,"%d",cpu_state_buffer.cs_cpu_slots);
data/atlc-4.6.1/tests/try_tru64.c:85:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(data->cpus,"%d",cpucountset(cpu_state_buffer.cs_running));
data/atlc-4.6.1/tests/try_tru64.c:93:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(data->mhz,"%d",cpu_info_buffer.mhz);
data/atlc-4.6.1/tests/try_tru64.c:118:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(data->memory,"%d\n", int_buff/1024);
data/atlc-4.6.1/tests/try_unicos.c:49:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(data->cpus,"%ld",CPUs_online);
data/atlc-4.6.1/tests/try_unicos.c:56:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(data->mhz,"%.1f",1e6/cpu_cycle_time_in_ps);
data/atlc-4.6.1/tests/try_unicos.c:64:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(data->hw_provider,"Cray");
data/atlc-4.6.1/tools/src/get_options.c:76:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errbuf[2];
data/atlc-4.6.1/tools/src/locatediff.c:46:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if( (fp1=fopen(argv[1],"rb")) == NULL)
data/atlc-4.6.1/tools/src/locatediff.c:51:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if( (fp2=fopen(argv[2],"rb")) == NULL)
data/atlc-4.6.1/tools/src/myfilelength.c:49:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( (fp=fopen(argv[1],"rb")) == NULL)
data/atlc-4.6.1/tools/src/mymd5sum.c:203:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( (void *) (ctx->buffer + left), (void *) input, fill );
data/atlc-4.6.1/tools/src/mymd5sum.c:219:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( (void *) (ctx->buffer + left), (void *) input, length );
data/atlc-4.6.1/tools/src/mymd5sum.c:286:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char output[33];
data/atlc-4.6.1/tools/src/mymd5sum.c:288:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char md5sum[16], buffer[1000];
data/atlc-4.6.1/tools/src/mymd5sum.c:300:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( output + j * 2, "%02x", md5sum[j] );
data/atlc-4.6.1/tools/src/mymd5sum.c:318:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if( ! ( f = fopen( argv[1], "rb" ) ) )
data/atlc-4.6.1/src/atlc.c:102:10: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
(void) strcpy(output_prefix,"");
data/atlc-4.6.1/src/atlc.c:257:36: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
image_data[i]=(unsigned char)fgetc(image_data_fp);
data/atlc-4.6.1/src/create_bmp_for_circ_in_circ.c:105:16: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
filename=strncpy(filename, argv[my_optind+4],1000);
data/atlc-4.6.1/src/get_file_pointer_with_right_filename.c:54:12: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
basename=strncpy(basename,filename,strlen(filename)-4);
data/atlc-4.6.1/src/get_file_pointer_with_right_filename.c:54:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
basename=strncpy(basename,filename,strlen(filename)-4);
data/atlc-4.6.1/src/get_options.c:80:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(void) fwrite(argv[0], (unsigned)strlen(argv[0]),1,stderr);
data/atlc-4.6.1/src/get_options.c:81:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(void) fwrite(s, (unsigned)strlen(s),1,stderr);
data/atlc-4.6.1/tests/try_aix.c:58:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(model,data->machine,10);
data/atlc-4.6.1/tests/try_aix.c:65:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(data->max_cpus,"1");
data/atlc-4.6.1/tests/try_portable.c:99:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
string_length=strlen(data->sysname);
data/atlc-4.6.1/tests/try_portable.c:108:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
string_length=strlen(data->nodename);
data/atlc-4.6.1/tests/try_portable.c:117:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
string_length=strlen(data->release);
data/atlc-4.6.1/tests/try_portable.c:126:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
string_length=strlen(data->version);
data/atlc-4.6.1/tests/try_portable.c:134:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
string_length=strlen(data->machine);
data/atlc-4.6.1/tests/try_tru64.c:104:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
string_length=strlen(procid);
data/atlc-4.6.1/tests/try_tru64.c:124:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
string_length=strlen(hw);
data/atlc-4.6.1/tools/src/get_options.c:82:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(void) fwrite(argv[0], (unsigned)strlen(argv[0]),1,stderr);
data/atlc-4.6.1/tools/src/get_options.c:83:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(void) fwrite(s, (unsigned)strlen(s),1,stderr);
data/atlc-4.6.1/tools/src/mymd5sum.c:295:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
md5_update( &ctx, (uint8 *) msg[i], strlen( msg[i] ) );
ANALYSIS SUMMARY:
Hits = 258
Lines analyzed = 13621 in approximately 0.63 seconds (21694 lines/second)
Physical Source Lines of Code (SLOC) = 8519
Hits@level = [0] 1071 [1] 19 [2] 212 [3] 0 [4] 27 [5] 0
Hits@level+ = [0+] 1329 [1+] 258 [2+] 239 [3+] 27 [4+] 27 [5+] 0
Hits/KSLOC@level+ = [0+] 156.004 [1+] 30.2852 [2+] 28.0549 [3+] 3.16939 [4+] 3.16939 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.