Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/3rdParty/vcpkg_ports/ports/rappture/config.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/3rdParty/vcpkg_ports/ports/rappture/unistd.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/boinc_api.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/boinc_api.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/boinc_api_fortran.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/boinc_gl.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/boinc_glut.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/boinc_opencl.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/boinc_opencl.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/graphics2.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/graphics2.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/graphics2_unix.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/graphics2_win.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/graphics_api.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/graphics_api.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/graphics_data.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/graphics_data.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/graphics_impl.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/graphics_impl.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/graphics_impl_lib.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/graphics_lib.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/graphics_lib.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/gutil.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/gutil.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/gutil_text.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/mac_icon.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/make_app_icon_h.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/reduce.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/reduce_lib.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/reduce_main.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/static_graphics.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/windows_opengl.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/x_opengl.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/x_opengl.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/graphics2_util.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/apps/1sec.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/apps/concat.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/apps/error.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/apps/upper_case.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/acct_mgr.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/acct_mgr.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/acct_setup.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/acct_setup.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app_config.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app_config.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app_control.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app_graphics.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app_start.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/async_file.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/async_file.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/auto_update.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/auto_update.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/boinc_log.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/check_security.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/check_state.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_msgs.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_msgs.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_state.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_types.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_types.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/coproc_sched.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/coproc_sched.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cpp.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cpu_benchmark.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cpu_sched.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_account.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_apps.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_benchmark.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_cmdline.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_files.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_notice.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_notice.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_platforms.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_prefs.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_proxy.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_proxy.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_scheduler.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_statefile.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_trickle.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_trickle.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/current_version.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/current_version.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/dhrystone.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/dhrystone.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/dhrystone2.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/file_names.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/file_xfer.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/file_xfer.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gpu_amd.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gpu_detect.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gpu_detect.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gpu_intel.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gpu_nvidia.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gpu_opencl.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gui_http.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gui_http.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gui_rpc_server.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gui_rpc_server_ops.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_linux.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_network.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix_test.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_win.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_wsl.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/http_curl.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/http_curl.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/log_flags.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/log_flags.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/mac_address.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/mac_address.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/main.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/main.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/net_stats.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/net_stats.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/pers_file_xfer.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/pers_file_xfer.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/project.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/project.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/project_list.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/project_list.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/result.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/result.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/rr_sim.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/rr_sim.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/sandbox.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/sandbox.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/scheduler_op.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/setprojectgrp.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/sim.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/sim.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/sim_util.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/sysmon_win.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/sysmon_win.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/thread.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/thread.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/time_stats.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/time_stats.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/whetstone.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/work_fetch.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/work_fetch.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/file_names.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/rrsim_test.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_state.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/scheduler_op.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/switcher.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/boinc_cmd.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gui_rpc_server.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientctrl/boincsvcctrl.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/AccountInfoPage.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/AccountInfoPage.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/AccountManagerInfoPage.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/AccountManagerInfoPage.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/AccountManagerProcessingPage.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/AccountManagerProcessingPage.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/AccountManagerPropertiesPage.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/AccountManagerPropertiesPage.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/AdvancedFrame.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/AlreadyExistsPage.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/AlreadyExistsPage.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/AsyncRPC.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/AsyncRPC.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/BOINCBaseFrame.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/BOINCBaseFrame.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/BOINCBaseView.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/BOINCBaseView.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/BOINCBaseWizard.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/BOINCBaseWizard.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/BOINCClientManager.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/BOINCDialupManager.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/BOINCDialupManager.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/BOINCGUIApp.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/BOINCListCtrl.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/BOINCListCtrl.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/BOINCTaskBar.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/BOINCTaskBar.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/BOINCTaskCtrl.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/BOINCTaskCtrl.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/CompletionErrorPage.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/CompletionErrorPage.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/CompletionPage.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/CompletionPage.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/DlgAbout.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/DlgAbout.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/DlgAdvPreferences.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/DlgAdvPreferences.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/DlgAdvPreferencesBase.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/DlgAdvPreferencesBase.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/DlgDiagnosticLogFlags.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/DlgDiagnosticLogFlags.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/DlgEventLog.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/DlgEventLog.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/DlgEventLogListCtrl.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/DlgEventLogListCtrl.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/DlgExclusiveApps.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/DlgExclusiveApps.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/DlgExitMessage.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/DlgExitMessage.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/DlgGenericMessage.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/DlgGenericMessage.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/DlgHiddenColumns.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/DlgHiddenColumns.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/DlgItemProperties.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/DlgItemProperties.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/DlgOptions.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/DlgOptions.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/DlgSelectComputer.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/DlgSelectComputer.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/Events.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/Localization.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/Localization.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/LogBOINC.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/LogBOINC.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/MainDocument.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/NoInternetConnectionPage.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/NoInternetConnectionPage.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/NotDetectedPage.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/NotDetectedPage.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/NotFoundPage.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/NotFoundPage.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/NoticeListCtrl.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/NoticeListCtrl.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/ProjectInfoPage.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/ProjectInfoPage.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/ProjectProcessingPage.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/ProjectProcessingPage.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/ProjectPropertiesPage.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/ProjectPropertiesPage.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/ProjectWelcomePage.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/ProjectWelcomePage.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/ProxyInfoPage.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/ProxyInfoPage.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/ProxyPage.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/ProxyPage.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/SkinManager.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/SkinManager.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/TermsOfUsePage.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/TermsOfUsePage.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/UnavailablePage.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/UnavailablePage.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/ValidateAccountKey.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/ValidateAccountKey.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/ValidateEmailAddress.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/ValidateEmailAddress.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/ValidateURL.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/ValidateURL.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/ViewMessages.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/ViewMessages.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/ViewNotices.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/ViewNotices.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/ViewProjects.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/ViewProjects.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/ViewResources.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/ViewResources.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/ViewStatistics.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/ViewStatistics.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/ViewTransfers.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/ViewTransfers.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/ViewWork.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/ViewWork.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/WizardAttach.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/WizardAttach.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/_wx_intellisense.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/common/wxPieCtrl.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/common/wxPieCtrl.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/gtk/taskbarex.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/gtk/taskbarex.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/msw/taskbarex.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/msw/taskbarex.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/sg_BoincSimpleFrame.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/sg_CustomControls.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/sg_CustomControls.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/sg_DlgMessages.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/sg_DlgMessages.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/sg_DlgPreferences.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/sg_DlgPreferences.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/sg_PanelBase.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/sg_PanelBase.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/sg_ProjectCommandPopup.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/sg_ProjectCommandPopup.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/sg_ProjectPanel.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/sg_ProjectPanel.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/sg_ProjectWebSitesPopup.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/sg_ProjectWebSitesPopup.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/sg_TaskCommandPopup.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/sg_TaskCommandPopup.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/sg_TaskPanel.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/sg_TaskPanel.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/stdwx.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/stdwx.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/wizardex.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/wizardex.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/MainDocument.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/BOINCGUIApp.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/sg_BoincSimpleFrame.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/AdvancedFrame.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/BOINCClientManager.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/Mac_Saver_Module.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/Mac_Saver_ModuleView.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/gfx_switcher.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/mac_saver_module.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/screensaver.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/screensaver.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/screensaver_win.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/screensaver_win.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/screensaver_x11.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/ss_app.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clienttray/tray_win.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clienttray/tray_win.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/coverity-model.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db_types.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/db_base.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/db_base.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/app_ipc.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/app_ipc.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/average.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/average.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/base64.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/base64.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/boinc_fcgi.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/boinc_fcgi.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/boinc_win.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/boinc_win.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/cal_boinc.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/cc_config.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/cc_config.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/cert_sig.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/cert_sig.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/cl_boinc.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/coproc.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/coproc.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/crypt.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/daemonmgt.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/daemonmgt_win.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/diagnostics.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/diagnostics.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/diagnostics_win.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/diagnostics_win.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/error_numbers.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/filesys.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client_ops.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client_print.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/hostinfo.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/hostinfo.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/idlemon.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/idlemon_win.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/keyword.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/keyword.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/md5.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/md5.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/md5_file.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/md5_file.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/md5_test.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/mem_usage.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/mem_usage.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/mfile.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/miofile.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/miofile.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/msg_log.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/msg_log.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/msg_queue.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/msg_queue.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/msg_test.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/network.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/network.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/notice.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/notice.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/opencl_boinc.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/opencl_boinc.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/parse.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/parse.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/prefs.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/prefs.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/proc_control.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/proc_control.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/procinfo.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/procinfo.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/procinfo_mac.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/procinfo_unix.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/procinfo_win.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/project_init.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/project_init.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/proxy_info.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/proxy_info.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/run_app_windows.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/run_app_windows.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/sched_msgs.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/sched_msgs.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/shmem.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/shmem.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/shmem_test.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/stackwalker_imports.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/stackwalker_win.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/stackwalker_win.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/std_fixes.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/str_replace.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/str_util.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/str_util.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/synch.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/synch.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/synch_test.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/translate.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/translate.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/unix_util.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/url.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/url.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/util.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/util.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/win_util.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/win_util.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/wslinfo.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/wslinfo.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/x_util.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/crypt.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/unix_util.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/crypt_prog.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/mfile.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/parse_test.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/filesys.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/common_defs.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/project_specific_defines.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/condor/boinc_gahp.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/cygwin_fstab/fstab.c Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/example_app/Mac/app_icon.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/example_app/slide_show.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/example_app/uc2.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/example_app/uc2.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/example_app/uc2_dll.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/example_app/uc2_graphics.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/example_app/ucn.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/browser.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/browser.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/browserctrl_win.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/browserctrl_win.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/browserlog.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/browserlog.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/browsermain_win.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/browsermain_win.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/browserwnd_win.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/browserwnd_win.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/graphics.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/graphics.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/vboxwrapper.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/vboxwrapper.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/webapi.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/webapi.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/webboincjs.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/webboincpng.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/webindexhtml.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/webserver.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/webserver.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/webstatic.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/image_libs/bmplib.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/image_libs/bmplib.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/image_libs/tgalib.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/image_libs/tgalib.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/multi_thread/multi_thread.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/nvcuda/cuda.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/nvcuda/cuda.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/nvcuda/cuda_config.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/openclapp/openclapp.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/openclapp/openclapp.hpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/sleeper/sleeper.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxmonitor/vboxmonitor.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/floppyio.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/floppyio.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/gbac.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/gbac.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vbox_common.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vbox_common.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vbox_mscom42.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vbox_mscom42.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vbox_mscom43.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vbox_mscom43.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vbox_mscom50.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vbox_mscom50.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vbox_mscom51.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vbox_mscom51.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vbox_mscom52.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vbox_mscom52.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vbox_mscom60.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vbox_mscom60.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vbox_mscom_impl.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vbox_mscom_impl.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vbox_vboxmanage.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vbox_vboxmanage.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vboxcheckpoint.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vboxcheckpoint.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vboxjob.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vboxjob.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vboxlogging.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vboxlogging.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vboxwrapper.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vboxwrapper.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/worker/worker.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/wrapper/regerror.c Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/wrapper/regexp.c Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/wrapper/regexp.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/wrapper/regexp_custom.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/wrapper/regexp_int.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/wrapper/regexp_memory.c Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/wrapper/regexp_report.c Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/wrapper/regmagic.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/wrapper/regsub.c Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/wrapper/wrapper.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/wrappture/fermi.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/wrappture/wrappture.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/wrappture/wrappture.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/wrappture/wrappture_example.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/adjust_user_priority.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/antique_file_deleter.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/assimilate_handler.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/assimilator.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/census.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/credit.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/credit.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/credit_test.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_purge.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/delete_file.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/edf_sim.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/edf_sim.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/feeder.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_deleter.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_upload_handler.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/get_file.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/hr.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/hr.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/hr_info.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/hr_info.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/make_work.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/message_handler.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/plan_class_spec.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/plan_class_spec.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/put_file.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sample_assimilator.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sample_bitwise_validator.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sample_dummy_assimilator.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sample_substr_validator.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sample_trivial_validator.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sample_work_generator.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_array.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_array.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_assign.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_assign.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_check.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_check.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_config.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_config.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_customize.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_customize.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_files.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_files.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_hr.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_hr.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_keyword.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_keyword.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_limit.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_limit.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_locality.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_locality.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_main.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_main.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_nci.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_nci.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_resend.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_resend.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_result.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_result.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_score.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_score.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_shmem.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_shmem.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_timezone.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_timezone.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_types.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_types.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_util.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_util.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_util_basic.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_util_basic.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_version.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_version.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/script_assimilator.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/script_validator.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/show_shmem.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/single_job_assimilator.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/size_regulator.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/target_batch.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/time_stats_log.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/time_stats_log.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/transitioner.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/trickle_credit.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/trickle_deadline.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/trickle_echo.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/trickle_handler.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/trickle_handler.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/update_stats.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/validate_util.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/validate_util.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/validate_util2.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/validate_util2.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/validator.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/validator.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/validator_test.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/wu_check.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_driver.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tests/unit-tests/lib/test_parse.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tests/unit-tests/lib/test_str_util.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tests/unit-tests/lib/test_url.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tests/unit-tests/sched/test_credit.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/backend_lib.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/backend_lib.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/cancel_jobs.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/create_work.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/dir_hier_move.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/dir_hier_path.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/hr_db_convert.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/kill_wu.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/poll_wu.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/process_input_template.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/process_input_template.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/process_result_template.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/remote_submit_test.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/sign_executable.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/updater.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/des.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/sched_vda.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/sched_vda.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/ssim.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/stats.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/stats.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda_lib.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda_lib.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda_lib2.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda_policy.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda_policy.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vdad.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/boinc_zip.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/boinc_zip.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/test.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/testzlibconflict.cpp Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/api.c Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/apihelp.c Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/consts.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/crc32.c Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/crc32.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/crypt.c Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/crypt.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/ebcdic.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/explode.c Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/extract.c Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/fileio.c Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/globals.c Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/globals.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/inflate.c Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/inflate.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/list.c Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/match.c Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/process.c Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/ttyio.c Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/ttyio.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unix/unix.c Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unix/unxcfg.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unreduce.c Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unshrink.c Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unzip.c Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unzip.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unzpriv.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unzvers.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/win32/nt.c Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/win32/nt.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/win32/w32cfg.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/win32/win32.c Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/win32/win32i64.c Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/zip.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/zipinfo.c Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/__p___mb_cur_max.c Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/crc32.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/crypt.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/deflate.c Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/ebcdic.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/revision.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/tailor.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/trees.c Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/ttyio.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/unix/osdep.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/unix/z_unix.c Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/unix/zipup.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/util.c Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/nt.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/osdep.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32_boinc.c Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32i64.c Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32zip.c Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32zip.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/z_nt.c Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/zipup.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_globals.c Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/ziperr.h Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c Examining data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipup.c FINAL RESULTS: data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/graphics2_util.cpp:78:22: [5] (race) chmod: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchmod( ) instead. if (retval == 0) chmod(shmem_name, 0660); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_types.cpp:261:22: [5] (race) chmod: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchmod( ) instead. retval = chmod(pathname, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_types.cpp:267:22: [5] (race) chmod: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchmod( ) instead. retval = chmod(pathname, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_types.cpp:276:22: [5] (race) chmod: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchmod( ) instead. retval = chmod(pathname, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_types.cpp:282:22: [5] (race) chmod: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchmod( ) instead. retval = chmod(pathname, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/file_names.cpp:137:10: [5] (race) chmod: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchmod( ) instead. chmod(PROJECTS_DIR, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/file_names.cpp:153:9: [5] (race) chmod: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchmod( ) instead. chmod(p.project_dir(), data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/file_names.cpp:190:9: [5] (race) chmod: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchmod( ) instead. chmod(SLOTS_DIR, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/file_names.cpp:208:9: [5] (race) chmod: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchmod( ) instead. chmod(buf, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gui_rpc_server.cpp:175:9: [5] (race) chmod: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchmod( ) instead. chmod(GUI_RPC_PASSWD_FILE, S_IRUSR|S_IWUSR | S_IRGRP | S_IWGRP); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gui_rpc_server.cpp:177:9: [5] (race) chmod: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchmod( ) instead. chmod(GUI_RPC_PASSWD_FILE, S_IRUSR|S_IWUSR); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gui_rpc_server.cpp:185:9: [5] (race) chmod: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchmod( ) instead. chmod(GUI_RPC_PASSWD_FILE, S_IRUSR|S_IWUSR | S_IRGRP); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gui_rpc_server.cpp:187:9: [5] (race) chmod: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchmod( ) instead. chmod(GUI_RPC_PASSWD_FILE, S_IRUSR|S_IWUSR); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/setprojectgrp.cpp:57:22: [5] (race) chown: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchown( ) instead. retval = chown(argv[1], (uid_t)-1, project_gid); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/gfx_switcher.cpp:343:5: [5] (race) chmod: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchmod( ) instead. chmod("/Users/Shared/test_log_gfx_switcher.txt", 0666); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/screensaver.cpp:609:13: [5] (race) chmod: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchmod( ) instead. chmod(shmem_name, 0666); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/filesys.cpp:770:9: [5] (race) chmod: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchmod( ) instead. if (chmod(newf, sbuf.st_mode)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/filesys.cpp:773:9: [5] (race) chown: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchown( ) instead. if (chown(newf, sbuf.st_uid, sbuf.st_gid)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/filesys.cpp:857:13: [5] (race) chown: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchown( ) instead. if (chown(path, (uid_t)-1, gid)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/idlemon_win.cpp:85:5: [5] (misc) SetSecurityDescriptorDacl: Never create NULL ACLs; an attacker can set it to Everyone (Deny All Access), which would even forbid administrator access (CWE-732). SetSecurityDescriptorDacl( &sd, TRUE, NULL, FALSE ); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/idlemon_win.cpp:85:5: [5] (misc) SetSecurityDescriptorDacl: Never create NULL ACLs; an attacker can set it to Everyone (Deny All Access), which would even forbid administrator access (CWE-732). SetSecurityDescriptorDacl( &sd, TRUE, NULL, FALSE ); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/idlemon_win.cpp:160:5: [5] (misc) SetSecurityDescriptorDacl: Never create NULL ACLs; an attacker can set it to Everyone (Deny All Access), which would even forbid administrator access (CWE-732). SetSecurityDescriptorDacl( &sd, TRUE, NULL, FALSE ); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/idlemon_win.cpp:160:5: [5] (misc) SetSecurityDescriptorDacl: Never create NULL ACLs; an attacker can set it to Everyone (Deny All Access), which would even forbid administrator access (CWE-732). SetSecurityDescriptorDacl( &sd, TRUE, NULL, FALSE ); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/util.cpp:664:23: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. ssize_t ret = readlink(links[i], path, max_len - 1); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vbox_common.cpp:1021:5: [5] (misc) SetSecurityDescriptorDacl: Never create NULL ACLs; an attacker can set it to Everyone (Deny All Access), which would even forbid administrator access (CWE-732). SetSecurityDescriptorDacl(&sd, true, NULL, false); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vbox_common.cpp:1021:5: [5] (misc) SetSecurityDescriptorDacl: Never create NULL ACLs; an attacker can set it to Everyone (Deny All Access), which would even forbid administrator access (CWE-732). SetSecurityDescriptorDacl(&sd, true, NULL, false); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vbox_common.cpp:1291:5: [5] (misc) SetSecurityDescriptorDacl: Never create NULL ACLs; an attacker can set it to Everyone (Deny All Access), which would even forbid administrator access (CWE-732). SetSecurityDescriptorDacl(&sd, true, NULL, false); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vbox_common.cpp:1291:5: [5] (misc) SetSecurityDescriptorDacl: Never create NULL ACLs; an attacker can set it to Everyone (Deny All Access), which would even forbid administrator access (CWE-732). SetSecurityDescriptorDacl(&sd, true, NULL, false); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vbox_mscom_impl.cpp:2669:5: [5] (misc) SetSecurityDescriptorDacl: Never create NULL ACLs; an attacker can set it to Everyone (Deny All Access), which would even forbid administrator access (CWE-732). SetSecurityDescriptorDacl(&sd, true, NULL, false); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vbox_mscom_impl.cpp:2669:5: [5] (misc) SetSecurityDescriptorDacl: Never create NULL ACLs; an attacker can set it to Everyone (Deny All Access), which would even forbid administrator access (CWE-732). SetSecurityDescriptorDacl(&sd, true, NULL, false); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/sched_vda.cpp:201:25: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. ssize_t n = readlink(buf, dst_path, sizeof(dst_path)-1); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda_lib2.cpp:97:17: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. ssize_t n = readlink(path, buf, sizeof(buf)-1); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda_lib2.cpp:308:17: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. ssize_t n = readlink(linkpath, filepath, sizeof(filepath)-1); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/fileio.c:375:17: [5] (race) chmod: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchmod( ) instead. chmod(G.filename, S_IREAD | S_IWRITE); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/fileio.c:382:13: [5] (race) chmod: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchmod( ) instead. chmod(G.filename, 0); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/match.c:426:9: [5] (buffer) gets: Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead. gets(pat); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/match.c:431:13: [5] (buffer) gets: Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead. gets(str); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unix/unix.c:660:17: [5] (race) chmod: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchmod( ) instead. if (chmod(G.filename, G.pInfo->file_attr | 0700)) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unix/unix.c:1214:13: [5] (race) chown: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchown( ) instead. if (chown(G.filename, (uid_t)z_uidgid[0], (gid_t)z_uidgid[1])) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unix/unix.c:1265:9: [5] (race) chmod: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchmod( ) instead. if (chmod(G.filename, filtattr(__G__ G.pInfo->file_attr))) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unix/unix.c:1356:9: [5] (race) chown: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchown( ) instead. chown(UxAtt(d)->fn, (uid_t)UxAtt(d)->uidgid[0], data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unix/unix.c:1376:9: [5] (race) chmod: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchmod( ) instead. if (chmod(d->fn, UxAtt(d)->perms)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:1317:10: [5] (race) chmod: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchmod( ) instead. return chmod(f, a); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:2164:7: [5] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. Risk is high; the length parameter appears to be a constant, instead of computing the number of characters left. strncat(buf, split_path, SPLIT_MAXPATH); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.h:698:29: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. # define rdsymlnk(p,b,n) readlink(p,b,n) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/boinc_api.cpp:309:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "%s%s", SHM_PREFIX, aid.shmem_seg_name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/boinc_api.cpp:1341:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/boinc_api.cpp:1349:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/boinc_api.cpp:1628:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "%s%s", UPLOAD_FILE_REQ_PREFIX, name.c_str()); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/graphics2.cpp:23:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/graphics2.cpp:23:18: [4] (format) _snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/graphics2_unix.cpp:276:13: [4] (shell) popen: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. f = popen("sw_vers -productVersion", "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/graphics2_unix.cpp:278:13: [4] (buffer) fscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. fscanf(f, "%s", vers); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/graphics_lib.cpp:101:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(resolved_name, "./%s", graphics_lib); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/mac_icon.cpp:176:9: [4] (shell) popen: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. f = popen(buf, "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/acct_mgr.cpp:30:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/acct_mgr.cpp:30:18: [4] (format) _snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app.cpp:56:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app.cpp:56:18: [4] (format) _snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app_control.cpp:26:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app_control.cpp:26:18: [4] (format) _snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app_control.cpp:636:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(path, "%s/%s", slot_dir, BOINC_FINISH_CALLED_FILE); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app_control.cpp:662:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(path, "%s/%s", slot_dir, TEMPORARY_EXIT_FILE); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app_control.cpp:986:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(path, "%s/%s", slot_dir, STDERR_FILE); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app_control.cpp:1559:17: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "%s checkpointed", atp->result->name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app_control.cpp:1588:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(path, "%s/%s", slot_dir, TASK_STATE_FILENAME); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app_control.cpp:1619:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(path, "%s/%s", slot_dir, TASK_STATE_FILENAME); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app_graphics.cpp:63:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf2, "<window_station>%s</window_station>", m.window_station); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app_graphics.cpp:64:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(buf, buf2); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app_graphics.cpp:67:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf2, "<desktop>%s</desktop>", m.desktop); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app_graphics.cpp:68:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(buf, buf2); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app_graphics.cpp:71:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf2, "<display>%s</display>", m.display); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app_graphics.cpp:72:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(buf, buf2); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app_start.cpp:27:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app_start.cpp:27:18: [4] (format) _snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app_start.cpp:153:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(seg_name, "%sboinc_%d", SHM_PREFIX, i); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app_start.cpp:171:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(init_data_path, "%s/%s", slot_dir, INIT_DATA_FILE); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app_start.cpp:309:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(init_data_path, "%s/%s", slot_dir, INIT_DATA_FILE); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app_start.cpp:883:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "Can't change directory to %s: %s", slot_dir, boincerror(retval)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app_start.cpp:1123:13: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(buf, exec_path); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app_start.cpp:1145:22: [4] (shell) execv: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. retval = execv(switcher_path, argv); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app_start.cpp:1149:22: [4] (shell) execv: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. retval = execv(buf, argv); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/async_file.cpp:31:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/async_file.cpp:31:18: [4] (format) _snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/boinc_cmd.cpp:581:57: [4] (misc) getlogin: It's often easy to fool getlogin. Sometimes it does not work at all, because some program messed up the utmp file. Often, it gives only the first 8 characters of the login name. The user currently logged in on the controlling tty of our program need not be the user who started it. Avoid getlogin() for security-related purposes (CWE-807). Use getpwuid(geteuid()) and extract the desired information instead. retval = rpc.run_graphics_app(argv[3], operand, getlogin()); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/boinc_log.cpp:23:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/boinc_log.cpp:23:21: [4] (format) _snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/boinc_log.cpp:93:5: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. system("cls"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/check_security.cpp:266:17: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(full_path, "/Library/Screen Savers/%s.saver/Contents/Resources/gfx_switcher", saverName[i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/check_security.cpp:636:9: [4] (shell) popen: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. f = popen(buf, "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_msgs.cpp:20:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_msgs.cpp:20:18: [4] (format) _snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_msgs.cpp:148:5: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. vsnprintf(buf, sizeof(buf), fmt, ap); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_msgs.cpp:162:5: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. vsnprintf(buf, sizeof(buf), fmt, ap); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_msgs.h:65:29: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. __attribute__ ((format (printf, 3, 4))) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_msgs.h:74:29: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. __attribute__ ((format (printf, 4, 5))) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_state.cpp:47:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_state.cpp:47:18: [4] (format) _snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_state.cpp:236:15: [4] (shell) popen: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. FILE *f = popen("sw_vers -productVersion", "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_state.cpp:442:10: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. if (!system(buf)) {} data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_state.cpp:1937:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "Unrecoverable error for task %s", res.name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_state.cpp:1979:17: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_types.cpp:41:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_types.cpp:41:18: [4] (format) _snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_benchmark.cpp:58:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_benchmark.cpp:58:18: [4] (format) _snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_benchmark.cpp:284:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(benchmark_descs[i].filename, "%s_%d.xml", CPU_BENCHMARKS_FILE_NAME, i); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_cmdline.cpp:249:13: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(BOINC_VERSION_STRING " " HOSTTYPE "\n"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_files.cpp:34:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_files.cpp:34:18: [4] (format) _snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_notice.cpp:28:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_notice.cpp:28:18: [4] (format) _snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_notice.cpp:193:5: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. sscanf(buf, "%s %d %s %d %d:%d:%d", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_notice.cpp:618:5: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(path, len, NOTICES_DIR"/%.128s.xml", buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_notice.cpp:624:5: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(path, len, NOTICES_DIR"/archive_%s.xml", buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_platforms.cpp:112:41: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. #error Mac client now requires a 64-bit system data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_platforms.cpp:136:16: [4] (shell) popen: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. if ((f=popen(cmdline,"r"))) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_platforms.cpp:187:29: [4] (shell) popen: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. f = popen(cmdline, "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_platforms.cpp:252:16: [4] (shell) execv: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. rv=execv(argv[0],argv); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_scheduler.cpp:38:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_scheduler.cpp:38:18: [4] (format) _snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_scheduler.cpp:617:21: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(project->master_url, url1.c_str()); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_statefile.cpp:32:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_statefile.cpp:32:18: [4] (format) _snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_trickle.cpp:31:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_trickle.cpp:31:18: [4] (format) _snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/file_names.cpp:23:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/file_names.cpp:23:18: [4] (format) _snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/file_names.cpp:82:13: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(buf, p->project_dir()); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/file_names.cpp:329:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "%s/boinc_version_%d_%d_%d", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/file_xfer.cpp:27:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/file_xfer.cpp:27:18: [4] (format) _snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gpu_amd.cpp:27:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gpu_amd.cpp:27:18: [4] (format) _snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gpu_detect.cpp:63:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gpu_detect.cpp:63:18: [4] (format) _snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gpu_nvidia.cpp:71:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gpu_nvidia.cpp:71:18: [4] (format) _snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gpu_nvidia.cpp:303:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "NVIDIA: %s", dlerror()); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gpu_nvidia.cpp:395:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "NVIDIA library reports %d GPU%s", cuda_ndevs, (cuda_ndevs==1)?"":"s"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gpu_opencl.cpp:25:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gpu_opencl.cpp:25:18: [4] (format) _snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gpu_opencl.cpp:156:13: [4] (shell) popen: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. f = popen("sw_vers -productVersion", "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gpu_opencl.cpp:158:13: [4] (buffer) fscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. fscanf(f, "%s", vers); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gpu_opencl.cpp:232:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "OpenCL: %s", dlerror()); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gpu_opencl.cpp:1102:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(op.name, type); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gui_rpc_server.cpp:264:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(addr.sun_path, GUI_RPC_FILE); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gui_rpc_server_ops.cpp:57:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gui_rpc_server_ops.cpp:57:18: [4] (format) _snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gui_rpc_server_ops.cpp:1191:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(path, "%s/%s", p->project_dir(), APP_CONFIG_FILE_NAME); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gui_rpc_server_ops.cpp:1253:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(path, "%s/app_config.xml", p->project_dir()); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gui_rpc_server_ops.cpp:1457:13: [4] (shell) popen: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. f = popen(cmd, "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gui_rpc_server_ops.cpp:2104:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(buf, sizeof(buf), data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix.cpp:686:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "Impl %s ", implementer); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix.cpp:690:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "Arch %s ", architecture); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix.cpp:694:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "Variant %s ", variant); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix.cpp:698:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "Part %s ", cpu_part); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix.cpp:702:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "Rev %s", revision); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix.cpp:1089:13: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. if (access(path, X_OK)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix.cpp:1094:14: [4] (shell) popen: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. fd = popen(cmd, "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix.cpp:1377:15: [4] (shell) popen: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. FILE* f = popen("PATH=/usr/bin:/bin:/usr/local/bin ldd --version 2>&1", "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix.cpp:1459:15: [4] (shell) popen: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. FILE* f = popen(command_lsbrelease, "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix.cpp:1601:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(fullname, "%s/%s", tty_patterns[i].dir, devname); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix_test.cpp:155:15: [4] (shell) popen: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. FILE* f = popen("PATH=/usr/bin:/bin:/usr/local/bin ldd --version 2>&1", "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix_test.cpp:590:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "Impl %s ", implementer); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix_test.cpp:594:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "Arch %s ", architecture); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix_test.cpp:598:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "Variant %s ", variant); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix_test.cpp:602:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "Part %s ", cpu_part); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix_test.cpp:606:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "Rev %s", revision); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix_test.cpp:674:9: [4] (shell) popen: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. f = popen(command_lsbrelease, "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_win.cpp:23:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_win.cpp:23:18: [4] (format) _snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/http_curl.cpp:25:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/http_curl.cpp:25:18: [4] (format) _snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/http_curl.cpp:194:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(hdr, "[ID#%u] %s", phop->trace_id, desc); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/log_flags.cpp:24:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/log_flags.cpp:24:18: [4] (format) _snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/mac_address.cpp:287:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(address, ether_ntoa(hw_addr)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/main.cpp:29:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/main.cpp:29:18: [4] (format) _snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/project.cpp:22:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/project.cpp:22:18: [4] (format) _snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/result.cpp:26:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/result.cpp:26:18: [4] (format) _snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/rr_sim.cpp:48:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/rr_sim.cpp:48:18: [4] (format) _snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/rrsim_test.cpp:130:5: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. vsnprintf(buf, sizeof(buf), fmt, ap); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/sandbox.cpp:33:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/sandbox.cpp:33:18: [4] (format) _snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/sandbox.cpp:100:9: [4] (shell) execv: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. execv(util_path, argv); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/scheduler_op.cpp:31:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/scheduler_op.cpp:31:18: [4] (format) _snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/scheduler_op.cpp:359:17: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. n = sscanf(q, "<link rel=\"boinc_scheduler\" href=\"%s", buf2); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/sim.cpp:237:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(rp->name, "%s_%d", p->project_name, p->result_index++); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/sim.cpp:261:17: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "result %s reported; " data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/sim.cpp:266:17: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "result %s reported; " data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/sim.cpp:357:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "RPC to %s skipped - project down<br>", p->project_name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/sim.cpp:392:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "RPC to %s: %s<br>", p->project_name, buf2); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/sim.cpp:446:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "got job %s: CPU time %.2f, deadline %s<br>", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/sim.cpp:632:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "result %s finished<br>", rp->name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/sim.cpp:903:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "%s%s", outfile_prefix, TIMELINE_FNAME); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/sim.cpp:1036:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(gp_fname, "%s%s.gp", outfile_prefix, fname); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/sim.cpp:1053:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(png_fname, "%s%s.png", outfile_prefix, fname); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/sim.cpp:1054:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(cmd, "gnuplot < %s > %s", gp_fname, png_fname); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/sim.cpp:1056:5: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. system(cmd); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/sim.cpp:1061:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "%s/%s", outfile_prefix, INPUTS_FNAME); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/sim.cpp:1416:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "%s%s", infile_prefix, CONFIG_FILE); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/sim.cpp:1421:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "%s%s", outfile_prefix, "log_flags.xml"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/sim.cpp:1433:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "%s%s", infile_prefix, STATE_FILE_NAME); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/sim.cpp:1460:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "%s%s", infile_prefix, GLOBAL_PREFS_FILE_NAME); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/sim.cpp:1461:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf2, "%s%s", infile_prefix, GLOBAL_PREFS_OVERRIDE_FILE); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/sim.cpp:1510:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "%s%s", outfile_prefix, RESULTS_DAT_FNAME); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/sim.cpp:1514:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "%s%s", outfile_prefix, RESULTS_TXT_FNAME); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/sim.cpp:1591:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "%s%s", outfile_prefix, "index.html"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/sim.cpp:1594:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(log_filename, "%s%s", outfile_prefix, LOG_FNAME); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/sim.cpp:1602:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "%s%s", outfile_prefix, REC_FNAME); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/sim.cpp:1605:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "%s%s", outfile_prefix, SUMMARY_FNAME); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/sim_util.cpp:76:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "%s%02d:%02d:%02d", buf2, hours, mins, secs); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/sim_util.cpp:132:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "Starting %s<br> %s<br> deadline %s<br>", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/switcher.cpp:41:12: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). using std::strcpy; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/switcher.cpp:82:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(boinc_project_user_name, pw->pw_name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/switcher.cpp:83:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(boinc_master_user_name, pw->pw_name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/switcher.cpp:87:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(boinc_project_group_name, grp->gr_gid); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/switcher.cpp:146:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(newlibs, "../../%s:.:../..", projectDirName); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/switcher.cpp:163:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(libpath, "%s:%s", newlibs, p); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/switcher.cpp:241:14: [4] (shell) execv: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. retval = execv(argv[1], argv+2); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/sysmon_win.cpp:21:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/sysmon_win.cpp:21:18: [4] (format) _snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/time_stats.cpp:34:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/time_stats.cpp:34:18: [4] (format) _snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/work_fetch.cpp:28:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/work_fetch.cpp:28:18: [4] (format) _snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/AdvancedFrame.cpp:1483:5: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. system(s); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/BOINCClientManager.cpp:272:9: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. system ("launchctl load /Library/LaunchDaemons/edu.berkeley.boinc.plist"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/BOINCClientManager.cpp:273:9: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. system ("launchctl start edu.berkeley.boinc"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/MainDocument.cpp:1875:9: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. system(strCommand.char_str()); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/stdwx.h:209:9: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define vsnprintf _vsnprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/stdwx.h:210:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/stdwx.h:210:33: [4] (format) _snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/stdwx.h:211:33: [4] (buffer) _stprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. #define stprintf _stprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/gfx_switcher.cpp:170:13: [4] (shell) execv: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. execv(resolved_path, argv+2); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/gfx_switcher.cpp:183:17: [4] (shell) execv: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. execv(resolved_path, argv+2); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/gfx_switcher.cpp:231:13: [4] (shell) execv: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. execv(resolved_path, argv+2); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/gfx_switcher.cpp:244:17: [4] (shell) execv: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. execv(resolved_path, argv+2); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/gfx_switcher.cpp:337:5: [4] (format) vfprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. vfprintf(f, format, args); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/mac_saver_module.cpp:414:33: [4] (shell) popen: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. m_gfx_Cleanup_IPC = popen(m_gfx_Cleanup_Path, "w"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/mac_saver_module.cpp:470:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(boincPath, appPath[brandId]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/mac_saver_module.cpp:503:18: [4] (shell) execl: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. status = execl(boincPath, boincPath, "-redirectio", "-saver", (char *) 0); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/mac_saver_module.cpp:918:17: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(m_MessageText, s); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/mac_saver_module.cpp:921:17: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(m_MessageText, m_BrandText); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/mac_saver_module.cpp:1114:22: [4] (misc) getlogin: It's often easy to fool getlogin. Sometimes it does not work at all, because some program messed up the utmp file. Often, it gives only the first 8 characters of the login name. The user currently logged in on the controlling tty of our program need not be the user who started it. Avoid getlogin() for security-related purposes (CWE-807). Use getpwuid(geteuid()) and extract the desired information instead. safe_strcat(buf, getlogin()); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/mac_saver_module.cpp:1133:5: [4] (format) vfprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. vfprintf(f, format, args); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/screensaver_x11.cpp:485:8: [4] (shell) execl: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. if(execl(graphics_cmd.c_str(), graphics_cmd.c_str(), NULL)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/ss_app.cpp:36:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/ss_app.cpp:36:18: [4] (format) _snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/ss_app.cpp:123:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "%s/stat_icon", dir); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/ss_app.cpp:132:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "%s/slideshow_%02d", dir, i); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/ss_app.cpp:147:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(path, "%s/stat_icon", dir); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/ss_app.cpp:155:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(path, "%s/slideshow_%s_%02d", dir, app.name.c_str(), j); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:228:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:247:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:306:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:371:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:448:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:468:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:549:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:664:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(updates, buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:669:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(updates, buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:676:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(updates, buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:680:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(updates, buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:684:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(updates, buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:689:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(updates, buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:695:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(query, "update host set %s where id=%lu", updates, id); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:708:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(updates, buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:712:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(updates, buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:716:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(updates, buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:720:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, " domain_name='%s',", domain_name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:722:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(updates, buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:726:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, " serialnum='%s',", serialnum); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:728:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(updates, buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:732:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, " last_ip_addr='%s',", last_ip_addr); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:734:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(updates, buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:738:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(updates, buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:742:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(updates, buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:746:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(updates, buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:750:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(updates, buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:754:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(updates, buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:758:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(updates, buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:762:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(updates, buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:766:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, " p_vendor='%s',", p_vendor); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:768:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(updates, buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:772:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, " p_model='%s',", p_model); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:774:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(updates, buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:778:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(updates, buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:782:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(updates, buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:786:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(updates, buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:790:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, " os_name='%s',", os_name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:792:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(updates, buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:796:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, " os_version='%s',", os_version); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:798:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(updates, buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:802:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(updates, buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:806:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(updates, buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:810:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(updates, buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:814:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(updates, buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:818:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(updates, buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:822:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(updates, buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:826:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(updates, buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:830:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(updates, buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:834:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(updates, buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:838:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(updates, buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:842:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, " venue='%s',", venue); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:844:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(updates, buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:848:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(updates, buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:852:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(updates, buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:856:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, " host_cpid='%s',", host_cpid); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:858:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(updates, buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:862:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, " external_ip_addr='%s',", external_ip_addr); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:864:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(updates, buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:869:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(updates, buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:874:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, " product_name='%s',", product_name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:876:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(updates, buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:880:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(updates, buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:884:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(updates, buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:888:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(updates, buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:894:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(query, "update host set %s where id=%lu", updates, id); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:932:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:947:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:994:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1098:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf( data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1140:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf( data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1302:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(query, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1320:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1348:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1669:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(query, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1789:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(updates, buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1793:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(updates, buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1797:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(updates, buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1801:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(updates, buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1808:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(updates, buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1812:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(updates, buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1816:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(updates, buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1827:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(query, "update workunit set %s where id=%lu", updates, ti.id); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1916:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(query, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2111:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(query, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2155:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(query, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2211:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(query, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2353:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(query, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2417:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(query, buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2713:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2751:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2883:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/db_base.cpp:128:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(query, "SET SESSION TRANSACTION ISOLATION LEVEL %s", level_str); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/db_base.cpp:136:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, "query: %s\n", p); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/db_base.cpp:206:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(query, "insert into %s set %s", table_name, vals); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/db_base.cpp:228:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(query, "select * from %s where id=%lu", table_name, id); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/db_base.cpp:248:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(query, "update %s set %s where id=%lu", table_name, vals, get_id()); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/db_base.cpp:261:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(query, "update %s set %s where id=%lu and %s", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/db_base.cpp:265:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(query, "update %s set %s where id=%lu", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/db_base.cpp:276:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(query, "delete from %s where id=%lu", table_name, get_id()); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/db_base.cpp:282:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(query, "delete from %s where %s", table_name, where_clause); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/db_base.cpp:292:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(query, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/db_base.cpp:316:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(query, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/db_base.cpp:334:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(query, "select max(id) from %s %s", table_name, clause); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/db_base.cpp:346:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(query, "select * from %s %s", table_name, clause); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/db_base.cpp:361:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(query, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/db_base.cpp:380:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(query, "select * from %s %s", table_name, clause); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/db_base.cpp:459:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(query, "select count(*) from %s %s", table_name, clause); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/db_base.cpp:467:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(query, "select sum(%s) from %s %s", field, table_name, clause); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/boinc_fcgi.cpp:41:5: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. int fprintf(FCGI_FILE *fp, const char *format, ...) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/boinc_fcgi.cpp:49:5: [4] (format) vfprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. int vfprintf(FCGI_FILE *fp, const char *format, va_list ap) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/boinc_fcgi.cpp:77:5: [4] (buffer) fscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. If the scanf format is influenceable by an attacker, it's exploitable. int fscanf(FCGI_FILE *fp, const char *format, ...) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/boinc_fcgi.cpp:83:11: [4] (buffer) vsscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. If the scanf format is influenceable by an attacker, it's exploitable. int i=vsscanf(buf,format,va); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/boinc_fcgi.h:23:8: [4] (buffer) fscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. #undef fscanf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/boinc_fcgi.h:28:8: [4] (format) vfprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. #undef vfprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/boinc_fcgi.h:29:8: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. #undef fprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/boinc_fcgi.h:59:5: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. int fprintf(FCGI_FILE *fp, const char *format, ...); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/boinc_fcgi.h:61:5: [4] (format) vfprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. int vfprintf(FCGI_FILE *fp, const char *format, va_list ap); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/boinc_fcgi.h:73:5: [4] (buffer) fscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. If the scanf format is influenceable by an attacker, it's exploitable. int fscanf(FCGI_FILE *fp, const char *format, ...); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/boinc_win.h:40:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/boinc_win.h:40:21: [4] (format) _snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/coproc.cpp:34:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/coproc.cpp:34:18: [4] (format) _snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/coproc.h:249:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "%s reported bad GPU peak FLOPS %f; using %f", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/crypt.cpp:32:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/crypt.cpp:32:21: [4] (format) _snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/diagnostics.cpp:929:9: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. vsnprintf(szBuffer, sizeof(szBuffer), pszFormat, ptr); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/diagnostics.cpp:980:5: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. vsnprintf(szBuffer, sizeof(szBuffer), pszFormat, ptr); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/filesys.cpp:29:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/filesys.cpp:29:19: [4] (format) _snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/filesys.cpp:710:12: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. return system(cmd); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/filesys.cpp:792:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "mv \"%s\" \"%s\"", old, newf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/filesys.cpp:798:18: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. retval = system(buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/filesys.cpp:971:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(path, relname); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/filesys.cpp:1016:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(temp_path, "%s/%s_XXXXXX", dir, prefix); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/filesys.cpp:1027:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(dir, path); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client.cpp:25:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client.cpp:25:18: [4] (format) _snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client.cpp:255:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(addr_un.sun_path, GUI_RPC_FILE); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client.cpp:424:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(msg_buf, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client.cpp:446:17: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(path, "%s/%s", p, GUI_RPC_PASSWD_FILE); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client.cpp:450:25: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(msg_buf, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client.cpp:455:25: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(msg_buf, "%s not found. Try reinstalling BOINC.", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client.cpp:463:17: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(msg_buf, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client.cpp:473:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(path, "%s/%s", LINUX_DEFAULT_DATA_DIR, GUI_RPC_PASSWD_FILE); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client.cpp:477:21: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(msg_buf, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client.cpp:488:17: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(msg_buf, "No BOINC data directory was specified, and %s was not found in the current directory (%s). See https://boinc.berkeley.edu/gui_rpc.php for more information.", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client.cpp:500:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(msg_buf, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client.cpp:505:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(msg_buf, "%s not found. Try reinstalling BOINC.", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client_ops.cpp:1452:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/md5_file.cpp:34:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/md5_file.cpp:34:18: [4] (format) _snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/mfile.cpp:69:12: [4] (format) vprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. int MFILE::vprintf(const char* format, va_list ap) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/mfile.cpp:73:9: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. k = vsnprintf(buf2, BUFSIZE, format, ap); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/mfile.cpp:95:12: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. int MFILE::printf(const char* format, ...) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/mfile.cpp:100:16: [4] (format) vprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. n = MFILE::vprintf(format, ap); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/mfile.h:43:9: [4] (format) vprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. int vprintf(const char* format, va_list); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/mfile.h:44:9: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. int printf(const char* format, ...); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/miofile.cpp:73:14: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. int MIOFILE::printf(const char* format, ...) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/miofile.cpp:80:22: [4] (format) vprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. retval = mf->vprintf(format, ap); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/miofile.cpp:84:18: [4] (format) vfprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. retval = vfprintf(f, format, ap); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/miofile.cpp:88:18: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. retval = vsnprintf(wbuf+cursize, remaining_len, format, ap); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/miofile.h:63:9: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. int printf(const char* format, ...); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/msg_log.cpp:96:15: [4] (format) vprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. void MSG_LOG::vprintf(int kind, const char* format, va_list va) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/msg_log.cpp:106:5: [4] (format) vfprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. vfprintf(output, format, va); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/msg_log.cpp:119:9: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. vsnprintf(sprefix, sizeof(sprefix),prefix_format, va); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/msg_log.cpp:146:9: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. vsnprintf(sprefix, sizeof(sprefix), prefix_format, va); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/msg_log.cpp:165:15: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. void MSG_LOG::printf(int kind, const char* format, ...) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/msg_log.cpp:168:5: [4] (format) vprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. vprintf(kind, format, va); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/msg_log.cpp:194:21: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. void SCOPE_MSG_LOG::printf(const char* format, ...) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/msg_log.cpp:197:14: [4] (format) vprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. messages.vprintf(kind, format, va); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/msg_log.h:39:8: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. #undef printf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/msg_log.h:40:8: [4] (format) vprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. #undef vprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/msg_log.h:58:10: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. void printf(int kind, const char* format, ...) __attribute__ ((format (printf, 3, 4))); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/msg_log.h:58:76: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. void printf(int kind, const char* format, ...) __attribute__ ((format (printf, 3, 4))); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/msg_log.h:59:110: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. void printf_multiline(int kind, const char* str, const char* prefix_format, ...) __attribute__ ((format (printf, 4, 5))); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/msg_log.h:60:110: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. void printf_file(int kind, const char* filename, const char* prefix_format, ...) __attribute__ ((format (printf, 4, 5))); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/msg_log.h:61:10: [4] (format) vprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. void vprintf(int kind, const char* format, va_list va); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/msg_log.h:92:10: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. void printf(const char* format, ...) __attribute__ ((format (printf, 2, 3))); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/msg_log.h:92:66: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. void printf(const char* format, ...) __attribute__ ((format (printf, 2, 3))); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/msg_log.h:93:100: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. void printf_multiline(const char* str, const char* prefix_format, ...) __attribute__ ((format (printf, 3, 4))); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/msg_log.h:94:100: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. void printf_file(const char* filename, const char* prefix_format, ...) __attribute__ ((format (printf, 3, 4))); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/network.cpp:39:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/network.cpp:39:18: [4] (format) _snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/network.cpp:49:12: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. using std::sprintf; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/opencl_boinc.cpp:34:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/opencl_boinc.cpp:34:18: [4] (format) _snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/parse.cpp:156:5: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(p, buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/parse.cpp:234:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(p, replacement); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/parse.cpp:235:5: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(p, temp); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/parse.cpp:259:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(p, replacement); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/parse.cpp:260:5: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(p, temp); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/parse.cpp:329:13: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(p, buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/parse.cpp:360:13: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(p, buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/parse.cpp:368:17: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(p, buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/parse.cpp:394:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(buf, in.c_str()); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/parse.cpp:552:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(tag, parsed_tag); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/parse.cpp:568:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(end_tag+1, start_tag); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/parse.cpp:643:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(end_tag+1, start_tag); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/parse.cpp:678:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(end_tag+1, start_tag); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/parse.cpp:713:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(end_tag+1, start_tag); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/parse.cpp:748:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(end_tag+1, start_tag); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/parse.cpp:783:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(end_tag+1, start_tag); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/parse.cpp:835:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(end_tag+1, start_tag); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/procinfo_mac.cpp:103:10: [4] (shell) popen: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. fd = popen("env -i ps -axcopid,ppid,rss,vsz,pagein,time,command", "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/procinfo_unix.cpp:194:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(pidpath, "/proc/%s/psinfo", piddir->d_name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/procinfo_unix.cpp:207:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(pidpath, "/proc/%s/usage", piddir->d_name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/procinfo_unix.cpp:223:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(pidpath, "/proc/%s/stat", piddir->d_name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.cpp:168:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "<authenticator>%s</authenticator>\n", authenticator); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.cpp:175:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, " <phys_name>%s</phys_name>\n", boinc_names[i].c_str()); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.cpp:181:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(url, "%sjob_file.php", project_url); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.cpp:228:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "<authenticator>%s</authenticator>\n", authenticator); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.cpp:235:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "<phys_name>%s</phys_name>\n", boinc_names[i].c_str()); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.cpp:241:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(url, "%sjob_file.php", project_url); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.cpp:285:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(request, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.cpp:297:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(url, "%ssubmit_rpc_handler.php", project_url); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.cpp:338:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.cpp:356:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(url, "%ssubmit_rpc_handler.php", project_url); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.cpp:423:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.cpp:451:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, " <name>%s</name>\n", job.job_name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.cpp:460:17: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.cpp:469:17: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.cpp:490:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(url, "%ssubmit_rpc_handler.php", project_url); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.cpp:538:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "<authenticator>%s</authenticator>\n", authenticator); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.cpp:543:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "<batch_name>%s</batch_name>\n", batch_names[i].c_str()); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.cpp:547:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(url, "%ssubmit_rpc_handler.php", project_url); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.cpp:670:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "<authenticator>%s</authenticator>\n", authenticator); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.cpp:673:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(url, "%ssubmit_rpc_handler.php", project_url); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.cpp:750:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "<authenticator>%s</authenticator>\n", authenticator); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.cpp:755:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "<batch_name>%s</batch_name>\n", batch_name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.cpp:759:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(url, "%ssubmit_rpc_handler.php", project_url); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.cpp:800:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "<authenticator>%s</authenticator>\n", authenticator); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.cpp:803:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "<job_name>%s</job_name>\n", job_names[i].c_str()); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.cpp:807:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(url, "%ssubmit_rpc_handler.php", project_url); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.cpp:853:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "<authenticator>%s</authenticator>\n", authenticator); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.cpp:856:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "<app_name>%s</app_name>\n", app_name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.cpp:859:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "<job_name>%s</job_name>\n", job_name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.cpp:863:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(url, "%ssubmit_rpc_handler.php", project_url); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.cpp:952:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(url, "%sget_output.php?cmd=workunit_file&auth_str=%s&wu_name=%s&file_num=%d", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.cpp:960:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "couldn't fetch %s: %d", url, retval); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.cpp:976:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "<authenticator>%s</authenticator>\n", authenticator); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.cpp:978:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "<job_name>%s</job_name>\n", job_name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.cpp:981:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(url, "%ssubmit_rpc_handler.php", project_url); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.cpp:1023:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "<authenticator>%s</authenticator>\n", authenticator); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.cpp:1025:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "<batch_name>%s</batch_name>\n", batch_name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.cpp:1028:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(url, "%ssubmit_rpc_handler.php", project_url); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.cpp:1073:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "<authenticator>%s</authenticator>\n", authenticator); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.cpp:1075:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "<batch_name>%s</batch_name>\n", batch_name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.cpp:1080:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(url, "%ssubmit_rpc_handler.php", project_url); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.cpp:1123:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(url, "%ssubmit_rpc_handler.php", project_url); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/shmem.cpp:25:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/shmem.cpp:25:18: [4] (format) _snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/shmem.cpp:73:13: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. using FCGI::fprintf; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/shmem.cpp:76:12: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. using std::fprintf; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/str_replace.h:60:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/str_replace.h:60:18: [4] (format) _snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/str_util.cpp:148:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf( day_buf, "%.2f day%s ", days, (days>1?"s":"") ); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/str_util.cpp:150:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf( day_buf, "%d day%s ", (int)days, (days>1?"s":"") ); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/str_util.cpp:181:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "%s%s%s%s%s", year_buf, day_buf, hour_buf, min_buf, sec_buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/str_util.cpp:318:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(str, s.c_str()); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/str_util.cpp:353:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(str, s.c_str()); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/str_util.cpp:402:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(str, s.c_str()); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/str_util.cpp:821:13: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(boinc, in); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/str_util.cpp:823:13: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(vbox, in); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/str_util.cpp:825:13: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(coprocs, in); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/str_util.cpp:894:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(fname, name.c_str()); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/unix_util.cpp:102:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf,"%s=%s",name,value); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/util.cpp:26:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/util.cpp:26:18: [4] (format) _snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/util.cpp:479:9: [4] (shell) execvp: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. execvp(file, argv); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/condor/boinc_gahp.cpp:67:5: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf( "%s" fmt, response_prefix, ##__VA_ARGS__ ); \ data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/condor/boinc_gahp.cpp:130:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(ext, q); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/condor/boinc_gahp.cpp:141:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(f.boinc_name, "%s%s", md5, ext); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/condor/boinc_gahp.cpp:257:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(infile.physical_name, "%s", lf.boinc_name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/condor/boinc_gahp.cpp:392:17: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, " %s %s", j.job_name.c_str(), j.status.c_str()); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/condor/boinc_gahp.cpp:495:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(path, "%s", req.stderr_filename.c_str()); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/condor/boinc_gahp.cpp:497:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(path, "%s/%s", req.dir, req.stderr_filename.c_str()); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/condor/boinc_gahp.cpp:501:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "can't\\ open\\ stderr\\ output\\ file\\ %s ", path); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/condor/boinc_gahp.cpp:512:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(path, "%s/%s_output.zip", req.dir, req.job_name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/condor/boinc_gahp.cpp:520:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "cd %s; unzip -o %s_output.zip >/dev/null", req.dir, req.job_name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/condor/boinc_gahp.cpp:521:22: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. retval = system(buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/condor/boinc_gahp.cpp:530:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(path, "%s/%s", req.dir, td.output_files[i].c_str()); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/condor/boinc_gahp.cpp:554:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(path, "%s/%s", req.dir, lname); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/condor/boinc_gahp.cpp:577:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(dst_path, "%s/%s", req.dir, of.dest); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/condor/boinc_gahp.cpp:579:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "mv '%s/%s' '%s'", req.dir, of.src, dst_path); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/condor/boinc_gahp.cpp:580:18: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. retval = system(buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/condor/boinc_gahp.cpp:703:13: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. int n = sscanf(in, "%s %d", cmd, &id); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/condor/boinc_gahp.cpp:752:5: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. sscanf(p, "%s", cmd); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/condor/boinc_gahp.cpp:794:17: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. int n = sscanf(p, "%s %s %s", cmd, project_url, authenticator); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/condor/boinc_gahp.cpp:889:13: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(stderr,SVN_VERSION"\n"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/cygwin_fstab/fstab.c:77:5: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(path, c); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/cygwin_fstab/fstab.c:82:3: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(path, c); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/example_app/uc2_graphics.cpp:101:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "User: %s", uc_aid.user_name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/example_app/uc2_graphics.cpp:103:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "Team: %s", uc_aid.team_name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/browserlog.cpp:59:14: [4] (format) vfprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. retval = vfprintf(stderr, fmt, ap); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/browsermain_win.cpp:48:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/browsermain_win.cpp:48:18: [4] (format) _snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:98:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:98:18: [4] (format) _snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:99:9: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define vsnprintf _vsnprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:133:49: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. #define DBG(x) do { printf("%-20s ", __func__); printf x; putchar('\n'); \ data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:425:9: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. len = vsnprintf(*buf, size, fmt, ap_copy); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:438:13: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. len = vsnprintf(*buf, size, fmt, ap_copy); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:447:13: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. len = vsnprintf(*buf, len + 1, fmt, ap_copy); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:1245:8: [4] (shell) popen: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. #ifdef popen data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:1246:8: [4] (shell) popen: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. #undef popen data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:1259:9: [4] (shell) popen: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. #define popen(x, y) _popen((x), (y)) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:1653:7: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. n = vsnprintf(buf, buflen, fmt, ap); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:2042:7: [4] (shell) execle: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. execle(cmd, cmd, (char *) 0, envp); // Using (char *) 0 to avoid warning data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:2044:7: [4] (shell) execle: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. execle(interp, interp, cmd, (char *) 0, envp); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:2301:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(copy, str); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:3207:10: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. If the scanf format is influenceable by an attacker, it's exploitable. return sscanf(header, "bytes=%" INT64_FMT "-%" INT64_FMT, a, b); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:4058:9: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. if (sscanf(line, "%[^:]:%[^:]:%s", f_user, f_domain, ha1) == 3 && data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:4208:20: [4] (shell) popen: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. } else if ((fp = popen(cmd, "r")) == NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:5265:10: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. len += vsnprintf(buf + len, sizeof(buf) - len, fmt, ap); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/webserver.cpp:44:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/webserver.cpp:44:21: [4] (format) _snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/gbac.cpp:552:10: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. if (!access(GBAC_VAUNZIP_STATUS, R_OK)) { // returns zero on success data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/gbac.cpp:568:9: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. if (access(strVaFilename.c_str(), R_OK) == -1) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vbox_common.cpp:997:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(cmdline, argv[i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vbox_common.cpp:1130:19: [4] (shell) execv: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. if (-1 == execv(argv[0], argv)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vbox_common.cpp:1401:10: [4] (shell) popen: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. fp = popen(modified_command.c_str(), "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vbox_mscom_impl.cpp:2662:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(cmdline, argv[i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vbox_vboxmanage.cpp:597:17: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, ",tcp,%s,%d,,%d", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vboxlogging.cpp:58:14: [4] (format) vfprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. retval = vfprintf(stderr, fmt, ap); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vboxwrapper.cpp:112:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(path, "shared/%s", filename.c_str()); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vboxwrapper.cpp:119:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(path, "shared/%s", filename.c_str()); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vboxwrapper.cpp:125:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(path, "shared/%s", filename.c_str()); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vboxwrapper.cpp:134:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(path, "shared/%s", vm.fraction_done_filename.c_str()); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vboxwrapper.cpp:167:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(path, "shared/%s", vm.completion_trigger_file.c_str()); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vboxwrapper.cpp:190:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(path, "shared/%s", vm.temporary_exit_trigger_file.c_str()); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vboxwrapper.cpp:314:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(filename, vm.trickle_trigger_files[i].c_str()); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vboxwrapper.cpp:315:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(path, "shared/%s", filename); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vboxwrapper.cpp:341:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(filename, vm.intermediate_upload_files[i].file.c_str()); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vboxwrapper.cpp:342:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(path, "shared/%s", filename); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vboxwrapper.cpp:713:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "%s.%s", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vboxwrapper.cpp:722:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "%s_%d.%s", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vboxwrapper.cpp:728:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "%s_%d.%s", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/wrapper/regerror.c:67:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(convbuf, errors[0].msg); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/wrapper/regerror.c:76:17: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(convbuf, errors[i].msg); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/wrapper/regerror.c:81:13: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(convbuf, errors[i].msg, -errcode); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/wrapper/wrapper.cpp:255:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(buf2, p+s1_len); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/wrapper/wrapper.cpp:256:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(p, s2); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/wrapper/wrapper.cpp:257:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(p, buf2); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/wrapper/wrapper.cpp:684:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(buf, application.c_str()); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/wrapper/wrapper.cpp:688:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(app_path, "%s%s", aid.project_dir, p); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/wrapper/wrapper.cpp:918:22: [4] (shell) execv: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. retval = execv(app_path, argv); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/wrappture/wrappture.cpp:190:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(buf, application.c_str()); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/wrappture/wrappture.cpp:194:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(app_path, "%s%s", aid.project_dir, p); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/wrappture/wrappture.cpp:303:18: [4] (shell) execv: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. retval = execv(app_path, argv); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/adjust_user_priority.cpp:68:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/adjust_user_priority.cpp:77:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/antique_file_deleter.cpp:124:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/antique_file_deleter.cpp:142:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(path, entry->d_name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/antique_file_deleter.cpp:145:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_DEBUG, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/antique_file_deleter.cpp:153:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/antique_file_deleter.cpp:160:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_DEBUG,"not a regular plain file\n"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/antique_file_deleter.cpp:164:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_DEBUG,"hidden file or directory\n"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/antique_file_deleter.cpp:168:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_DEBUG,"too young: %s\n", actime(fstat.st_mtime)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/antique_file_deleter.cpp:172:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_DEBUG,"wrong owner: id %d\n", fstat.st_uid); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/antique_file_deleter.cpp:176:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/antique_file_deleter.cpp:182:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, "Deleting file '%s' (%s)\n", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/antique_file_deleter.cpp:187:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/antique_file_deleter.cpp:206:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/antique_file_deleter.cpp:219:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/antique_file_deleter.cpp:247:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/antique_file_deleter.cpp:254:18: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_DEBUG, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/antique_file_deleter.cpp:268:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_DEBUG, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/antique_file_deleter.cpp:276:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_DEBUG, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/antique_file_deleter.cpp:295:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "%s requires an argument\n\n", argv[--i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/antique_file_deleter.cpp:313:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "unknown command line argument: %s\n\n", argv[i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/antique_file_deleter.cpp:321:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/antique_file_deleter.cpp:327:18: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, "Starting\n"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/antique_file_deleter.cpp:336:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "can't open DB: %s\n", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/antique_file_deleter.cpp:343:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/antique_file_deleter.cpp:353:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/antique_file_deleter.cpp:359:18: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, "Done\n"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/assimilator.cpp:97:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/assimilator.cpp:106:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_DEBUG, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/assimilator.cpp:121:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_DEBUG, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/assimilator.cpp:132:34: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_DEBUG, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/assimilator.cpp:152:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/assimilator.cpp:162:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/assimilator.cpp:180:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/assimilator.cpp:196:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/assimilator.cpp:205:18: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/assimilator.cpp:288:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_DEBUG, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/assimilator.cpp:296:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/assimilator.cpp:304:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "boinc_db.open failed: %s\n", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/assimilator.cpp:309:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "where name='%s'", app.name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/assimilator.cpp:312:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "Can't find app: %s\n", app.name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/assimilator.cpp:320:18: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, "Starting assimilator handler\n"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/census.cpp:60:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/census.cpp:70:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/census.cpp:79:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "Can't open DB: %s\n", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/census.cpp:84:18: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, "Starting\n"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/census.cpp:89:18: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, "Finished\n"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/credit.cpp:72:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/credit.cpp:90:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/credit.cpp:101:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/credit.cpp:118:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/credit.cpp:263:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/credit.cpp:267:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/credit.cpp:298:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, "-- updating app version scales --\n"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/credit.cpp:303:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, "app %s (%lu)\n", app.name, app.id); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/credit.cpp:322:34: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/credit.cpp:330:34: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/credit.cpp:348:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/credit.cpp:358:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/credit.cpp:363:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/credit.cpp:370:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, "-------------\n"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/credit.cpp:493:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/credit.cpp:520:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/credit.cpp:533:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/credit.cpp:548:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/credit.cpp:573:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/credit.cpp:590:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/credit.cpp:599:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/credit.cpp:611:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/credit.cpp:621:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/credit.cpp:628:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/credit.cpp:646:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/credit.cpp:672:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/credit.cpp:692:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/credit.cpp:704:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/credit.cpp:714:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/credit.cpp:722:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/credit.cpp:729:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/credit.cpp:737:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/credit.cpp:743:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/credit.cpp:757:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/credit.cpp:766:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/credit.cpp:775:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/credit.cpp:784:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/credit.cpp:796:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/credit.cpp:811:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/credit.cpp:821:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/credit.cpp:828:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/credit.cpp:842:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/credit.cpp:854:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/credit.cpp:861:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/credit.cpp:969:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/credit.cpp:975:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/credit.cpp:983:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/credit.cpp:994:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/credit.cpp:1038:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/credit.cpp:1086:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/credit.cpp:1091:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:133:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:139:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:280:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "zip -q %s", current_path); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:281:22: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. int retval = system(buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:283:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:360:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:373:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "%s_%d", filename, filenum); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:396:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:461:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:648:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(path, "%s/badge_user", output_dir); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:669:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(path, "%s/badge_team", output_dir); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:765:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:844:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "%s/tables.xml", dir); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:886:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(path, "%s/%s", output_dir, filename); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:939:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(lookupclause, "where shortname = '%s'", CONSENT_TO_STATISTICS_EXPORT); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:982:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:1007:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:1026:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(lookupclause, "where shortname = '%s'", CONSENT_TO_STATISTICS_EXPORT); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:1070:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:1095:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:1125:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:1174:14: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. retval = system("cd ../html/ops; echo 2"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:1175:18: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, "db_dump starting\n"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:1180:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "%s requires an argument\n\n", argv[--i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:1187:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "%s requires an argument\n\n", argv[--i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:1196:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "%s requires an argument\n\n", argv[--i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:1205:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "%s requires an argument\n\n", argv[--i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:1217:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:1226:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "no spec file given\n"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:1233:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "spec file missing\n"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:1239:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "can't parse spec file\n"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:1246:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "Another copy of db_dump is already running\n"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:1249:18: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, "Starting\n"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:1253:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:1261:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:1274:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "Can't open DB: %s\n", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:1282:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:1297:18: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. retval = system("cd ../html/ops ; ./export_credit_by_app.php ../stats_tmp"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:1299:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:1315:14: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. retval = system(buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:1317:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:1336:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "mv %s %s_%d_%d_%d_%d_%d_%d", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:1346:18: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. retval = system(buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:1348:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "Can't rename old stats\n"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:1352:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "mv %s %s", spec.output_dir, spec.final_output_dir); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:1353:14: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. retval = system(buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:1355:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "Can't rename new stats\n"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:1358:18: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, "db_dump finished\n"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_purge.cpp:260:18: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "%s", msg); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_purge.cpp:282:17: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(errstr, "could not create directory '%s': %s\n", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_purge.cpp:309:18: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_purge.cpp:316:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "Can't open archive file %s %s\n", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_purge.cpp:324:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_purge.cpp:331:13: [4] (shell) popen: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. f = popen(command,"w"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_purge.cpp:333:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_purge.cpp:389:18: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_purge.cpp:439:18: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_purge.cpp:464:9: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. n = fprintf((FILE*)re_stream, RESULT_ARCHIVE_DATA); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_purge.cpp:479:13: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. int n = fprintf((FILE*)wu_stream, WU_ARCHIVE_DATA); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_purge.cpp:501:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. n = snprintf(buf, sizeof(buf), RESULT_ARCHIVE_DATA); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_purge.cpp:535:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. n = snprintf(buf, sizeof(buf), WU_ARCHIVE_DATA); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_purge.cpp:581:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_DEBUG, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_purge.cpp:586:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_DEBUG, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_purge.cpp:592:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_DEBUG, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_purge.cpp:627:15: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_DEBUG, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_purge.cpp:643:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(buf, buf2); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_purge.cpp:647:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(buf, buf2); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_purge.cpp:651:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(buf, buf2); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_purge.cpp:654:5: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(buf, buf2); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_purge.cpp:661:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_DEBUG, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_purge.cpp:687:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_purge.cpp:692:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_DEBUG, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_purge.cpp:700:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_DEBUG, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_purge.cpp:706:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_purge.cpp:717:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_DEBUG, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_purge.cpp:745:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_purge.cpp:752:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_DEBUG, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_purge.cpp:780:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "%s requires an argument\n\n", argv[--i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_purge.cpp:789:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "%s requires an argument\n\n", argv[--i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_purge.cpp:796:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "%s requires an argument\n\n", argv[--i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_purge.cpp:811:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "%s requires an argument\n\n", argv[--i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_purge.cpp:822:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "%s requires an argument\n\n", argv[--i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_purge.cpp:828:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_purge.cpp:843:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_purge.cpp:854:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_purge.cpp:863:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_purge.cpp:872:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_purge.cpp:878:18: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, "Starting\n"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_purge.cpp:884:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "Can't open DB: %s\n", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_purge.cpp:900:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "where name='%s'", app_name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_purge.cpp:903:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "Can't find app %s\n", app_name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_purge.cpp:913:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, "Sleeping....\n"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/edf_sim.cpp:80:5: [4] (format) vfprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. vfprintf(logfile, format, va); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/edf_sim.cpp:82:18: [4] (format) vprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.vprintf(MSG_NORMAL, format, va); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/feeder.cpp:165:18: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, "Signaled by simulator\n"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/feeder.cpp:180:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/feeder.cpp:191:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/feeder.cpp:195:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/feeder.cpp:224:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/feeder.cpp:249:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(select_clause, "%s and r1.appid=%lu", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/feeder.cpp:270:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/feeder.cpp:288:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/feeder.cpp:297:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/feeder.cpp:316:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/feeder.cpp:340:34: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_DEBUG, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/feeder.cpp:354:34: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_DEBUG, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/feeder.cpp:482:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/feeder.cpp:498:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/feeder.cpp:534:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, "checking pid %d\n", pid); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/feeder.cpp:537:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/feeder.cpp:544:18: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_DEBUG, "Added %d results to array\n", nadditions); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/feeder.cpp:546:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_DEBUG, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/feeder.cpp:576:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_DEBUG, "Waiting for signal\n"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/feeder.cpp:580:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_DEBUG, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/feeder.cpp:595:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/feeder.cpp:621:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/feeder.cpp:630:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/feeder.cpp:635:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/feeder.cpp:641:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/feeder.cpp:654:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/feeder.cpp:668:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/feeder.cpp:699:18: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, "%s\n", SVN_VERSION); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/feeder.cpp:736:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "%s requires an argument\n\n", argv[--i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/feeder.cpp:773:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "%s requires an argument\n\n", argv[--i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/feeder.cpp:782:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "%s requires two arguments\n\n", argv[i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/feeder.cpp:792:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "%s requires two arguments\n\n", argv[i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/feeder.cpp:802:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "%s requires an argument\n\n", argv[--i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/feeder.cpp:814:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "unknown command line argument: %s\n\n", argv[i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/feeder.cpp:822:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/feeder.cpp:830:18: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, "Starting\n"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/feeder.cpp:846:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "can't destroy shmem\n"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/feeder.cpp:853:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "can't create shmem\n"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/feeder.cpp:866:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/feeder.cpp:873:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/feeder.cpp:879:18: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/feeder.cpp:890:18: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/feeder.cpp:928:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/feeder.cpp:935:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_deleter.cpp:164:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "bad WU XML: %s\n", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_deleter.cpp:174:34: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_deleter.cpp:180:34: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_deleter.cpp:185:34: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_deleter.cpp:190:38: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_deleter.cpp:201:21: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(path_gz, "%s.gz", path); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_deleter.cpp:204:38: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_deleter.cpp:212:25: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(path_md5, "%s.md5", path); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_deleter.cpp:213:38: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_deleter.cpp:219:42: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_deleter.cpp:229:18: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_DEBUG, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_deleter.cpp:258:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "bad result XML: %s\n", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_deleter.cpp:269:34: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_deleter.cpp:285:34: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(msg_mode, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_deleter.cpp:293:38: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_deleter.cpp:300:38: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_deleter.cpp:309:18: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_DEBUG, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_deleter.cpp:341:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(clause, buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_deleter.cpp:344:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_deleter.cpp:354:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_DEBUG, "DB connection lost, exiting\n"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_deleter.cpp:367:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_deleter.cpp:381:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_deleter.cpp:385:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_DEBUG, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_deleter.cpp:398:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_deleter.cpp:408:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_DEBUG, "DB connection lost, exiting\n"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_deleter.cpp:421:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_deleter.cpp:435:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_deleter.cpp:439:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_DEBUG, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_deleter.cpp:489:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "%s requires an argument\n\n", argv[--i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_deleter.cpp:496:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "%s requires an argument\n\n", argv[--i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_deleter.cpp:505:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "%s requires two arguments\n\n", argv[i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_deleter.cpp:513:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "%s requires an argument\n\n", argv[--i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_deleter.cpp:520:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "%s requires an argument\n\n", argv[--i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_deleter.cpp:526:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "'%s' has no effect, this file deleter does no antique files deletion\n", argv[i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_deleter.cpp:528:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "'%s' has no effect, this file deleter does no antique files deletion\n", argv[i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_deleter.cpp:530:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "'%s' has no effect, this file deleter does no antique files deletion\n", argv[i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_deleter.cpp:532:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "'%s' has no effect, this file deleter does no antique files deletion\n", argv[i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_deleter.cpp:534:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "'%s' has no effect, this file deleter does no antique files deletion\n", argv[i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_deleter.cpp:540:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "'%s' has no effect, this file deleter does no antique files deletion\n", argv[i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_deleter.cpp:547:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "%s requires an argument\n\n", argv[--i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_deleter.cpp:559:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "unknown command line argument: %s\n\n", argv[i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_deleter.cpp:566:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_DEBUG, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_deleter.cpp:574:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_deleter.cpp:581:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_deleter.cpp:589:18: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, "Starting\n"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_deleter.cpp:593:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "can't open DB: %s\n", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_deleter.cpp:600:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_deleter.cpp:608:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "where name='%s'", app.name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_deleter.cpp:611:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "Can't find app\n"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_deleter.cpp:615:20: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_DEBUG, "Deleting files of appid %lu\n",appid); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_deleter.cpp:632:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_DEBUG, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_deleter.cpp:643:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_DEBUG, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_upload_handler.cpp:77:5: [4] (format) vsprintf: Potential format string problem (CWE-134). Make format string constant. vsprintf(buf, message, va); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_upload_handler.cpp:90:18: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_upload_handler.cpp:180:34: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_WARNING, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_upload_handler.cpp:229:34: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_upload_handler.cpp:240:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_upload_handler.cpp:297:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "can't set %03o permissions on %s: %s\n", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_upload_handler.cpp:322:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_DETAIL, "got:%s\n", buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_upload_handler.cpp:348:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_WARNING, "unrecognized: %s", buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_upload_handler.cpp:363:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(signed_xml, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_upload_handler.cpp:371:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_upload_handler.cpp:376:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, "signed xml: %s\n", signed_xml); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_upload_handler.cpp:377:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, "signature: %s\n", xml_signature); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_upload_handler.cpp:418:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_upload_handler.cpp:426:18: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_upload_handler.cpp:437:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_upload_handler.cpp:442:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_upload_handler.cpp:448:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_upload_handler.cpp:485:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_upload_handler.cpp:504:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_upload_handler.cpp:513:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_upload_handler.cpp:524:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_upload_handler.cpp:539:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_upload_handler.cpp:546:18: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_upload_handler.cpp:567:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_DETAIL, "handle_request: %s", buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_upload_handler.cpp:588:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_DEBUG, "handle_request: unrecognized %s\n", buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_upload_handler.cpp:592:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_WARNING, "handle_request: no command\n"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_upload_handler.cpp:596:18: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_DEBUG, "elapsed time %f seconds\n", dtime()-start_time); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_upload_handler.cpp:604:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "%s/upload_public", config.key_dir); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_upload_handler.cpp:624:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buffer, "FILE=%s (%.0f bytes left) ", this_filename, bytes_left); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_upload_handler.cpp:626:18: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_upload_handler.cpp:652:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(log_name, "file_upload_handler%s.log", variety.c_str()); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_upload_handler.cpp:755:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, "Using variety: %s\n", variety.c_str()); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_upload_handler.cpp:756:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(config.upload_dir, variety.c_str()); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_upload_handler.cpp:779:9: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. if (access(config.upload_dir, W_OK)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_upload_handler.cpp:780:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "can't write to upload_dir\n"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/get_file.cpp:131:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(keypath, "%s/upload_private", config.key_dir); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:105:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:139:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(filename, "%s/CGI_%07lu", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:176:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(filename, "%s/CGI_%07lu", config.sched_lockfile_dir, g_reply->host.id); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:186:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "%s%s", host_cpid, user.email_addr); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:189:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:230:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:267:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:275:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:300:34: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_DEBUG, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:313:17: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "where authenticator='%s'", user.authenticator); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:322:34: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:337:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:351:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:380:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "where authenticator='%s'", user.authenticator); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:389:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:406:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:411:34: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:439:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:472:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "host.insert() failed\n"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:509:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "cross_project_id='%s'", g_request->cross_project_id); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:543:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(buf, g_request->client_brand); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:550:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf2, "[vbox|%s|%d|%d]", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:616:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "%s%s", host.host_cpid, user.email_addr); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:626:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:723:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:729:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "Result %s is no longer usable", orp.name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:733:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:776:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:788:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, "[prefs] using working prefs\n"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:795:34: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:802:34: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:811:34: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, "[prefs] using db prefs\n"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:816:34: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, "[prefs] using default prefs\n"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:835:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, "[prefs] updating db prefs\n"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:841:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "global_prefs='%s'", g_request->global_prefs_xml); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:845:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:855:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:862:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_DEBUG, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:890:18: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, "received old code sign key\n"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:904:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(path, "%s/old_key_%d", config.key_dir, i); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:911:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:922:17: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(path, "%s/signature_%d", config.key_dir, i); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:924:17: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(path, "%s/signature_stripped_%d", config.key_dir, i); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:931:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:937:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:995:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_DEBUG, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:1017:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:1021:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "%s %s %s", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:1043:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:1047:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "%s %s %s", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:1066:18: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:1093:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:1099:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:1124:18: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:1132:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_DEBUG, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:1146:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:1239:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, "No work - skipping DB access\n"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:1258:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "No user ID!\n"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:1289:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:1294:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:1347:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "%s %s", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:1352:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:1388:34: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:1407:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:1420:34: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:1479:18: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:1491:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:1523:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "Error in request message: %s", p); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:1533:18: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/hr_info.cpp:146:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_DEBUG, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/hr_info.cpp:149:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_DEBUG, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/hr_info.cpp:168:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_DEBUG, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/hr_info.cpp:184:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_DEBUG, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/make_work.cpp:111:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf( data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/make_work.cpp:141:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/make_work.cpp:147:18: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_DEBUG, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/make_work.cpp:165:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_DEBUG, "result.count for %lu returned %ld, error: %s\n", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/make_work.cpp:169:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "result.count: %s\n", boincerror(retval)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/make_work.cpp:190:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "Can't parse config.xml: %s\n", boincerror(retval)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/make_work.cpp:196:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "can't open db: %s\n", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/make_work.cpp:204:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "where name='%s'", wu_names[i].c_str()); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/make_work.cpp:207:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/make_work.cpp:214:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(keypath, "%s/upload_private", config.key_dir); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/make_work.cpp:217:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "can't read key\n"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/make_work.cpp:227:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/make_work.cpp:236:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/make_work.cpp:242:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf( data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/make_work.cpp:258:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/make_work.cpp:303:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "%s requires an argument\n\n", argv[--i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/make_work.cpp:310:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "%s requires an argument\n\n", argv[--i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/make_work.cpp:319:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "%s requires an argument\n\n", argv[--i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/make_work.cpp:326:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "%s requires an argument\n\n", argv[--i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/make_work.cpp:342:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "unknown command line argument: %s\n\n", argv[i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/make_work.cpp:355:18: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/message_handler.cpp:79:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_DEBUG, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/message_handler.cpp:103:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/message_handler.cpp:154:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "%s requires an argument\n\n", argv[--i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/message_handler.cpp:168:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "unknown command line argument: %s\n\n", argv[i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/message_handler.cpp:176:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/message_handler.cpp:182:18: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, "Starting message handler\n"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/plan_class_spec.cpp:87:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/plan_class_spec.cpp:96:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/plan_class_spec.cpp:105:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/plan_class_spec.cpp:114:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/plan_class_spec.cpp:141:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/plan_class_spec.cpp:153:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/plan_class_spec.cpp:165:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/plan_class_spec.cpp:177:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/plan_class_spec.cpp:187:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/plan_class_spec.cpp:212:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/plan_class_spec.cpp:242:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, " %s ", sreq.host.p_features); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/plan_class_spec.cpp:245:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf2, " %s", p+1); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/plan_class_spec.cpp:251:13: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(buf, buf2); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/plan_class_spec.cpp:258:34: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/plan_class_spec.cpp:272:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/plan_class_spec.cpp:286:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/plan_class_spec.cpp:298:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/plan_class_spec.cpp:309:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/plan_class_spec.cpp:318:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/plan_class_spec.cpp:327:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/plan_class_spec.cpp:340:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/plan_class_spec.cpp:349:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/plan_class_spec.cpp:358:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/plan_class_spec.cpp:371:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/plan_class_spec.cpp:381:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/plan_class_spec.cpp:393:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/plan_class_spec.cpp:403:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/plan_class_spec.cpp:430:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/plan_class_spec.cpp:439:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/plan_class_spec.cpp:448:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/plan_class_spec.cpp:457:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/plan_class_spec.cpp:469:34: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/plan_class_spec.cpp:505:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(tag,"<%s>",project_prefs_tag); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/plan_class_spec.cpp:508:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/plan_class_spec.cpp:515:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/plan_class_spec.cpp:535:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(tag,"<%s>",gpu_utilization_tag); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/plan_class_spec.cpp:538:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/plan_class_spec.cpp:556:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/plan_class_spec.cpp:572:34: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/plan_class_spec.cpp:581:34: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/plan_class_spec.cpp:592:34: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/plan_class_spec.cpp:603:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/plan_class_spec.cpp:612:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/plan_class_spec.cpp:621:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, "%s\n", msg.c_str()); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/plan_class_spec.cpp:631:34: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/plan_class_spec.cpp:642:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/plan_class_spec.cpp:656:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/plan_class_spec.cpp:676:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/plan_class_spec.cpp:685:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/plan_class_spec.cpp:696:34: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/plan_class_spec.cpp:705:34: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/plan_class_spec.cpp:715:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, "%s\n", msg.c_str()); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/plan_class_spec.cpp:726:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/plan_class_spec.cpp:736:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, "%s\n", msg.c_str()); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/plan_class_spec.cpp:745:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/plan_class_spec.cpp:752:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/plan_class_spec.cpp:757:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, "%s\n", msg.c_str()); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/plan_class_spec.cpp:765:34: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/plan_class_spec.cpp:792:34: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/plan_class_spec.cpp:809:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/plan_class_spec.cpp:822:34: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/plan_class_spec.cpp:833:34: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/plan_class_spec.cpp:861:13: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(hu.custom_coproc_type, gpu_type); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/plan_class_spec.cpp:905:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/plan_class_spec.cpp:934:42: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/plan_class_spec.cpp:956:21: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(hu.cmdline, buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/plan_class_spec.cpp:965:13: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(hu.cmdline, buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/plan_class_spec.cpp:976:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/plan_class_spec.cpp:996:18: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "Unknown plan class: %s\n", plan_class); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/plan_class_spec.cpp:1047:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "BAD OS REGEXP: %s\n", buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/plan_class_spec.cpp:1055:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "BAD CPU VENDOR REGEXP: %s\n", buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/plan_class_spec.cpp:1063:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "BAD CPU MODEL REGEXP: %s\n", buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/plan_class_spec.cpp:1071:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "BAD HOST SUMMARY REGEXP: %s\n", buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/plan_class_spec.cpp:1086:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "BAD PROJECT PREFS REGEXP: %s\n", buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sample_assimilator.cpp:43:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(path, "%s/errors", outdir); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sample_assimilator.cpp:90:17: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "%s/%s", outdir, wu.name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sample_assimilator.cpp:92:17: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "%s/%s_%d", outdir, wu.name, i); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sample_assimilator.cpp:101:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "%s/%s_no_output_files", outdir, wu.name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sample_assimilator.cpp:108:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "%s: 0x%x\n", wu.name, wu.error_mask); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sample_bitwise_validator.cpp:85:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sample_bitwise_validator.cpp:102:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sample_dummy_assimilator.cpp:69:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sample_dummy_assimilator.cpp:74:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sample_dummy_assimilator.cpp:79:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sample_dummy_assimilator.cpp:84:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sample_substr_validator.cpp:50:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sample_work_generator.cpp:81:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(name, "%s_%d_%d", app_name, start_time, seqno++); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sample_work_generator.cpp:112:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(path, "templates/%s", out_template_file); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sample_work_generator.cpp:132:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sample_work_generator.cpp:141:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_DEBUG, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sample_work_generator.cpp:147:34: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sample_work_generator.cpp:163:34: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sample_work_generator.cpp:203:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "%s requires an argument\n\n", argv[--i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sample_work_generator.cpp:223:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "unknown command line argument: %s\n\n", argv[i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sample_work_generator.cpp:231:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sample_work_generator.cpp:241:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "can't open db: %s\n", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sample_work_generator.cpp:249:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "can't find app %s\n", app_name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sample_work_generator.cpp:255:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "can't read input template %s\n", buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sample_work_generator.cpp:262:18: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, "Starting\n"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_array.cpp:63:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_array.cpp:70:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_array.cpp:78:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_array.cpp:93:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_array.cpp:100:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_array.cpp:113:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_array.cpp:137:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_array.cpp:153:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_array.cpp:170:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_array.cpp:190:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_array.cpp:197:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_array.cpp:244:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_array.cpp:261:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_array.cpp:275:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_array.cpp:365:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_array.cpp:374:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_array.cpp:387:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_array.cpp:399:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_array.cpp:411:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_array.cpp:423:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_array.cpp:436:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_assign.cpp:116:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(path, "%s/upload_private", config.key_dir); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_assign.cpp:119:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "can't read key\n"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_assign.cpp:126:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_assign.cpp:133:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_assign.cpp:141:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_assign.cpp:153:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_assign.cpp:164:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_assign.cpp:185:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_assign.cpp:281:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_assign.cpp:287:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_assign.cpp:314:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, "checking for targeted jobs\n"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_check.cpp:67:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(message, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_check.cpp:75:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_check.cpp:92:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(message, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_check.cpp:116:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(message, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_check.cpp:212:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_check.cpp:251:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_check.cpp:260:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_check.cpp:307:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_check.cpp:316:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_check.cpp:331:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_check.cpp:403:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_check.cpp:410:34: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_check.cpp:427:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_check.cpp:434:34: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_check.cpp:455:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_check.cpp:471:34: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_check.cpp:489:34: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_check.cpp:508:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_check.cpp:515:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_check.cpp:522:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_config.cpp:162:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "wrong fuh_set_completed_permission: %s\n", buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_config.cpp:171:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "wrong fuh_set_initial_permission: %s\n", buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_config.cpp:207:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "BAD REGEXP: %s\n", buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_config.cpp:216:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "BAD REGEXP: %s\n", buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_config.cpp:242:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "BAD REGEXP: %s\n", buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_config.cpp:251:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "BAD REGEXP: %s\n", buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_config.cpp:275:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_config.cpp:284:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_config.cpp:443:5: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. vsnprintf(path + strlen(path), sizeof(path) - strlen(path), fmt, ap); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_customize.cpp:172:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_customize.cpp:219:34: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_customize.cpp:233:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_customize.cpp:242:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_customize.cpp:257:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_customize.cpp:266:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_customize.cpp:295:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL,"[version] Host has no ATI GPUs\n"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_customize.cpp:367:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_customize.cpp:418:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_customize.cpp:429:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_customize.cpp:448:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_customize.cpp:459:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_customize.cpp:472:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_customize.cpp:482:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_customize.cpp:513:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_customize.cpp:523:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_customize.cpp:596:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_customize.cpp:603:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_customize.cpp:659:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_customize.cpp:678:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_customize.cpp:723:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_customize.cpp:743:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_customize.cpp:752:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_customize.cpp:761:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_customize.cpp:778:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_customize.cpp:788:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_customize.cpp:797:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_customize.cpp:815:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_customize.cpp:824:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_customize.cpp:913:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_customize.cpp:931:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_customize.cpp:944:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_customize.cpp:951:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_customize.cpp:982:18: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_customize.cpp:991:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_files.cpp:54:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_files.cpp:75:34: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_files.cpp:85:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_keyword.cpp:57:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, "[keyword] user has no keywords; returning 0\n"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_keyword.cpp:69:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, "[keyword] job has no keywords; returning 0\n"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_keyword.cpp:77:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, "[keyword] keyword score: %f\n", s); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_limit.cpp:90:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, "missing app name\n"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_locality.cpp:89:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_locality.cpp:132:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_locality.cpp:141:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "BOINC will delete file %s when no longer needed", fi.name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_locality.cpp:167:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_locality.cpp:199:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_locality.cpp:230:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_locality.cpp:254:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_locality.cpp:265:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_locality.cpp:273:18: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_locality.cpp:310:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(help_msg_buf, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_locality.cpp:347:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_DEBUG, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_locality.cpp:361:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_locality.cpp:367:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_locality.cpp:394:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_locality.cpp:410:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_locality.cpp:461:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_locality.cpp:469:18: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_locality.cpp:516:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_locality.cpp:525:18: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_locality.cpp:549:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_locality.cpp:575:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_locality.cpp:582:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_locality.cpp:596:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(pattern, "%s__", filename); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_locality.cpp:598:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "where userid=%lu and name like binary '%s%%'", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_locality.cpp:602:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "where userid=%lu and name>binary '%s__' and name<binary '%s__~'", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_locality.cpp:620:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_locality.cpp:633:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(query, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_locality.cpp:638:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(query, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_locality.cpp:645:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(query, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_locality.cpp:650:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(query, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_locality.cpp:676:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_locality.cpp:688:21: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(query, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_locality.cpp:693:21: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(query, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_locality.cpp:712:34: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_locality.cpp:762:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_locality.cpp:772:34: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_locality.cpp:810:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_locality.cpp:826:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(query, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_locality.cpp:832:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(query, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_locality.cpp:843:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_locality.cpp:855:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(min_resultname, "%s__~", filename); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_locality.cpp:874:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_locality.cpp:928:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_locality.cpp:959:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_locality.cpp:971:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_locality.cpp:983:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_locality.cpp:1030:9: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(buf, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_locality.cpp:1041:9: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(buf, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_locality.cpp:1059:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_locality.cpp:1072:34: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_locality.cpp:1091:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_locality.cpp:1099:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_locality.cpp:1170:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_locality.cpp:1180:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_locality.cpp:1192:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_locality.cpp:1206:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_locality.cpp:1246:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_locality.cpp:1276:34: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_locality.cpp:1298:34: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_locality.cpp:1325:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_locality.cpp:1330:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "BOINC will delete file %s (no longer needed)", fi.name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_main.cpp:131:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_main.cpp:137:18: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_DEBUG, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_main.cpp:154:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_main.cpp:160:18: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_DEBUG, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_main.cpp:191:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_main.cpp:203:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "can't open database: %s\n", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_main.cpp:220:18: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_main.cpp:238:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_main.cpp:245:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_main.cpp:251:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_main.cpp:262:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_main.cpp:281:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_DEBUG, "%s", short_string); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_main.cpp:286:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_main.cpp:290:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_DEBUG, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_main.cpp:307:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_main.cpp:311:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_main.cpp:323:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_main.cpp:332:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_DEBUG, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_main.cpp:338:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_main.cpp:404:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "%s requires an argument\n\n", argv[--i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_main.cpp:417:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "unknown command line argument: %s\n\n", argv[i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_main.cpp:442:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "Server can't open log file (%s)", path); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_main.cpp:453:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "Server can't open log file for FCGI (%s)", path); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_main.cpp:465:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_main.cpp:480:34: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_main.cpp:497:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_main.cpp:511:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(path, "%s/code_sign_public", config.key_dir); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_main.cpp:514:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_main.cpp:563:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(req_path, "%s/%d_%u_sched_request.xml", config.debug_req_reply_dir, g_pid, counter); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_main.cpp:564:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(reply_path, "%s/%d_%u_sched_reply.xml", config.debug_req_reply_dir, g_pid, counter); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_main.cpp:569:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(log_path, "%s/%d_%u_sched.log", config.debug_req_reply_dir, g_pid, counter); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_main.cpp:576:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_main.cpp:584:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_DEBUG, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_main.cpp:594:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_main.cpp:603:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_main.cpp:615:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_main.cpp:626:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_main.cpp:641:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_main.cpp:673:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_main.cpp:699:18: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_main.cpp:712:18: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, "[quota] Overall limits on jobs in progress:\n"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_main.cpp:718:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_nci.cpp:38:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_nci.cpp:53:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_nci.cpp:82:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_nci.cpp:93:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_nci.cpp:100:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_nci.cpp:105:18: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_nci.cpp:121:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, "checking for NCI jobs\n"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_nci.cpp:139:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "where name='%s'", ores.name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_nci.cpp:142:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, "No such result: %s\n", ores.name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_nci.cpp:160:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_nci.cpp:168:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, "%s is beta\n", app.name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_nci.cpp:175:34: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_nci.cpp:184:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_resend.cpp:76:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_resend.cpp:87:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_resend.cpp:138:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_resend.cpp:148:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_resend.cpp:157:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_resend.cpp:164:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_resend.cpp:170:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_resend.cpp:179:34: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_resend.cpp:189:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_resend.cpp:198:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_resend.cpp:210:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_resend.cpp:219:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_resend.cpp:234:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_resend.cpp:246:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_resend.cpp:252:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(warning_msg, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_resend.cpp:259:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_resend.cpp:265:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(warning_msg, "Resent lost task %s", result.name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_resend.cpp:278:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_result.cpp:42:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_result.cpp:54:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_result.cpp:73:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_result.cpp:89:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_result.cpp:141:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_result.cpp:160:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_result.cpp:170:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_result.cpp:232:34: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_result.cpp:245:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_result.cpp:255:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_result.cpp:266:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_result.cpp:274:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_result.cpp:282:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_result.cpp:290:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_result.cpp:323:34: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_result.cpp:335:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_result.cpp:347:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_result.cpp:357:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_result.cpp:363:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_result.cpp:375:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_result.cpp:397:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "[handle] [RESULT#%lu] [WU#%lu] fixed finish file problem\n", srip->id, srip->workunitid); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_result.cpp:405:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_result.cpp:417:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_result.cpp:442:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_result.cpp:456:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_score.cpp:73:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_score.cpp:87:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_score.cpp:105:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_score.cpp:119:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_score.cpp:144:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_score.cpp:183:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_score.cpp:193:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_score.cpp:208:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_score.cpp:218:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_score.cpp:230:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_score.cpp:238:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_score.cpp:268:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_score.cpp:279:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:116:34: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:181:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:204:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:215:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:252:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:265:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:277:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:290:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:304:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:314:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:406:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:412:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:418:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:442:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:449:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:486:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:518:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:527:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:534:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(temp, p); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:535:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(p, text); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:536:5: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(p, temp); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:546:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:562:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf2, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:566:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(buf, buf2); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:595:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:622:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:645:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "<name>%s</name>\n", result.name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:648:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "<wu_name>%s</wu_name>\n", wu.name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:688:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(buf, buf2); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:696:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(buf, buf2); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:701:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(where_clause, buf2); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:751:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:759:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:767:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:775:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:788:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:804:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:819:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:831:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:844:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf2, " %s (%.2f, %.2f)", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:849:13: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(buf, buf2); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:851:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:871:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, "[send] don't need more work\n"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:912:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:917:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:943:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:951:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:956:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:983:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:994:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:1002:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:1062:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:1075:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:1081:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:1108:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:1118:17: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:1125:17: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:1176:17: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(buf, proc_type_name(i)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:1180:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(msg, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:1244:25: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(explanation, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:1281:21: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "No tasks are available for %s", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:1333:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:1339:17: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:1353:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:1460:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:1466:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:1471:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:1480:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:1489:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:1493:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:1498:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:1505:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:1514:21: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, " %.2f %s GPU", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:1520:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:1531:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:1536:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:1580:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:1585:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:1599:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:1609:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:1620:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:1648:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:1667:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:1681:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:1700:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:1724:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_shmem.cpp:105:18: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_shmem.cpp:150:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(path, "../size_census_%s", app.name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_shmem.cpp:157:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_shmem.cpp:166:34: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_timezone.cpp:86:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(longname, "%s%d", a->name, hostid); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_timezone.cpp:88:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(longname, "%s%d", b->name, hostid); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_timezone.cpp:121:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_timezone.cpp:140:16: [4] (buffer) fscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. if (2==fscanf(fp, "%d %s", &(cached[count].zone), cached[count].name)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_timezone.cpp:153:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_timezone.cpp:167:18: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_DEBUG, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_timezone.cpp:172:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_DEBUG, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_timezone.cpp:199:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. l = sprintf(start, "%s<url>%s%s</url>", i?"\n ":"", serverlist[i].name, path); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_timezone.cpp:279:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(new_xml, r); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_timezone.cpp:296:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_timezone.cpp:317:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_types.cpp:102:34: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_types.cpp:436:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_types.cpp:582:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_types.cpp:799:18: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_types.cpp:1084:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_types.cpp:1364:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_types.cpp:1438:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_types.cpp:1461:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_types.cpp:1484:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_types.cpp:1498:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_types.cpp:1584:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf2, "%s%s", user.authenticator, user.passwd_hash); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_types.cpp:1586:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "%lu_%s", user.id, out); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_types.cpp:1591:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf2, "%s%s%s", user.authenticator, user.passwd_hash, "notify_rss"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_types.cpp:1593:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "%lu_%s", user.id, out); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_types.cpp:1622:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_util.cpp:70:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(query, buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_util.cpp:74:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(query, buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_util_basic.cpp:58:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "Couldn't write pid file\n"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_util_basic.cpp:80:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, "Quitting due to SIGHUP\n"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_util_basic.cpp:85:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_util_basic.cpp:155:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(p, "%s/%s", dir, filename); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_util_basic.cpp:212:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(result, "%s/%s", root, filename); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_util_basic.cpp:217:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(result, "%s/%s/%s", root, dir, filename); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_util_basic.cpp:303:9: [4] (buffer) fscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. fscanf(fsim,"%s", currenttime); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_util_basic.cpp:307:18: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_util_basic.cpp:319:5: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(daemonfile, strcat((char*)config.project_path("simulator/"),"sim_%s.txt"),daemonname); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_util_basic.cpp:320:5: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(daemonfilelok, strcat((char*)config.project_path("simulator/"),"sim_%s.lok"),daemonname); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_version.cpp:47:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_version.cpp:52:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_version.cpp:124:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_version.cpp:142:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_version.cpp:170:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_version.cpp:187:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_version.cpp:196:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_version.cpp:205:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_version.cpp:215:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_version.cpp:232:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_version.cpp:239:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(message, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_version.cpp:319:34: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_version.cpp:331:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_version.cpp:335:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_version.cpp:342:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_version.cpp:400:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_version.cpp:413:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_version.cpp:418:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_version.cpp:423:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_version.cpp:433:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_version.cpp:442:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_version.cpp:459:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "anonymous platform (%s)", proc_type_name(bav.host_usage.proc_type)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_version.cpp:589:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_version.cpp:594:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_version.cpp:603:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_version.cpp:632:34: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_version.cpp:648:34: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_version.cpp:663:38: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_version.cpp:682:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_version.cpp:695:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_version.cpp:719:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, "[version] using %s\n", buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_version.cpp:767:38: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_version.cpp:777:42: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_version.cpp:794:34: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_version.cpp:806:34: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_version.cpp:815:34: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_version.cpp:826:34: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_version.cpp:845:34: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_version.cpp:857:34: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_version.cpp:898:42: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_version.cpp:913:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_version.cpp:921:36: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_version.cpp:932:36: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_version.cpp:939:34: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_version.cpp:956:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_version.cpp:967:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_version.cpp:972:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/script_assimilator.cpp:72:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/script_assimilator.cpp:97:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(cmd, "../bin/%s", script[0].c_str()); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/script_assimilator.cpp:106:21: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(cmd, paths[j].c_str()); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/script_assimilator.cpp:110:17: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(cmd, buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/script_assimilator.cpp:113:17: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(cmd, buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/script_assimilator.cpp:117:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(cmd, "../bin/%s --error %d %lu", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/script_assimilator.cpp:121:14: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. retval = system(cmd); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/script_validator.cpp:82:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/script_validator.cpp:122:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(cmd, "../bin/%s", init_script[0].c_str()); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/script_validator.cpp:128:17: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(cmd, paths[j].c_str()); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/script_validator.cpp:132:13: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(cmd, buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/script_validator.cpp:135:13: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(cmd, buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/script_validator.cpp:138:14: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. retval = system(cmd); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/script_validator.cpp:168:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(cmd, "../bin/%s", compare_script[0].c_str()); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/script_validator.cpp:174:17: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(cmd, paths1[j].c_str()); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/script_validator.cpp:179:17: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(cmd, paths2[j].c_str()); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/script_validator.cpp:183:13: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(cmd, buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/script_validator.cpp:186:13: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(cmd, buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/script_validator.cpp:189:13: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(cmd, buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/script_validator.cpp:192:13: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(cmd, buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/script_validator.cpp:195:14: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. retval = system(cmd); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/single_job_assimilator.cpp:75:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "Can't open job file %s\n", job_dir_file); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/single_job_assimilator.cpp:79:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "Can't read job file %s\n", job_dir_file); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/single_job_assimilator.cpp:90:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "garbage in job file: %s\n", buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/single_job_assimilator.cpp:96:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "garbage in job file: %s\n", buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/single_job_assimilator.cpp:103:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(filename, "%s/job_summary_%lu", job_dir, wu.id); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/single_job_assimilator.cpp:106:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "Can't open job summary file %s\n", filename); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/single_job_assimilator.cpp:134:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(copy_path, "%s/%s", job_dir, logical_name.c_str()); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/size_regulator.cpp:50:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, "%d unsent for class %d\n", unsent[i], i); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/size_regulator.cpp:53:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/size_regulator.cpp:58:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/size_regulator.cpp:104:18: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, "Starting\n"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/size_regulator.cpp:108:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/size_regulator.cpp:118:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/size_regulator.cpp:126:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "no such app: %s\n", app_name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/size_regulator.cpp:130:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "app '%s' is not multi-size\n", app_name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/size_regulator.cpp:137:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/size_regulator.cpp:143:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, "sleeping\n"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/target_batch.cpp:96:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/target_batch.cpp:106:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "can't open DB: %s\n", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/target_batch.cpp:196:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf (cmd_buf, "touch %s/reread_db", config.project_dir); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/target_batch.cpp:200:23: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. int ret_val = system (cmd_buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/time_stats_log.cpp:58:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/time_stats_log.cpp:66:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(filename, "%s/%d", dirname, hostid); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/time_stats_log.cpp:73:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/transitioner.cpp:74:18: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, "Signaled by simulator\n"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/transitioner.cpp:96:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/transitioner.cpp:117:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/transitioner.cpp:141:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/transitioner.cpp:194:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/transitioner.cpp:233:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/transitioner.cpp:243:34: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/transitioner.cpp:251:34: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/transitioner.cpp:266:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/transitioner.cpp:278:42: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/transitioner.cpp:284:42: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/transitioner.cpp:324:18: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_DEBUG, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/transitioner.cpp:334:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/transitioner.cpp:361:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/transitioner.cpp:389:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/transitioner.cpp:407:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/transitioner.cpp:430:34: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/transitioner.cpp:440:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/transitioner.cpp:454:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf( data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/transitioner.cpp:473:34: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/transitioner.cpp:489:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/transitioner.cpp:538:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/transitioner.cpp:553:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_DEBUG, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/transitioner.cpp:583:34: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/transitioner.cpp:591:38: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/transitioner.cpp:601:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_DEBUG, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/transitioner.cpp:663:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_DEBUG, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/transitioner.cpp:670:18: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_DEBUG, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/transitioner.cpp:677:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/transitioner.cpp:707:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/transitioner.cpp:718:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/transitioner.cpp:740:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/transitioner.cpp:747:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_DEBUG, "doing a pass\n"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/transitioner.cpp:757:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_DEBUG, "sleeping %d\n", sleep_interval); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/transitioner.cpp:792:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "%s requires an argument\n\n", argv[--i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/transitioner.cpp:801:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "%s requires two arguments\n\n", argv[i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/transitioner.cpp:810:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "%s requires an argument\n\n", argv[--i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/transitioner.cpp:825:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "unknown command line argument: %s\n\n", argv[i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/transitioner.cpp:834:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "Can't parse config.xml: %s\n", boincerror(retval)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/transitioner.cpp:838:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(path, "%s/upload_private", config.key_dir); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/transitioner.cpp:841:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "can't read key\n"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/transitioner.cpp:845:18: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, "Starting\n"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/trickle_credit.cpp:55:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "unknown arg %s\n", argv[i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/trickle_credit.cpp:60:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "missing --max_runtime arg\n"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/trickle_credit.cpp:67:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "fpops_percentile failed: %d\n", retval); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/trickle_credit.cpp:72:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "fpops_percentile failed: %d\n", retval); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/trickle_credit.cpp:76:18: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, "default FLOPS: %f\n", flops_50_percentile); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/trickle_credit.cpp:77:18: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, "max FLOPS: %f\n", flops_95_percentile); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/trickle_credit.cpp:78:18: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, "max runtime: %f\n", max_runtime); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/trickle_credit.cpp:91:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, "unexpected tag: %s\n", xp.parsed_tag); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/trickle_credit.cpp:94:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/trickle_credit.cpp:110:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/trickle_credit.cpp:116:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/trickle_credit.cpp:123:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/trickle_credit.cpp:131:18: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_DEBUG, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/trickle_deadline.cpp:49:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "unknown arg %s\n", argv[i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/trickle_deadline.cpp:54:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "missing --extension_period arg\n"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/trickle_deadline.cpp:58:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "missing --extension_timeframe arg\n"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/trickle_deadline.cpp:62:18: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/trickle_deadline.cpp:65:18: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/trickle_deadline.cpp:87:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/trickle_deadline.cpp:93:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/trickle_deadline.cpp:101:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, " where name='%s' and hostid=%lu", task_name, mfh.hostid); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/trickle_deadline.cpp:104:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/trickle_deadline.cpp:114:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/trickle_deadline.cpp:122:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_DEBUG, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/trickle_deadline.cpp:134:18: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_DEBUG, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/trickle_echo.cpp:51:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(mth.xml, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/trickle_handler.cpp:70:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "where variety='%s' and handled=%d", variety, handled_enum); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/trickle_handler.cpp:82:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/trickle_handler.cpp:138:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/trickle_handler.cpp:147:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/trickle_handler.cpp:170:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/trickle_handler.cpp:180:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/trickle_handler.cpp:190:18: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, "Starting trickle handler\n"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/update_stats.cpp:69:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "lost DB conn\n"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/update_stats.cpp:82:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "Can't update user %lu\n", user.id); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/update_stats.cpp:101:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "lost DB conn\n"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/update_stats.cpp:115:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "Can't update host %lu\n", host.id); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/update_stats.cpp:136:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/update_stats.cpp:160:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "lost DB conn\n"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/update_stats.cpp:168:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/update_stats.cpp:187:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "Can't update team %lu\n", team.id); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/update_stats.cpp:236:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "%s requires an argument\n\n", argv[--i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/update_stats.cpp:250:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "unknown command line argument: %s\n\n", argv[i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/update_stats.cpp:264:18: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, "Starting\n"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/update_stats.cpp:268:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/update_stats.cpp:275:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "Can't open DB: %s\n", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/update_stats.cpp:282:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/update_stats.cpp:291:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/update_stats.cpp:301:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/update_stats.cpp:311:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/update_stats.cpp:318:18: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, "Finished\n"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/validate_util.cpp:149:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(out, in); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/validate_util.cpp:157:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(p_out, q); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/validate_util2.cpp:87:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/validate_util2.cpp:94:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/validate_util2.cpp:100:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/validate_util2.cpp:125:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, "suspicious result - raising quorum\n"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/validate_util2.cpp:145:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/validate_util2.cpp:186:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/validate_util2.cpp:193:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/validate_util2.cpp:204:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/validate_util2.cpp:212:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/validator.cpp:148:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_DEBUG, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/validator.cpp:158:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, "DB not updated (dry run)\n"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/validator.cpp:162:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/validator.cpp:167:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_DEBUG, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/validator.cpp:202:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/validator.cpp:242:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/validator.cpp:259:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/validator.cpp:282:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/validator.cpp:309:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/validator.cpp:323:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/validator.cpp:338:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/validator.cpp:344:34: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/validator.cpp:367:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/validator.cpp:375:34: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, "DB not updated (dry run)\n"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/validator.cpp:377:34: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/validator.cpp:384:38: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/validator.cpp:393:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/validator.cpp:398:34: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, "DB not updated (dry run)\n"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/validator.cpp:402:38: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/validator.cpp:417:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/validator.cpp:445:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_DEBUG, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/validator.cpp:450:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_DEBUG, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/validator.cpp:458:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/validator.cpp:477:34: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/validator.cpp:488:38: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/validator.cpp:503:42: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/validator.cpp:511:38: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_DEBUG, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/validator.cpp:519:38: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_DEBUG, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/validator.cpp:524:38: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/validator.cpp:541:38: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/validator.cpp:585:38: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/validator.cpp:600:38: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_DEBUG, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/validator.cpp:608:38: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/validator.cpp:621:34: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/validator.cpp:628:34: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/validator.cpp:638:34: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, "DB not updated (dry run)\n"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/validator.cpp:641:38: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/validator.cpp:648:42: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/validator.cpp:657:42: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/validator.cpp:666:42: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/validator.cpp:681:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_DEBUG, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/validator.cpp:701:38: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, "DB not updated (dry run)\n"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/validator.cpp:705:42: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/validator.cpp:756:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, "DB not updated (dry run)\n"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/validator.cpp:760:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/validator.cpp:793:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_DEBUG, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/validator.cpp:814:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "where name='%s'", app_name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/validator.cpp:824:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "can't find app %s\n", app_name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/validator.cpp:947:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/validator.cpp:956:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/validator.cpp:966:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/validator.cpp:974:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/validator.cpp:979:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/validator.cpp:985:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/validator.cpp:991:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/validator.cpp:996:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/validator.cpp:1001:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/validator.cpp:1010:18: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/validator_test.cpp:83:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(r1.xml_doc_in, "<file_ref><file_name>%s</file_name></file_ref>", argv[argc-2]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/validator_test.cpp:84:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(r2.xml_doc_in, "<file_ref><file_name>%s</file_name></file_ref>", argv[argc-1]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/backend_lib.cpp:169:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(result.name, "%s_%s", wu.name, result_name_suffix); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/backend_lib.cpp:170:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(base_outfile_name, "%s_r%ld_", result.name, lrand48()); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/backend_lib.cpp:405:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(out, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/backend_lib.cpp:420:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, " <url>%s</url>\n", urls[i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/backend_lib.cpp:421:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(out, buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/backend_lib.cpp:423:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/backend_lib.cpp:443:5: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(out, buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/backend_lib.cpp:485:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(out, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/backend_lib.cpp:498:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, " <url>%s</url>\n", urls[i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/backend_lib.cpp:499:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(out, buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/backend_lib.cpp:501:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/backend_lib.cpp:526:5: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(out, buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/backend_lib.cpp:552:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(out, "<delete_file_info>%s</delete_file_info>\n", file_name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/create_work.cpp:102:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "-%s", name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/create_work.cpp:104:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "--%s", name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/create_work.cpp:232:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(jd2.wu_template, wu_templates[s]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/create_work.cpp:353:13: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(jd.wu.keywords, argv[++i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/create_work.cpp:371:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(jd.wu.name, "%s_%d_%f", app.name, getpid(), dtime()); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/create_work.cpp:374:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(jd.wu_template_file, "templates/%s_in", app.name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/create_work.cpp:377:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(jd.result_template_file, "templates/%s_out", app.name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/create_work.cpp:385:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(db_name, config.db_name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/create_work.cpp:386:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(db_passwd, config.db_passwd); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/create_work.cpp:387:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(db_user, config.db_user); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/create_work.cpp:388:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(db_host, config.db_host); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/create_work.cpp:389:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(download_dir, config.download_dir); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/create_work.cpp:400:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "where name='%s'", app.name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/create_work.cpp:426:5: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(jd.result_template_path, jd.result_template_file); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/create_work.cpp:449:21: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(jd2.wu.name, "%s_%d", jd.wu.name, j); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/create_work.cpp:473:21: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(jd2.wu.name, "%s_%d", jd.wu.name, j); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/kill_wu.cpp:80:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf,"where name='%s'",wuname.c_str()); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/poll_wu.cpp:94:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf,"where name='%s'",wuname.c_str()); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/process_input_template.cpp:57:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(md5name, "%s.md5", path); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/process_input_template.cpp:86:13: [4] (buffer) fscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. int n = fscanf(fp, "%s %lf%c", md5data, nbytes, &endline); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/process_input_template.cpp:119:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(md5name, "%s.md5", path); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/process_input_template.cpp:243:17: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/process_input_template.cpp:253:17: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(infile.name, physical_name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/process_input_template.cpp:254:17: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(infile.md5, md5); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/process_input_template.cpp:276:17: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/process_input_template.cpp:290:21: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(buf, buf2); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/process_input_template.cpp:292:17: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(infile.name, var_infile.name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/process_input_template.cpp:293:17: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(infile.md5, md5str.c_str()); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/process_input_template.cpp:298:17: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf2, "jf_%s", var_infile.md5); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/process_input_template.cpp:299:17: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/process_input_template.cpp:309:17: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(infile.name, buf2); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/process_input_template.cpp:310:17: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(infile.md5, var_infile.md5); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/process_input_template.cpp:325:21: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(top_download_path, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/process_input_template.cpp:351:21: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(gzip_path, "%s.gz", path); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/process_input_template.cpp:360:21: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(gzipped_url, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/process_input_template.cpp:369:17: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/process_input_template.cpp:381:17: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(infile.name, var_infile.name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/process_input_template.cpp:382:17: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(infile.md5, md5); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/process_input_template.cpp:439:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, " <file_name>%s</file_name>\n", id.name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/process_input_template.cpp:444:21: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, " <open_name>%s</open_name>\n", open_name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/process_input_template.cpp:458:25: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, " <open_name>%s</open_name>\n", id.name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/process_result_template.cpp:70:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(signed_xml, "<name>%s</name><max_nbytes>%.0f</max_nbytes>", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/process_result_template.cpp:74:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(signature_xml, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/process_result_template.cpp:79:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(q1, buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/process_result_template.cpp:80:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(q1, signature_xml); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/process_result_template.cpp:81:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(q1, buf2); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/process_result_template.cpp:102:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(p, q); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/process_result_template.cpp:134:13: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(buf, q); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/process_result_template.cpp:135:13: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(temp, endptr+2); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/process_result_template.cpp:136:13: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(p, base_filename); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/process_result_template.cpp:137:13: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(p, buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/process_result_template.cpp:138:13: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(p, temp); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/process_result_template.cpp:143:13: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(temp, p+strlen(UPLOAD_URL_MACRO)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/process_result_template.cpp:144:13: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(p, config_loc.upload_url); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/process_result_template.cpp:145:13: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(p, temp); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/process_result_template.cpp:162:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(result_template, temp); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/updater.cpp:82:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(old_path, "%s/%s", old_dir, file); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/updater.cpp:83:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(new_path, "%s/%s", new_dir, file); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/updater.cpp:136:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(prev_dir, "%s/prev_version", install_dir); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/updater.cpp:172:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(filepath, "%s/%s", install_dir, CORE_NAME); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/updater.cpp:188:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(filepath, "%s/%s", install_dir, MANAGER_NAME); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/sched_vda.cpp:93:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(dir, "%s/%s", vf.dir, chunk_dirs); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/sched_vda.cpp:107:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(url, "%s/%s/data.vda", buf, chunk_dirs); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/sched_vda.cpp:114:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(md5_path, "%s/md5.txt", chunk_dir); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/sched_vda.cpp:148:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/sched_vda.cpp:163:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/sched_vda.cpp:183:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "%s/data.vda", chunk_dir); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/sched_vda.cpp:193:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/sched_vda.cpp:200:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "%s/data.vda", chunk_dir); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/sched_vda.cpp:203:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/sched_vda.cpp:208:17: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "mv %s %s; chmod g+rw %s", path, dst_path, dst_path); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/sched_vda.cpp:209:26: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. retval = system(buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/sched_vda.cpp:211:34: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/sched_vda.cpp:215:34: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/sched_vda.cpp:223:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "host_id=%lu and physical_file_name='%s'", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/sched_vda.cpp:250:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/sched_vda.cpp:257:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "where file_name='%s'", fname); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/sched_vda.cpp:260:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/sched_vda.cpp:269:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/sched_vda.cpp:294:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "ch.insert() failed\n"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/sched_vda.cpp:313:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/sched_vda.cpp:336:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/sched_vda.cpp:341:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/sched_vda.cpp:347:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/sched_vda.cpp:366:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/sched_vda.cpp:378:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/sched_vda.cpp:422:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "upload_%s", ch.physical_file_name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/sched_vda.cpp:425:34: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/sched_vda.cpp:433:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/sched_vda.cpp:452:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "download_%s", ch.physical_file_name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/sched_vda.cpp:455:34: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/sched_vda.cpp:465:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/sched_vda.cpp:538:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/sched_vda.cpp:544:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/sched_vda.cpp:562:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/sched_vda.cpp:568:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/sched_vda.cpp:584:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/ssim.cpp:430:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(name, "%s.%d", parent->name, index); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/ssim.cpp:455:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(c->physical_file_name, "chunk %s on host %d", name, h->id); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/stats.cpp:52:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "%s: %f GB -> %f GB\n", name, value/1e9, v/1e9); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/stats.cpp:56:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "%s: %f Mbps -> %f Mbps\n", name, value/1e6, v/1e6); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/stats.cpp:60:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "%s: %.0f -> %.0f\n", name, value, v); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda.cpp:125:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "%s/boinc_meta.txt", dir); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda.cpp:174:14: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. retval = system("/bin/rm -rf [0-9]* Coding data.vda chunk_sizes.txt"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda.cpp:197:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "%s/boinc_meta.txt", vf.dir); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda.cpp:200:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "Can't parse policy file %s\n", buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda.cpp:205:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "Can't get file state: %d\n", retval); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda_lib.cpp:534:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda_lib.h:231:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "vda_%d_%s_%s", hostid, chunk_name, file_name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda_lib.h:237:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "vda_%d_%s", hostid, chunk_file_name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda_lib2.cpp:71:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "%s_%c%0*d.%s", base, ch, ndigits, j, ext); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda_lib2.cpp:96:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(path, "%s/data.vda", dir); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda_lib2.cpp:142:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(child_dir, "%s/%d", dir, i); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda_lib2.cpp:157:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(file_path, "%s/%d/%s", dir, i, DATA_FILENAME); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda_lib2.cpp:158:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(md5_file_path, "%s/%d/md5.txt", dir, i); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda_lib2.cpp:178:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(child_dir, "%s/%d", dir, i); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda_lib2.cpp:209:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(cmd, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda_lib2.cpp:214:13: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. int s = system(cmd); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda_lib2.cpp:221:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(cmd, "chmod g+wx %s/Coding", dir); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda_lib2.cpp:222:13: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. s = system(cmd); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda_lib2.cpp:234:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(target_path, "%s/Coding/%s", dir, enc_filename); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda_lib2.cpp:235:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(dir_name, "%s/%d", dir, i); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda_lib2.cpp:241:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(link_name, "%s/%s", dir_name, DATA_FILENAME); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda_lib2.cpp:244:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda_lib2.cpp:276:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(cmd, "mv %s/Coding/%s %s/Coding/decode_temp", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda_lib2.cpp:279:22: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. retval = system(cmd); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda_lib2.cpp:284:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(cmd, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda_lib2.cpp:289:13: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. int s = system(cmd); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda_lib2.cpp:296:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(cmd, "mv %s/Coding/decode_temp %s/Coding/%s", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda_lib2.cpp:299:18: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. retval = system(cmd); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda_lib2.cpp:307:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(linkpath, "%s/data.vda", dir); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda_lib2.cpp:314:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(cmd, "mv %s/Coding/data_decoded.vda %s", dir, filepath); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda_lib2.cpp:315:14: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. retval = system(cmd); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda_lib2.cpp:375:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(path, "%s/data.vda", dir); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda_lib2.cpp:389:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "CHUNK::assign: can't get host\n"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda_lib2.cpp:406:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "ch.insert() failed\n"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda_lib2.cpp:409:18: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda_lib2.cpp:419:18: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda_lib2.cpp:427:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(where_clause, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda_lib2.cpp:479:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "%s/%s", dir, DATA_FILENAME); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda_lib2.cpp:480:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf2, "%s/%s", dir, file_name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda_lib2.cpp:483:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "symlink %s %s failed\n", buf2, buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda_lib2.cpp:490:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "%s/chunk_sizes.txt", dir); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda_lib2.cpp:502:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "symlink %s %s failed\n", buf2, buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda_lib2.cpp:517:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "%s/chunk_sizes.txt", dir); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda_lib2.cpp:543:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda_lib2.cpp:549:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda_lib2.cpp:616:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda_lib2.cpp:623:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda_lib2.cpp:633:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda_lib2.cpp:660:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "ch.count failed\n"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda_policy.cpp:58:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(description, buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda_policy.cpp:63:5: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(description, buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vdad.cpp:53:18: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, "processing file %s\n", vf.file_name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vdad.cpp:57:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "%s/boinc_meta.txt", vf.dir); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vdad.cpp:60:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "Can't parse policy file %s\n", buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vdad.cpp:64:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, "Getting state\n"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vdad.cpp:67:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "vf.get_state failed %d\n", retval); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vdad.cpp:71:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, "Initializing\n"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vdad.cpp:74:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "vf.init failed %d\n", retval); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vdad.cpp:80:18: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, "Recovery plan:\n"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vdad.cpp:93:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vdad.cpp:97:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vdad.cpp:104:17: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "truncate %s/%s --reference %s/%s", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vdad.cpp:107:26: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. retval = system(buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vdad.cpp:109:34: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vdad.cpp:125:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vdad.cpp:136:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "vf.decide_reconstruct failed %d\n", retval); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vdad.cpp:141:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vdad.cpp:146:18: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, "Recovery action:\n"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vdad.cpp:149:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "vf.recovery_action failed %d\n", retval); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vdad.cpp:167:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "VDA_FILE enumerate failed\n"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vdad.cpp:174:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf( data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vdad.cpp:181:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf( data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vdad.cpp:198:18: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, "processing dead host %lu\n", h.id); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vdad.cpp:205:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_NORMAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vdad.cpp:211:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vdad.cpp:218:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vdad.cpp:243:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "host.enumerate() failed\n"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vdad.cpp:249:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "handle_host() failed: %d\n", retval); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vdad.cpp:254:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "h.update_field() failed: %d\n", retval); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vdad.cpp:273:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "can't parse config file\n"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vdad.cpp:277:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "VDA not enabled\n"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vdad.cpp:281:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "Must specify VDA host timeout\n"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vdad.cpp:288:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. log_messages.printf(MSG_CRITICAL, "can't open DB\n"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/boinc_zip.cpp:136:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(av[2], szFileZip.c_str()); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/boinc_zip.cpp:141:13: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(av[3+jj], pvectszFileIn->at(jj).c_str()); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/boinc_zip.cpp:149:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(av[2], szFileZip.c_str()); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/boinc_zip.cpp:153:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(av[3], "-d%s", pvectszFileIn->at(0).c_str()); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/boinc_zip.cpp:160:13: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. if (access(szFileZip.c_str(), 0) == 0) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/boinc_zip.cpp:169:13: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. if (access(szFileZip.c_str(), 0) == 0) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/boinc_zip.cpp:282:13: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(strPart[0], spattern.c_str()); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/boinc_zip.cpp:329:28: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. funcs.msgfn = (MsgFn *)printf; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/boinc_zip.cpp:330:32: [4] (buffer) scanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. funcs.inputfn = (InputFn *)scanf; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/api.c:130:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(version->betalevel, UZ_BETALEVEL); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/api.c:131:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(version->date, UZ_VERSION_DATE); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/api.c:591:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(sz, pattern); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/api.c:594:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(sz, pattern); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/api.c:664:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(G.wildzipfn, archive); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/apihelp.c:101:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(slide, fname); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/crypt.c:127:22: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. # define Trace(x) fprintf x data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/crypt.c:482:17: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(GLOBAL(key), passwrd); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/fileio.c:284:9: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. if (access(G.filename, 0) == -1) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/fileio.c:316:17: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(tname, G.filename); /* make backup name */ data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/fileio.c:324:17: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(tname, G.filename); /* make backup name */ data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/fileio.c:326:13: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(tname+flen, BackupSuffix); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/fileio.c:407:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(tfilnam, G.filename); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/fileio.c:1524:5: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(stderr, prompt, ((Uz_Globs *)pG)->numlines); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/fileio.c:1538:5: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(stderr, LoadFarString(HidePrompt)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/fileio.c:1592:13: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(prompt, LoadFarString(PasswPrompt), data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/fileio.c:2351:19: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(G.filename, fn); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/fileio.c:2383:21: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(tmp_fnote+block_len, tmp_fnote+block_len+1); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/fileio.c:2393:13: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(G.filenotes[G.filenote_slot], tmp_fnote); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/fileio.c:2507:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(fmt, FZOFFT_HEX_WID_VALUE); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/fileio.c:2512:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(fmt, FZOFFT_HEX_WID_VALUE); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/fileio.c:2516:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(fmt, pre); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/fileio.c:2519:5: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(fmt, FZOFFT_FMT); /* Long or long-long or whatever. */ data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/fileio.c:2524:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(fmt, post); /* Caller's radix. */ data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/fileio.c:2530:5: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(G.fzofft_buf[G.fzofft_index], fmt, val); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/globals.c:147:9: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(stderr, noEntry); /* can't use Info w/o a global pointer */ data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/inflate.c:308:34: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. # define MESSAGE(str,len,flag) fprintf(stderr,(char *)(str)) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/inflate.c:323:22: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. # define Trace(x) fprintf x data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/list.c:381:17: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(cfactorstr, LoadFarString(CompFactor100)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/list.c:383:17: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(cfactorstr, LoadFarString(CompFactorStr), sgn, cfactor); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/list.c:463:13: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(cfactorstr, LoadFarString(CompFactor100)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/list.c:465:13: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(cfactorstr, LoadFarString(CompFactorStr), sgn, cfactor); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/match.c:145:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(dospattern, pattern); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/process.c:352:13: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(G.zipfn, G.argv0); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/process.c:353:13: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(G.zipfn+len, EXE_EXTENSION); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/process.c:378:13: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. system(G.autorun_command); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/process.c:457:15: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(lastzipfn + strlen(lastzipfn), ZSUFX); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/process.c:473:17: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(p, ALT_ZSUFX); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/process.c:2372:5: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(e, d); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/process.c:2377:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(r, e); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/process.c:2481:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(buffer, escape_string); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/process.c:2491:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(buffer, escape_string); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/process.c:2496:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(local_string, buffer); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/process.c:2519:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(display_string, local_string); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unix/unix.c:249:25: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(G.matchname, G.dirname); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unix/unix.c:250:25: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(G.matchname+G.dirnamelen, file->d_name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unix/unix.c:252:25: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(G.matchname, file->d_name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unix/unix.c:291:17: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(G.matchname+G.dirnamelen, file->d_name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unix/unix.c:293:17: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(G.matchname, file->d_name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unix/unix.c:859:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(pathcomp, G.buildpath); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unix/unix.c:917:13: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(G.buildpath, G.rootpath); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unix/unix.c:951:13: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(tmproot, pathcomp); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unix/unix.c:1030:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(command, "IFS=\" \t\n\" /bin/mkdir '%s' 2>/dev/null", path); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unix/unix.c:1031:9: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. if (system(command)) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unix/unix.c:1166:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(slnk_entry->fname, G.filename); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unix/unix.c:1336:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(d_entry->fn, G.filename); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unix/unix.c:1453:5: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf((char *)slide, LoadFarString(CompiledWith), data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unix/unix.c:1461:10: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. (sprintf(cc_versbuf, "(gcc %s)", __VERSION__), cc_versbuf), data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unzip.c:2497:9: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf((char *)(slide+256), LoadFarStringSmall(Use_Unicode), data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unzip.c:2508:9: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf((char *)(slide+256), LoadFarStringSmall(Have_MBCS_Support), data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unzip.c:2547:9: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf((char *)(slide+256), LoadFarStringSmall(UseZlib), data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unzip.c:2554:9: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf((char *)(slide+256), LoadFarStringSmall(UseBZip2), data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unzpriv.h:1000:37: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). # define zfstrcpy(dest, src) strcpy((dest), (src)) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unzpriv.h:2658:24: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. # define Trace(x) fprintf x data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unzpriv.h:2665:22: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. # define TTrace(x) fprintf x data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unzpriv.h:2704:21: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. fputs((char *)(sprintf sprf_arg, (buf)), (flag)&1? stderr : stdout) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unzpriv.h:2708:53: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. (*G.message)((zvoid *)&G, (uch *)(buf), (ulg)sprintf sprf_arg, (flag)) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unzpriv.h:2712:28: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. (ulg)(sprintf sprf_arg, strlen((char *)(buf))), (flag)) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unzpriv.h:2924:33: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). # define STR_TO_ISO strcpy data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unzpriv.h:2933:33: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). # define STR_TO_OEM strcpy data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/win32/nt.c:389:13: [4] (buffer) lstrcpynA: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). lstrcpynA(g_VolumeCaps.RootPath, TempRootPath, cchTempRootPath+1); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/win32/w32cfg.h:270:57: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). # define ISO_TO_INTERN(src, dst) {if ((src) != (dst)) strcpy((dst), (src));} data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/win32/w32cfg.h:272:57: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). # define INTERN_TO_ISO(src, dst) {if ((src) != (dst)) strcpy((dst), (src));} data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/win32/w32cfg.h:278:57: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). # define OEM_TO_INTERN(src, dst) {if ((src) != (dst)) strcpy((dst), (src));} data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/win32/w32cfg.h:280:57: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). # define INTERN_TO_OEM(src, dst) {if ((src) != (dst)) strcpy((dst), (src));} data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/win32/win32.c:250:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(d->d_name, fd.cFileName); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/win32/win32.c:1215:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(d_entry->fn, G.filename); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/win32/win32.c:1542:17: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(G.matchname, G.dirname); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/win32/win32.c:1549:17: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(fnamestart, file->d_name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/win32/win32.c:1597:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(fnamestart, file->d_name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/win32/win32.c:2155:13: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. if (access(G.buildpathFAT, 0) != 0) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/win32/win32.c:2257:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(pathcomp, G.buildpathFAT); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/win32/win32.c:2375:13: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(G.buildpathHPFS, pathcomp); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/win32/win32.c:2377:13: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(G.buildpathHPFS, G.rootpath); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/win32/win32.c:2419:13: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(tmproot, pathcomp); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/win32/win32.c:2547:11: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. len = sprintf((char *)slide, CompiledWith, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/win32/win32.c:3007:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(buffer, escape_string); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/win32/win32.c:3017:7: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(buffer, escape_string); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/zipinfo.c:1058:9: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(unkn, LoadFarString(UnknownNo), data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/zipinfo.c:1075:9: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(unkn, LoadFarString(UnknownNo), data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/zipinfo.c:1086:9: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(unkn, LoadFarString(UnknownNo), G.crec.compression_method); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/zipinfo.c:1242:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(attribs, LoadFarStringSmall(fpFtyp)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/zipinfo.c:1272:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(attribs, LoadFarStringSmall(fpFtyp)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/zipinfo.c:1581:29: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(types, LoadFarString(UTmodification)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/zipinfo.c:1588:29: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(types+len, LoadFarString(UTaccess)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/zipinfo.c:1597:29: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(types+len, LoadFarString(UTcreation)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/zipinfo.c:2272:21: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). return (strcpy(d_t_str, LoadFarString(lngYMDHMSTimeError))); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/zipinfo.c:2296:9: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(monthbuf, LoadFarString(BogusFmt), mo); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/zipinfo.c:2302:9: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(d_t_str, LoadFarString(lngYMDHMSTime), yr+1900, monthstr, dy, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/zipinfo.c:2305:9: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(d_t_str, LoadFarString(DecimalTime), yr+1900, mo, dy, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/zipinfo.c:2308:9: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(d_t_str, LoadFarString(shtYMDHMTime), yr%100, monthstr, dy, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/tailor.h:267:14: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). IZ_IMP char *strcpy(); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/tailor.h:268:14: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). IZ_IMP char *strcat(); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/tailor.h:285:14: [4] (tmpfile) mktemp: Temporary file race condition (CWE-377). IZ_IMP char *mktemp(); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/unix/z_unix.c:169:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(p, n); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/unix/z_unix.c:190:11: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(strcpy(a, p), e); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/unix/z_unix.c:190:18: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcat(strcpy(a, p), e); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/unix/z_unix.c:268:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(n, t); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/unix/z_unix.c:297:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(x, n); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/unix/z_unix.c:361:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(name, f); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/unix/z_unix.c:581:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(name, z->name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/unix/z_unix.c:705:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(s, "IFS=\" \t\n\" /bin/rmdir %s 2>/dev/null", d); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/unix/z_unix.c:706:9: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. r = system(s); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/unix/z_unix.c:901:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(os_name, "%s %s", u.sysname, u.release); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/unix/z_unix.c:906:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(os_name, "NetBSD 0.8%s", netbsd[NetBSD0_8]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/unix/z_unix.c:909:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(os_name, "NetBSD 0.9%s", netbsd[NetBSD0_9]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/unix/z_unix.c:912:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(os_name, "NetBSD 1.0%s", netbsd[NetBSD1_0]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/util.c:516:5: [4] (buffer) wcscpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using a function version that stops copying at the end of the buffer. wcscpy(sw1, sw); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/util.c:547:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(s1, s); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/util.c:835:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(bufptr, envptr); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/util.c:863:17: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(argstart, argstart + 1); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/util.c:1120:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat( fmt, FZOFFT_HEX_WID_VALUE); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/util.c:1125:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat( fmt, FZOFFT_HEX_WID_VALUE); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/util.c:1129:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat( fmt, pre); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/util.c:1132:5: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat( fmt, FZOFFT_FMT); /* Long or long-long or whatever. */ data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/util.c:1137:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat( fmt, post); /* Caller's radix. */ data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/util.c:1143:5: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf( fzofft_buf[ fzofft_index], fmt, val); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/util.c:1169:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat( fmt, FZOFFT_HEX_WID_VALUE); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/util.c:1174:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat( fmt, FZOFFT_HEX_WID_VALUE); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/util.c:1178:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat( fmt, pre); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/util.c:1181:5: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat( fmt, FZOFFT_FMT); /* Long or long-long or whatever. */ data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/util.c:1186:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat( fmt, post); /* Caller's radix. */ data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/util.c:1192:5: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf( fuzofft_buf[ fuzofft_index], fmt, val); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/osdep.h:79:9: [4] (shell) popen: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. #define popen _popen data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/osdep.h:376:57: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). # define ISO_TO_INTERN(src, dst) {if ((src) != (dst)) strcpy((dst), (src));} data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/osdep.h:378:57: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). # define INTERN_TO_ISO(src, dst) {if ((src) != (dst)) strcpy((dst), (src));} data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/osdep.h:388:57: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). # define OEM_TO_INTERN(src, dst) {if ((src) != (dst)) strcpy((dst), (src));} data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/osdep.h:390:57: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). # define INTERN_TO_OEM(src, dst) {if ((src) != (dst)) strcpy((dst), (src));} data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32_boinc.c:1257:5: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(CompiledWith, COMPILER_NAME1, COMPILER_NAME2, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32_boinc.c:1389:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(buffer, e); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32_boinc.c:1399:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(buffer, wide_to_mb_default_string); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32_boinc.c:1403:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(buffer, e); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32zip.c:125:3: [4] (buffer) wcscpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using a function version that stops copying at the end of the buffer. wcscpy(pw, nw); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32zip.c:166:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(p, n); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32zip.c:172:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(q, wild_match_all); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32zip.c:412:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(q, f); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32zip.c:486:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(fcp, fp); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32zip.c:599:7: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(r, q); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32zip.c:816:5: [4] (buffer) wcscpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using a function version that stops copying at the end of the buffer. wcscpy(newwhole, whole); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32zip.c:828:13: [4] (buffer) wcscpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using a function version that stops copying at the end of the buffer. wcscpy(newwhole + newlen, name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32zip.c:832:17: [4] (buffer) wcscpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using a function version that stops copying at the end of the buffer. wcscpy(name, subwild); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32zip.c:906:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(newwhole, whole); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32zip.c:918:13: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(newwhole + newlen, name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32zip.c:922:17: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(name, subwild); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32zip.c:1009:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(p, w); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32zip.c:1191:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(p, n); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32zip.c:1212:11: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(strcpy(a, p), e); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32zip.c:1212:18: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcat(strcpy(a, p), e); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32zip.c:1333:7: [4] (buffer) wcscpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using a function version that stops copying at the end of the buffer. wcscpy(pw, nw); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32zip.c:1354:11: [4] (buffer) wcscat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). wcscat(wcscpy(aw, pw), ew); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32zip.c:1354:18: [4] (buffer) wcscpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using a function version that stops copying at the end of the buffer. wcscat(wcscpy(aw, pw), ew); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32zip.c:1453:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(n, t); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32zip.c:1522:3: [4] (buffer) wcscpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using a function version that stops copying at the end of the buffer. wcscpy(nw, tw); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32zip.c:1547:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(x, n); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32zip.c:1564:3: [4] (buffer) wcscpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using a function version that stops copying at the end of the buffer. wcscpy(xw, nw); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32zip.c:1634:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(name, f); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32zip.c:1717:3: [4] (buffer) wcscpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using a function version that stops copying at the end of the buffer. wcscpy(namew, fw); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/z_nt.c:337:13: [4] (buffer) lstrcpynA: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). lstrcpynA(g_VolumeCaps.RootPath, TempRootPath, cchTempRootPath+1); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:143:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(p, name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:471:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(errbuf, " first full name: %s\n", nodup[j - 1]->name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:472:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(tempbuf, " second full name: %s\n", nodup[j]->name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:474:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(errbuf, tempbuf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:478:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(tempbuf, "name in zip file repeated: %s", nodup[j]->iname); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:480:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(errbuf, tempbuf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:698:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(z->name, name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:727:5: [4] (buffer) wcscpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using a function version that stops copying at the end of the buffer. wcscpy(z->namew, namew); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:798:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(f->name, name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:819:5: [4] (buffer) wcscpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using a function version that stops copying at the end of the buffer. wcscpy(f->namew, namew); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:938:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(oname, zname); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:961:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(z->name, name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:1041:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(f->name, name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:1344:6: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(t, tempath); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:1400:5: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(cptr, getenv("DEFAULTS")); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:1442:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(t, tempath); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:1495:10: [4] (tmpfile) mktemp: Temporary file race condition (CWE-377). return mktemp(t); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:1863:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(split_path, in_path); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:1910:11: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(split_path, in_path); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:2052:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(split_dir, in_path); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:2072:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(archive_name, in_path + strlen(split_dir)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:2082:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(split_name, split_path + strlen(split_dir)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:2154:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(buf, split_path); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:2194:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(in_path, archive_name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:2210:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(in_path, buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:2211:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(in_path, archive_name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:2223:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(split_dir, in_path); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:2292:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(split_dir, out_path); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:2310:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(split_name, out_path + strlen(split_dir)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:2360:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(out_path, split_name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:2376:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(out_path, buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:2377:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(out_path, split_name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:2385:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(split_dir, out_path); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:2396:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(split_name, out_path + strlen(split_dir)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:2439:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(split_path, base_path); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:2466:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(split_path, base_path); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:2469:3: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(split_path, ext); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:2473:3: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(split_path, vers_ptr); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:2527:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(split_path, base_path); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:2530:3: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(split_path, ext); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:2534:3: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(split_path, vers_ptr); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:2698:13: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(tempzip, tempath); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:2708:13: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(tempzip, zipfile); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:3184:5: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(r, e); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:3322:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(buffer, e); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:3332:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(buffer, wide_to_mb_default_string); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:3336:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(buffer, e); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:3345:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(local_string, buffer); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:3376:7: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(buffer, buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:3380:7: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(buffer, e); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:3387:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(escape_string, buffer); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:3438:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(temp_string, local_string); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:3458:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(display_string, temp_string); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:3749:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(optname, "'%s' (%s)", options[optind].longopt, options[optind].name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:3751:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(optname, "'%s' (%s)", options[optind].shortopt, options[optind].name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:3754:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(optname, "'%s'", options[optind].longopt); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:3756:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(optname, "'%s'", options[optind].shortopt); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:3758:3: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(buf, err, optname); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:3803:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(new_args[j], args[j]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:3887:4: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(newarg, arg); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:4096:11: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(*value, arg + (*optchar) + clen); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:4105:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(*value, args[argnum + 1]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:4122:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(*value, arg + (*optchar) + clen); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:4130:11: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(*value, args[argnum + 1]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:4152:3: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(optionerrbuf, sh_op_not_sup_err, *shortopt); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:4200:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(arg, args[argnum]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:4236:9: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(optionerrbuf, long_op_ambig_err, longopt); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:4251:5: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(optionerrbuf, long_op_not_sup_err, longopt); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:4285:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(*value, valuestart); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:4298:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(*value, valuestart); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:4307:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(*value, args[argnum + 1]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:4635:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(*value, arg); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:4708:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(*value, args[argn]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:4762:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(*value, args[argn]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:4788:11: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(*value, arg); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:4830:15: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(*value, arg); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:4886:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(*value, arg); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:681:5: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(copyright[i], "zip"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:686:5: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(text[i], VERSION, REVDATE); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:1031:5: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(text[i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:1184:5: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(copyright[i], "zip"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:1190:5: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(versinfolines[i], "Zip", VERSION, REVDATE); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:1228:5: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(cryptnote[i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:1298:22: [4] (shell) popen: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. if ((unzip_out = popen(cmd, "r")) == NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:1342:3: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(zipnam, zipname); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:1345:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(zipnam, zipname); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:1363:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(cmd, unzip_path); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:1366:7: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(cmd, zipnam); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:1368:7: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(cmd, here + 2); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:1371:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(cmd, unzip_path); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:1373:7: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(cmd, zipnam); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:1376:14: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. status = system(cmd); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:1447:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(cmd, unzip_path); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:1452:7: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(cmd, zipname); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:1455:7: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(cmd, zipname); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:1458:7: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(cmd, here + 2); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:1461:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(cmd, unzip_path); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:1465:7: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(cmd, zipname); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:1468:7: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(cmd, zipname); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:1489:5: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(cmd, zipname); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:1492:5: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(cmd, zipname); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:1496:12: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. result = system(cmd); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:1554:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(errbuf, "%c pattern file '%s'", flag, pattern); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:1658:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(name, filearg); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:2751:15: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(errbuf, "option -ds (--dot-size) has bad size: '%s'", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:2762:15: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(errbuf, "dot size must be at least 32 KB: '%s'", value); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:3001:15: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(errbuf, "bad split size: '%s'", value); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:3020:17: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(errbuf, "minimum split size is 64 KB: '%s'", value); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:3364:17: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(in_path, zipfile); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:3372:17: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(out_path, zipfile); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:3572:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(p, logfile_path); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:3584:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(errbuf, "could not open logfile '%s'", logfile_path); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:3672:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(errbuf, "--out path must be different than in path: %s", out_path); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:3876:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(tempzip, tempath); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:3886:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(tempzip, zipfile); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:4215:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(tempath, zipfile); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:4563:13: [4] (buffer) wcscat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). wcscat(fnw, z->znamew); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:4574:13: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(fn, z->zname); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:4588:13: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(fn, z->uname); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:4590:13: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(fn, z->zname); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:4714:16: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(strcat(errbuf, args[i]), "\" "); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:4715:14: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(strcat(errbuf, args[i]), " *.* -i"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:4719:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(strcat(errbuf, " "), args[i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:4727:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(strcat(errbuf, " "), args[i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:4877:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(tempzip, tempath); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:4887:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(tempzip, zipfile); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:5089:11: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(errbuf, "was zipping %s", z->name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:5097:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(errbuf, "was copying %s", z->oname); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:5149:15: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(errbuf, "was zipping %s", z->name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:5158:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(errbuf, "was copying %s", z->oname); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:5224:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(errbuf, "was copying %s", z->oname); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:5448:11: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(errbuf, "was copying %s", z->oname); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:5486:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(f->iname, f->uname); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:5578:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(errbuf, "was zipping %s", z->oname); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:5609:11: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(errbuf, "was zipping %s", z->name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:5721:13: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(z->comment, p); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:5741:13: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(p, e); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:5801:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(p, e); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:5816:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(strcat(strcpy(p, zcomment), "\r\n"), e); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:5816:23: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcat(strcat(strcpy(p, zcomment), "\r\n"), e); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:5818:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(p, *e ? e : "\r\n"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:5830:8: [4] (buffer) lstrcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using a function version that stops copying at the end of the buffer. lstrcpy(p, szCommentBuf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.h:573:20: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. # define Trace(x) fprintf x data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.h:574:35: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. # define Tracev(x) {if (verbose) fprintf x ;} data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.h:575:38: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. # define Tracevv(x) {if (verbose>1) fprintf x ;} data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.h:576:44: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. # define Tracec(c,x) {if (verbose && (c)) fprintf x ;} data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.h:577:47: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. # define Tracecv(c,x) {if (verbose>1 && (c)) fprintf x ;} data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:378:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(t, s); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:424:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(t, disk); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:832:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(iname, pZipListEntry->iname); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:854:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(errbuf, "Unicode does not match path: %s\n", pZipListEntry->oname); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:874:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(UPath, pZipListEntry->name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:937:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(iname, pZipListEntry->iname); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:954:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(errbuf, "Unicode does not match path: %s\n", pZipListEntry->oname); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:974:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(UPath, pZipListEntry->name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:1519:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(inameLocal, pZEntry->iname); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:1646:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(inameLocal, pZEntry->iname); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:2287:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(locz->name, locz->iname); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:2847:13: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(z->zname, z->name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:2855:13: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(z->name, z->iname); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:2859:13: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(z->zname, z->iname); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:2884:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(z->oname, z->zname); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:3343:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(errbuf, "End record (EOCDR) only %s bytes - assume truncated", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:3549:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(errbuf, "EOCDR found (%2lu %6s)...", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:3558:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(errbuf, "Zip64 EOCDR found (%2lu %6s)...", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:3567:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(errbuf, "Zip64 EOCDL found (%2lu %6s)...", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:3578:11: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(errbuf, " Local (%2lu %6s):", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:3619:11: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(errbuf, "Entry after central directory found (%2lu %6s)...", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:3671:11: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(errbuf, " Cen (%2lu %6s): ", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:3774:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(errbuf, "updating: %s", cz->iname); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:3809:15: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(z->uname, z->iname); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:3901:11: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(errbuf, "no local entry: %s", cz->iname); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:3928:11: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(errbuf, errbuftemp); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:3930:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(errbuftemp, "on disk %lu at %s\n", current_in_disk, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:3932:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(errbuf, errbuftemp); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:4391:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(errbuf, "Zip entry offsets appear off by %s bytes - correcting...", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:4632:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(split_path, in_path); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:4664:11: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(split_path, in_path); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:4728:13: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(errbuf, errbuftemp); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:4730:11: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(errbuftemp, "on disk %lu at %s\n", current_in_disk, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:4732:11: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(errbuf, errbuftemp); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:4737:11: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(errbuf, "unexpected signature on disk %lu at %s\n", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:4855:11: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(z->uname, z->iname); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:4928:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(z->name, z->zname); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:4955:13: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(name, z->iname); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:4966:11: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(z->zuname, name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:4979:15: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(z->ouname, name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:4986:13: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(z->ouname, name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:5008:11: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(z->wuname, z->ouname); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:5048:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(z->oname, z->zname); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:5077:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(errbuf, "expected %s entries but found %s", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:6182:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(localz->name, localz->iname); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:6205:11: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(localz->iname, localz->uname); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:6306:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(localz->iname, z->iname); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:6351:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(z->oname, localz->iname); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:6359:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(errbuf, " copying: %s ", z->oname); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:6499:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(z->cextra, localz->extra); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:6512:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(z->zname, z->iname); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:6524:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(errbuf, " (%s bytes)", zip_fzofft(z->siz, NULL, "u")); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:6529:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(errbuf, "expected compressed/stored size %s, actual %s", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipup.c:1302:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(errbuf, "incompatible zlib version (expected %s, found %s)", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/graphics_api.cpp:97:10: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. if (!getenv("DISPLAY")) return false; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/graphics_lib.cpp:173:10: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. if (!getenv("DISPLAY")) return false; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app_start.cpp:770:17: [3] (shell) CreateProcessAsUser: This causes a new process to execute and is difficult to use safely (CWE-78). Especially watch out for embedded spaces. if (CreateProcessAsUser( data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app_start.cpp:1036:19: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. char* p = getenv("LD_LIBRARY_PATH"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app_start.cpp:1047:13: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. p = getenv("DYLD_LIBRARY_PATH"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/check_security.cpp:682:20: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. userName = getenv("USER"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_state.cpp:452:5: [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. srand((unsigned int)time(0)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_cmdline.cpp:279:9: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. p = getenv("HTTP_PROXY"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_cmdline.cpp:299:9: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. p = getenv("HTTP_USER_NAME"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_cmdline.cpp:303:13: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. p = getenv("HTTP_USER_PASSWD"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_cmdline.cpp:309:9: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. p = getenv("SOCKS_SERVER"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_cmdline.cpp:310:17: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. if (!p) p = getenv("SOCKS5_SERVER"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_cmdline.cpp:321:9: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. p = getenv("SOCKS5_USER"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_cmdline.cpp:322:17: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. if (!p) p = getenv("SOCKS_USER"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_cmdline.cpp:327:9: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. p = getenv("SOCKS5_PASSWD"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gpu_amd.cpp:134:24: [3] (misc) LoadLibrary: Ensure that the full path to the library is specified, or current directory may be used (CWE-829, CWE-20). Use registry entry or GetWindowsDirectory to find library path, if you aren't already. HINSTANCE callib = LoadLibrary(atilib_name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gpu_amd.cpp:138:18: [3] (misc) LoadLibrary: Ensure that the full path to the library is specified, or current directory may be used (CWE-829, CWE-20). Use registry entry or GetWindowsDirectory to find library path, if you aren't already. callib = LoadLibrary(amdlib_name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gpu_nvidia.cpp:253:23: [3] (misc) LoadLibrary: Ensure that the full path to the library is specified, or current directory may be used (CWE-829, CWE-20). Use registry entry or GetWindowsDirectory to find library path, if you aren't already. HMODULE cudalib = LoadLibrary("nvcuda.dll"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gpu_opencl.cpp:212:18: [3] (misc) LoadLibrary: Ensure that the full path to the library is specified, or current directory may be used (CWE-829, CWE-20). Use registry entry or GetWindowsDirectory to find library path, if you aren't already. opencl_lib = LoadLibrary("OpenCL.dll"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_wsl.cpp:141:23: [3] (shell) CreateProcess: This causes a new process to execute and is difficult to use safely (CWE-78). Specify the application path in the first argument, NOT as part of the second, or embedded spaces could allow an attacker to force a different program to run. const bool res = (CreateProcess(NULL, (LPSTR)cmd.c_str(), NULL, NULL, TRUE, dwFlags, NULL, NULL, &si, &pi) != FALSE); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_wsl.cpp:141:23: [3] (shell) CreateProcess: This causes a new process to execute and is difficult to use safely (CWE-78). Specify the application path in the first argument, NOT as part of the second, or embedded spaces could allow an attacker to force a different program to run. const bool res = (CreateProcess(NULL, (LPSTR)cmd.c_str(), NULL, NULL, TRUE, dwFlags, NULL, NULL, &si, &pi) != FALSE); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_wsl.cpp:236:15: [3] (misc) LoadLibrary: Ensure that the full path to the library is specified, or current directory may be used (CWE-829, CWE-20). Use registry entry or GetWindowsDirectory to find library path, if you aren't already. wsl_lib = LoadLibrary("wslapi.dll"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/main.cpp:492:17: [3] (shell) CreateProcess: This causes a new process to execute and is difficult to use safely (CWE-78). Specify the application path in the first argument, NOT as part of the second, or embedded spaces could allow an attacker to force a different program to run. if (CreateProcess(NULL, commandLine, NULL, NULL, FALSE, CREATE_NO_WINDOW, NULL, NULL, &si, &pi)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/main.cpp:492:17: [3] (shell) CreateProcess: This causes a new process to execute and is difficult to use safely (CWE-78). Specify the application path in the first argument, NOT as part of the second, or embedded spaces could allow an attacker to force a different program to run. if (CreateProcess(NULL, commandLine, NULL, NULL, FALSE, CREATE_NO_WINDOW, NULL, NULL, &si, &pi)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/sim.cpp:1608:5: [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. srand(1); // make it deterministic data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/switcher.cpp:150:19: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. char* p = getenv("LD_LIBRARY_PATH"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/switcher.cpp:161:13: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. p = getenv("DYLD_LIBRARY_PATH"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/thread.cpp:45:5: [3] (misc) InitializeCriticalSection: Exceptions can be thrown in low-memory situations. Use InitializeCriticalSectionAndSpinCount instead. InitializeCriticalSection(&mutex); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/thread.cpp:53:5: [3] (misc) EnterCriticalSection: On some versions of Windows, exceptions can be thrown in low-memory situations. Use InitializeCriticalSectionAndSpinCount instead. EnterCriticalSection(&mutex); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/MainDocument.cpp:1265:24: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. userName = getenv("USER"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/MainDocument.cpp:2671:23: [3] (misc) LoadLibrary: Ensure that the full path to the library is specified, or current directory may be used (CWE-829, CWE-20). Use registry entry or GetWindowsDirectory to find library path, if you aren't already. HMODULE hUser32 = LoadLibrary(_T("user32.dll")); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/mac_saver_module.cpp:491:26: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. safe_strcpy(buf, getenv("HOME")); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/screensaver_win.cpp:66:5: [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. srand((unsigned int)time(0)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/screensaver_x11.cpp:399:20: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. char *xssw = getenv("XSCREENSAVER_WINDOW"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/screensaver_x11.cpp:454:3: [3] (random) srandom: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. srandom(time(NULL)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/screensaver_x11.cpp:460:15: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. int n = random() % results.results.size(); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1121:49: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. claimed_credit, granted_credit, opaque, random, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1158:49: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. claimed_credit, granted_credit, opaque, random, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db_types.h:614:9: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. int random; // determines send order data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/crypt_prog.cpp:88:18: [3] (misc) LoadLibrary: Ensure that the full path to the library is specified, or current directory may be used (CWE-829, CWE-20). Use registry entry or GetWindowsDirectory to find library path, if you aren't already. HMODULE hLib=LoadLibrary((const char *)"ADVAPI32.DLL"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/crypt_prog.cpp:90:18: [3] (misc) LoadLibrary: Ensure that the full path to the library is specified, or current directory may be used (CWE-829, CWE-20). Use registry entry or GetWindowsDirectory to find library path, if you aren't already. HMODULE hLib=LoadLibrary("ADVAPI32.DLL"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/crypt_prog.cpp:153:9: [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. srand(random_int()); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/diagnostics.cpp:291:52: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. snprintf(user_dir, sizeof(user_dir), "%s", getenv("APPDATA")); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/diagnostics.cpp:294:52: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. snprintf(user_dir, sizeof(user_dir), "%s", getenv("HOME")); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/diagnostics.cpp:297:52: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. snprintf(user_dir, sizeof(user_dir), "%s", getenv("HOME")); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/diagnostics_win.cpp:1043:5: [3] (misc) InitializeCriticalSection: Exceptions can be thrown in low-memory situations. Use InitializeCriticalSectionAndSpinCount instead. InitializeCriticalSection(&csExceptionMonitorFallback); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/diagnostics_win.cpp:1871:9: [3] (misc) EnterCriticalSection: On some versions of Windows, exceptions can be thrown in low-memory situations. Use InitializeCriticalSectionAndSpinCount instead. EnterCriticalSection(&csExceptionMonitorFallback); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/stackwalker_win.cpp:476:5: [3] (misc) InitializeCriticalSection: Exceptions can be thrown in low-memory situations. Use InitializeCriticalSectionAndSpinCount instead. InitializeCriticalSection(&g_csFileOpenClose); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/stackwalker_win.cpp:477:5: [3] (misc) EnterCriticalSection: On some versions of Windows, exceptions can be thrown in low-memory situations. Use InitializeCriticalSectionAndSpinCount instead. EnterCriticalSection(&g_csFileOpenClose); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/stackwalker_win.cpp:634:5: [3] (misc) EnterCriticalSection: On some versions of Windows, exceptions can be thrown in low-memory situations. Use InitializeCriticalSectionAndSpinCount instead. EnterCriticalSection(&g_csFileOpenClose); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/stackwalker_win.cpp:725:5: [3] (misc) EnterCriticalSection: On some versions of Windows, exceptions can be thrown in low-memory situations. Use InitializeCriticalSectionAndSpinCount instead. EnterCriticalSection(&g_csFileOpenClose); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/unix_util.cpp:65:9: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. buf=getenv(name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:2106:12: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. if ((s = getenv(name)) != NULL) addenv(blk, "%s=%s", name, s); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:2120:12: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. if ((s = getenv("SERVER_NAME")) != NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/nvcuda/cuda.cpp:301:5: [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. srand(n); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/openclapp/openclapp.cpp:307:5: [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. srand(n); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vbox_common.cpp:931:17: [3] (shell) CreateProcess: This causes a new process to execute and is difficult to use safely (CWE-78). Specify the application path in the first argument, NOT as part of the second, or embedded spaces could allow an attacker to force a different program to run. CreateProcess( data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vbox_common.cpp:931:17: [3] (shell) CreateProcess: This causes a new process to execute and is difficult to use safely (CWE-78). Specify the application path in the first argument, NOT as part of the second, or embedded spaces could allow an attacker to force a different program to run. CreateProcess( data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vbox_common.cpp:1041:10: [3] (shell) CreateProcess: This causes a new process to execute and is difficult to use safely (CWE-78). Specify the application path in the first argument, NOT as part of the second, or embedded spaces could allow an attacker to force a different program to run. if (!CreateProcess( data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vbox_common.cpp:1041:10: [3] (shell) CreateProcess: This causes a new process to execute and is difficult to use safely (CWE-78). Specify the application path in the first argument, NOT as part of the second, or embedded spaces could allow an attacker to force a different program to run. if (!CreateProcess( data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vbox_common.cpp:1311:10: [3] (shell) CreateProcess: This causes a new process to execute and is difficult to use safely (CWE-78). Specify the application path in the first argument, NOT as part of the second, or embedded spaces could allow an attacker to force a different program to run. if (!CreateProcess( data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vbox_common.cpp:1311:10: [3] (shell) CreateProcess: This causes a new process to execute and is difficult to use safely (CWE-78). Specify the application path in the first argument, NOT as part of the second, or embedded spaces could allow an attacker to force a different program to run. if (!CreateProcess( data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vbox_mscom_impl.cpp:229:20: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. old_path = getenv("PATH"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vbox_mscom_impl.cpp:239:9: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. if (getenv("VBOX_USER_HOME")) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vbox_mscom_impl.cpp:240:37: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. virtualbox_home_directory = getenv("VBOX_USER_HOME"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vbox_mscom_impl.cpp:244:37: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. virtualbox_home_directory = getenv("USERPROFILE"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vbox_mscom_impl.cpp:2582:22: [3] (shell) CreateProcess: This causes a new process to execute and is difficult to use safely (CWE-78). Specify the application path in the first argument, NOT as part of the second, or embedded spaces could allow an attacker to force a different program to run. if (!CreateProcess( data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vbox_mscom_impl.cpp:2582:22: [3] (shell) CreateProcess: This causes a new process to execute and is difficult to use safely (CWE-78). Specify the application path in the first argument, NOT as part of the second, or embedded spaces could allow an attacker to force a different program to run. if (!CreateProcess( data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vbox_mscom_impl.cpp:2689:10: [3] (shell) CreateProcess: This causes a new process to execute and is difficult to use safely (CWE-78). Specify the application path in the first argument, NOT as part of the second, or embedded spaces could allow an attacker to force a different program to run. if (!CreateProcess( data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vbox_mscom_impl.cpp:2689:10: [3] (shell) CreateProcess: This causes a new process to execute and is difficult to use safely (CWE-78). Specify the application path in the first argument, NOT as part of the second, or embedded spaces could allow an attacker to force a different program to run. if (!CreateProcess( data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vbox_vboxmanage.cpp:86:24: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. old_path = getenv("PATH"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vbox_vboxmanage.cpp:94:20: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. old_path = getenv("PATH"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vbox_vboxmanage.cpp:109:13: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. if (getenv("VBOX_USER_HOME")) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vbox_vboxmanage.cpp:110:41: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. virtualbox_home_directory = getenv("VBOX_USER_HOME"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vbox_vboxmanage.cpp:115:41: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. virtualbox_home_directory = getenv("USERPROFILE"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vbox_vboxmanage.cpp:117:41: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. virtualbox_home_directory = getenv("HOME"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vbox_vboxmanage.cpp:130:21: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. if (NULL == getenv("HOME")) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vboxwrapper.cpp:786:9: [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. srand((int)getpid()); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/wrapper/wrapper.cpp:813:15: [3] (shell) CreateProcess: This causes a new process to execute and is difficult to use safely (CWE-78). Specify the application path in the first argument, NOT as part of the second, or embedded spaces could allow an attacker to force a different program to run. success = CreateProcess( data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/wrapper/wrapper.cpp:813:15: [3] (shell) CreateProcess: This causes a new process to execute and is difficult to use safely (CWE-78). Specify the application path in the first argument, NOT as part of the second, or embedded spaces could allow an attacker to force a different program to run. success = CreateProcess( data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_purge.cpp:210:16: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. result.random, \ data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_upload_handler.cpp:67:15: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. char* p = getenv("REMOTE_ADDR"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:520:21: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. const char* p = getenv("HTTP_X_FORWARDED_FOR"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:525:22: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. const char * r = getenv("REMOTE_ADDR"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:1311:5: [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. srand(g_reply->host.id); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:1313:5: [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. srand(retval); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:1474:14: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. char *rm=getenv("REQUEST_METHOD"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_config.cpp:424:19: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. char *p = getenv("BOINC_PROJECT_DIR"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_locality.cpp:1141:5: [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. srand(seed); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_main.cpp:230:14: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. char *cl=getenv("CONTENT_LENGTH"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_main.cpp:231:14: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. char *ri=getenv("REMOTE_ADDR"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_main.cpp:232:14: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. char *rm=getenv("REQUEST_METHOD"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_main.cpp:233:14: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. char *ct=getenv("CONTENT_TYPE"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_main.cpp:234:14: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. char *ha=getenv("HTTP_ACCEPT"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_main.cpp:235:14: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. char *hu=getenv("HTTP_USER_AGENT"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_main.cpp:358:22: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. const char * r = getenv("REMOTE_ADDR"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_main.cpp:488:5: [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. srand(time(0)+getpid()); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/target_batch.cpp:116:24: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. char * query_str = getenv("QUERY_STRING"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/backend_lib.cpp:166:21: [3] (random) lrand48: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. result.random = lrand48(); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/backend_lib.cpp:170:57: [3] (random) lrand48: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. sprintf(base_outfile_name, "%s_r%ld_", result.name, lrand48()); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/ssim.cpp:617:13: [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. srand(getpid()); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/test.cpp:27:26: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. string home = string(getenv("HOME")); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/testzlibconflict.cpp:186:28: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. home = std::string(getenv("HOME")); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/crypt.c:247:9: [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. srand((unsigned)time(NULL) ^ ZCR_SEED2); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/process.c:297:23: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. (((tmp = getenv("TZ")) != NULL) && (*tmp != '\0')) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/ttyio.c:407:20: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. char *envptr, *getenv(); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/ttyio.c:415:18: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. envptr = getenv("LINES"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/ttyio.c:425:18: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. envptr = getenv("COLUMNS"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unzip.c:2328:14: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. extern char *getenv(); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unzip.c:2597:18: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. envptr = getenv(LoadFarStringSmall(EnvUnZip)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unzip.c:2602:18: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. envptr = getenv(LoadFarStringSmall(EnvUnZip2)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unzip.c:2607:18: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. envptr = getenv(LoadFarStringSmall(EnvZipInfo)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unzip.c:2612:18: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. envptr = getenv(LoadFarStringSmall(EnvZipInfo2)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unzip.c:2619:18: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. envptr = getenv(LoadFarStringSmall(EnvEMX)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unzip.c:2624:18: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. envptr = getenv(LoadFarStringSmall(EnvEMXOPT)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unzip.c:2631:18: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. envptr = getenv(LoadFarStringSmall(EnvGO32)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unzip.c:2636:18: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. envptr = getenv(LoadFarStringSmall(EnvGO32TMP)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unzip.c:2644:18: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. envptr = getenv(LoadFarStringSmall(EnvUnZipExts)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/win32/nt.c:122:9: [3] (misc) InitializeCriticalSection: Exceptions can be thrown in low-memory situations. Use InitializeCriticalSectionAndSpinCount instead. InitializeCriticalSection( &VolumeCapsLock ); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/win32/nt.c:343:5: [3] (misc) EnterCriticalSection: On some versions of Windows, exceptions can be thrown in low-memory situations. Use InitializeCriticalSectionAndSpinCount instead. EnterCriticalSection( &VolumeCapsLock ); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/win32/nt.c:384:9: [3] (misc) EnterCriticalSection: On some versions of Windows, exceptions can be thrown in low-memory situations. Use InitializeCriticalSectionAndSpinCount instead. EnterCriticalSection( &VolumeCapsLock ); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/tailor.h:280:14: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. IZ_IMP char *getenv(); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/util.c:819:14: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. envptr = getenv(envstr); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/util.c:824:23: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. if ((envptr = getenv(envstr2)) != NULL) /* alternate */ data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/z_nt.c:127:5: [3] (misc) InitializeCriticalSection: Exceptions can be thrown in low-memory situations. Use InitializeCriticalSectionAndSpinCount instead. InitializeCriticalSection( &VolumeCapsLock ); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/z_nt.c:298:5: [3] (misc) EnterCriticalSection: On some versions of Windows, exceptions can be thrown in low-memory situations. Use InitializeCriticalSectionAndSpinCount instead. EnterCriticalSection( &VolumeCapsLock ); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/z_nt.c:332:9: [3] (misc) EnterCriticalSection: On some versions of Windows, exceptions can be thrown in low-memory situations. Use InitializeCriticalSectionAndSpinCount instead. EnterCriticalSection( &VolumeCapsLock ); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:1339:3: [3] (tmpfile) tmpnam: Temporary file race condition (CWE-377). tmpnam(t); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:1348:3: [3] (tmpfile) tmpnam: Temporary file race condition (CWE-377). tmpnam(t); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:1400:18: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. strcat(cptr, getenv("DEFAULTS")); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:1418:5: [3] (tmpfile) tmpnam: Temporary file race condition (CWE-377). tmpnam(ptr); /* Add filename */ data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:1239:14: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. envptr = getenv(zipenv_names[i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:2506:23: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. (((tmp = getenv("TZ")) != NULL) && (*tmp != '\0')) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/boinc_api.cpp:191:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char web_graphics_url[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/boinc_api.cpp:193:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char remote_desktop_addr[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/boinc_api.cpp:255:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/boinc_api.cpp:298:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/boinc_api.cpp:360:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/boinc_api.cpp:369:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/boinc_api.cpp:411:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg_buf[MSG_CHANNEL_SIZE], buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/boinc_api.cpp:415:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(msg_buf, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/boinc_api.cpp:426:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "<fraction_done>%e</fraction_done>\n", fdone); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/boinc_api.cpp:430:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "<bytes_sent>%f</bytes_sent>\n", bytes_sent); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/boinc_api.cpp:434:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "<bytes_received>%f</bytes_received>\n", bytes_received); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/boinc_api.cpp:450:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[MSG_CHANNEL_SIZE]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/boinc_api.cpp:475:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/boinc_api.cpp:516:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[MSG_CHANNEL_SIZE]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/boinc_api.cpp:639:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fout = fopen("out_msgs.txt", "w"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/boinc_api.cpp:645:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/boinc_api.cpp:666:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf2[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/boinc_api.cpp:732:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[MSG_CHANNEL_SIZE]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/boinc_api.cpp:755:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/boinc_api.cpp:766:19: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* f = fopen(BOINC_FINISH_CALLED_FILE, "w"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/boinc_api.cpp:786:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* f = fopen(TEMPORARY_EXIT_FILE, "w"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/boinc_api.cpp:810:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/boinc_api.cpp:882:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/boinc_api.cpp:923:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/boinc_api.cpp:962:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg_buf[MSG_CHANNEL_SIZE], buf[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/boinc_api.cpp:965:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(msg_buf, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/boinc_api.cpp:974:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "<other_pid>%d</other_pid>\n", other_pid); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/boinc_api.cpp:978:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "<bytes_sent>%f</bytes_sent>\n", _bytes_sent); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/boinc_api.cpp:982:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "<bytes_received>%f</bytes_received>\n", _bytes_received); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/boinc_api.cpp:1028:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char log_buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/boinc_api.cpp:1063:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char log_buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/boinc_api.cpp:1088:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[MAXPATHLEN], buf[256], log_name[256], *p, log_buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/boinc_api.cpp:1125:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[MSG_CHANNEL_SIZE]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/boinc_api.cpp:1147:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[MSG_CHANNEL_SIZE]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/boinc_api.cpp:1151:19: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* f = fopen("msgs.txt", "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/boinc_api.cpp:1173:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char log_buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/boinc_api.cpp:1247:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[512]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/boinc_api.cpp:1428:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/boinc_api.cpp:1546:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/boinc_api.cpp:1557:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/boinc_api.cpp:1603:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/boinc_api.cpp:1622:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/boinc_api_fortran.cpp:45:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(p, s, s_len); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/boinc_opencl.cpp:91:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char vendor[256]; // Device vendor (NVIDIA, ATI, AMD, etc.) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/boinc_opencl.cpp:226:42: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). gpu_device_num = atoi(argv[i+1]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/graphics2_unix.cpp:58:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/graphics2_unix.cpp:167:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char window_title[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/graphics2_unix.cpp:241:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dir [MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/graphics2_unix.cpp:273:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char vers[100], *p1 = NULL; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/graphics2_unix.cpp:287:17: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). major = atoi(vers); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/graphics2_unix.cpp:294:17: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). minor = atoi(p1+1); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/graphics2_util.cpp:41:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cwd[MAXPATHLEN], path[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/graphics2_util.cpp:60:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char shmem_name[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/graphics2_util.cpp:73:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char shmem_name[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/graphics2_util.cpp:88:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char shmem_name[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/graphics2_util.cpp:106:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char shmem_name[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/graphics2_win.cpp:54:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/graphics2_win.cpp:76:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/graphics2_win.cpp:118:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/graphics2_win.cpp:150:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char window_title[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/graphics2_win.cpp:416:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/graphics_lib.cpp:65:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char graphics_lib[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/graphics_lib.cpp:66:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char resolved_name[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/gutil.h:161:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char text[PANEL_MAX_LINES][256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/gutil_text.cpp:140:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[4096]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/gutil_text.cpp:163:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[4096]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/gutil_text.cpp:188:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[4096]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/gutil_text.cpp:211:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[4096]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/gutil_text.cpp:270:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(pos1, pos, sizeof(pos0)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/gutil_text.cpp:272:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(pos2, pos1, sizeof(pos0)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/gutil_text.cpp:274:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(pos3, pos2, sizeof(pos0)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/gutil_text.cpp:291:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(posa0, pos0, sizeof(pos0)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/gutil_text.cpp:292:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(posa1, pos1, sizeof(pos0)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/gutil_text.cpp:293:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(posa2, pos2, sizeof(pos0)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/gutil_text.cpp:294:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(posa3, pos3, sizeof(pos0)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/gutil_text.cpp:330:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[8192]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/gutil_text.cpp:351:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(p, pos, sizeof(pos)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/mac_icon.cpp:157:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[MAXPATHLEN], *c; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/mac_icon.cpp:175:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "ps -wcp %d -o command=", myPID); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/mac_icon.cpp:201:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[1024], resolvedPath[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/mac_icon.cpp:233:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/make_app_icon_h.cpp:47:14: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). inFile = fopen(argv[1], "rb"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/make_app_icon_h.cpp:53:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). outFile = fopen(argv[2], "w"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/reduce_main.cpp:135:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(rrow(ry), in, rdimx*sizeof(float)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/static_graphics.cpp:56:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filename[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/windows_opengl.cpp:144:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char window_title[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/windows_opengl.cpp:456:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[MSG_CHANNEL_SIZE]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/x_opengl.cpp:257:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char window_title[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/x_opengl.cpp:468:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[MSG_CHANNEL_SIZE]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/apps/1sec.cpp:33:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* f = fopen("out", "w"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/apps/concat.cpp:38:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char res_name2[512]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/apps/concat.cpp:40:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* f = fopen("temp", "w"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/apps/concat.cpp:58:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/apps/concat.cpp:107:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char file_name[512]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/apps/concat.cpp:120:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). state = fopen(file_name, "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/apps/concat.cpp:132:18: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). retval = out.open(file_name, mode); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/apps/concat.cpp:140:14: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). in = fopen(file_name, "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/apps/upper_case.cpp:94:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* f = fopen("temp", "w"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/apps/upper_case.cpp:137:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char input_path[512], output_path[512], chkpt_path[512], buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/apps/upper_case.cpp:189:22: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). retval = out.open(output_path, "ab"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/apps/upper_case.cpp:191:22: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). retval = out.open(output_path, "wb"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/acct_mgr.cpp:59:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/acct_mgr.cpp:140:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gui_rpc_password[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/acct_mgr.cpp:142:26: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* pwdf = fopen(GUI_RPC_PASSWD_FILE, "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/acct_mgr.cpp:238:24: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* fprefs = fopen(GLOBAL_PREFS_FILE_NAME, "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/acct_mgr.cpp:289:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/acct_mgr.cpp:527:19: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* f = fopen(ACCT_MGR_REPLY_FILENAME, "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/acct_mgr.cpp:847:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen(ACCT_MGR_URL_FILENAME, "w"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/acct_mgr.cpp:878:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen(ACCT_MGR_LOGIN_FILENAME, "w"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/acct_mgr.cpp:915:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[4096]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/acct_mgr.cpp:1038:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). p = fopen(ACCT_MGR_URL_FILENAME, "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/acct_mgr.cpp:1083:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). p = fopen(ACCT_MGR_LOGIN_FILENAME, "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/acct_mgr.h:51:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char login_name[256]; // unique name (could be email addr) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/acct_mgr.h:52:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char user_name[256]; // non-unique name data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/acct_mgr.h:53:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char team_name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/acct_mgr.h:54:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char password_hash[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/acct_mgr.h:56:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char authenticator[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/acct_mgr.h:57:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char opaque[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/acct_mgr.h:59:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char signing_key[MAX_KEY_LEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/acct_mgr.h:60:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char previous_host_cpid[64]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/acct_mgr.h:77:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cookie_failure_url[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/acct_mgr.h:148:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char url_signature[MAX_SIGNATURE_LEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/acct_mgr.h:184:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char host_venue[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/acct_setup.cpp:214:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/acct_setup.cpp:216:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "https://boinc.berkeley.edu/project_list.php"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/acct_setup.cpp:282:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char login_token[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/acct_setup.cpp:285:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256], *p; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/acct_setup.cpp:393:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char url[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app.cpp:531:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char new_path[MAXPATHLEN], old_path[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app.cpp:560:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app.cpp:587:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app.cpp:607:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app.cpp:793:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char result_name[256], project_master_url[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app.cpp:1062:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[MAXPATHLEN], path[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app.cpp:1119:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app.h:125:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char slot_dir[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app.h:127:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char slot_path[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app.h:171:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char web_graphics_url[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app.h:172:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char remote_desktop_addr[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app_config.cpp:138:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app_control.cpp:451:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char err_msg[4096]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app_control.cpp:482:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app_control.cpp:503:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szError[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app_control.cpp:529:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app_control.cpp:630:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[MAXPATHLEN], buf[1024], buf2[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app_control.cpp:661:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[MAXPATHLEN], buf2[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app_control.cpp:709:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app_control.cpp:790:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errmsg[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app_control.cpp:870:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app_control.cpp:887:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "exceeded elapsed time limit %.2f (%.2fG/%.2fG)", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app_control.cpp:907:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "working set size > workunit.rsc_memory_bound: %.2fMB > %.2fMB", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app_control.cpp:920:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "working set size > client RAM limit: %.2fMB > %.2fMB", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app_control.cpp:980:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app_control.cpp:1385:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg_buf[MSG_CHANNEL_SIZE]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app_control.cpp:1473:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg_buf[MSG_CHANNEL_SIZE]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app_control.cpp:1489:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg_buf[MSG_CHANNEL_SIZE]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app_control.cpp:1558:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[512]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app_control.cpp:1587:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app_control.cpp:1618:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[4096], path[MAXPATHLEN], s[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app_graphics.cpp:43:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[MSG_CHANNEL_SIZE], buf2[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app_graphics.cpp:92:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[MSG_CHANNEL_SIZE]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app_start.cpp:126:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app_start.cpp:138:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, " --device %d", coproc->device_nums[k]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app_start.cpp:149:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char seg_name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app_start.cpp:161:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(shmem_seg_name, "boinc_%d", i); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app_start.cpp:163:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char init_data_path[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app_start.cpp:301:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char init_data_path[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app_start.cpp:335:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app_start.cpp:336:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dir_path[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app_start.cpp:381:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char link_path[MAXPATHLEN], rel_file_path[MAXPATHLEN], open_name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app_start.cpp:460:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char file_path[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app_start.cpp:473:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char slotfile[MAXPATHLEN], projfile[256], open_name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app_start.cpp:552:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char exec_name[256], file_path[MAXPATHLEN], buf[MAXPATHLEN], exec_path[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app_start.cpp:553:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cmdline[80000]; // 64KB plus some extra data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app_start.cpp:714:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char slotdirpath[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app_start.cpp:715:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char error_msg[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app_start.cpp:716:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char error_msg2[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app_start.cpp:862:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char current_dir[_MAX_PATH]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app_start.cpp:930:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char current_dir[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app_start.cpp:961:30: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int fd = open(buf, O_RDWR | O_CREAT, 0660); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app_start.cpp:1018:18: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int fd = open("/dev/null", O_RDWR); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app_start.cpp:1030:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char libpath[8192]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app_start.cpp:1031:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char newlibs[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app_start.cpp:1098:27: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* f = fopen("/dev/cpuctl/apps/bg_non_interactive/tasks", "w"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app_start.cpp:1128:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char switcher_path[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app_start.cpp:1183:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char err_msg[4096]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app_start.cpp:1237:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app_start.cpp:1346:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/async_file.cpp:78:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dir[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/async_file.cpp:114:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buf[BUFSIZE]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/async_file.cpp:161:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char err_msg[4096]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/async_file.cpp:195:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dir[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/async_file.cpp:226:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char binout[16]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/async_file.cpp:227:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char md5_buf[64]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/async_file.cpp:232:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(md5_buf+2*i, "%02x", binout[i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/async_file.cpp:277:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buf[BUFSIZE]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/async_file.h:49:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char to_path[MAXPATHLEN], temp_path[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/async_file.h:70:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char inpath[MAXPATHLEN], temp_path[MAXPATHLEN], outpath[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/auto_update.cpp:71:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/auto_update.cpp:115:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dir[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/auto_update.cpp:181:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char version_dir[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/auto_update.cpp:182:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cwd[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/auto_update.cpp:183:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *argv[10]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/auto_update.cpp:268:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/boinc_cmd.cpp:195:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char passwd_buf[256], hostname_buf[256], *hostname=0; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/boinc_cmd.cpp:246:20: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). port = atoi(q+1); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/boinc_cmd.cpp:253:28: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). port = atoi(p+1); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/boinc_cmd.cpp:404:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char url[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/boinc_cmd.cpp:486:31: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). pi.http_server_port = atoi(next_arg(argc, argv, i)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/boinc_cmd.cpp:490:32: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). pi.socks_server_port = atoi(next_arg(argc, argv, i)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/boinc_cmd.cpp:509:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). seqno = atoi(next_arg(argc, argv, i)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/boinc_cmd.cpp:531:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). seqno = atoi(next_arg(argc, argv, i)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/boinc_cmd.cpp:580:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). int operand = atoi(argv[2]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/boinc_cmd.cpp:671:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(a.name, "uppercase"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/boinc_log.cpp:59:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char g_log_filename[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/boinc_log.cpp:106:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/boinc_log.cpp:107:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char datadir[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/boinc_log.cpp:108:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char hostname_buf[256], passwd_buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/boinc_log.cpp:152:24: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). port = atoi(p+1); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/boinc_log.cpp:201:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen(g_log_filename, "w"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/check_security.cpp:58:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char boinc_master_user_name[64]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/check_security.cpp:59:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char boinc_master_group_name[64]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/check_security.cpp:60:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char boinc_project_user_name[64]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/check_security.cpp:61:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char boinc_project_group_name[64]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/check_security.cpp:79:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dir_path[MAXPATHLEN], full_path[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/check_security.cpp:490:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char full_path[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/check_security.cpp:630:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256], *p, *q; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/check_security.cpp:635:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "ps -xwo command -p %d", (int)aPID); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_msgs.cpp:58:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char message[1024], event_msg[2048], evt_message[2048]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_msgs.cpp:95:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_msgs.cpp:142:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[8192]; // output can be much longer than format data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_msgs.cpp:156:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[8192]; // output can be much longer than format data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_msgs.cpp:198:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_msgs.h:33:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char project_name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_state.cpp:209:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256], buf2[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_state.cpp:440:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_state.cpp:449:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_state.cpp:512:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* f = fopen(CLIENT_BRAND_FILENAME, "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_state.cpp:523:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen(KEYWORD_FILENAME, "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_state.cpp:1084:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_state.cpp:1210:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_state.cpp:1332:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char relpath[MAXPATHLEN], path[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_state.cpp:1924:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_state.cpp:2143:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_state.cpp:2320:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_state.cpp:2324:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "%d", p->hostid); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_state.h:111:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char language[16]; // ISO language code reported by GUI data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_state.h:112:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char client_brand[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_state.h:142:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char detach_project_url[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_state.h:144:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char reset_project_url[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_state.h:146:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char update_prefs_url[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_state.h:148:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char main_host_venue[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_state.h:150:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char attach_project_url[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_state.h:151:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char attach_project_auth[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_state.h:163:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sysmon_msg[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_types.cpp:248:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pathname[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_types.cpp:296:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf2[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_types.cpp:437:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_types.cpp:541:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_types.cpp:605:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_types.cpp:678:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_types.cpp:700:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[BUFSIZE]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_types.cpp:701:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char inpath[MAXPATHLEN], outpath[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_types.cpp:729:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buf[BUFSIZE]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_types.cpp:730:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char inpath[MAXPATHLEN], outpath[MAXPATHLEN], tmppath[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_types.cpp:755:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char binout[16]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_types.cpp:758:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(md5_buf+2*i, "%02x", binout[i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_types.cpp:1103:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_types.h:102:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_types.h:103:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char md5_cksum[MD5_LEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_types.h:133:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char xml_signature[MAX_SIGNATURE_LEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_types.h:135:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char file_signature[MAX_SIGNATURE_LEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_types.h:176:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char file_name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_types.h:178:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char open_name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_types.h:244:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char master_url[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_types.h:245:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char project_name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_types.h:258:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_types.h:259:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char user_friendly_name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_types.h:300:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char app_name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_types.h:302:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char platform[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_types.h:303:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char plan_class[64]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_types.h:304:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char api_version[16]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_types.h:309:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cmdline[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_types.h:311:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char file_prefix[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_types.h:320:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char graphics_exec_path[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_types.h:321:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char graphics_exec_file[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_types.h:330:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char missing_coproc_name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_types.h:367:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_types.h:368:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char app_name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cpu_sched.cpp:1473:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char err_msg[4096]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_account.cpp:58:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_account.cpp:101:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf2[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_account.cpp:202:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char attr_buf[256], venue[256], path[MAXPATHLEN], buf2[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_account.cpp:292:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_account.cpp:461:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_account.cpp:507:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[MAXPATHLEN], canonical_master_url[256], auth[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_account.cpp:574:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen(path, "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_apps.cpp:107:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_benchmark.cpp:112:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char error_str[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_benchmark.cpp:119:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filename[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_benchmark.cpp:130:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *file_names[2] = {"do_fp", "do_int"}; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_benchmark.cpp:365:19: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* f = fopen(desc.filename, "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_cmdline.cpp:158:46: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). else exit_after_app_start_secs = atoi(argv[++i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_cmdline.cpp:172:44: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). else file_xfer_giveup_period = atoi(argv[++i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_cmdline.cpp:175:41: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). else cmdline_gui_rpc_port = atoi(argv[++i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_cmdline.cpp:187:42: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). else master_fetch_interval = atoi(argv[++i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_cmdline.cpp:190:40: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). else master_fetch_period = atoi(argv[++i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_cmdline.cpp:193:43: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). else master_fetch_retry_cap = atoi(argv[++i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_cmdline.cpp:204:32: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). else pers_giveup = atoi(argv[++i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_cmdline.cpp:207:41: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). else pers_retry_delay_max = atoi(argv[++i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_cmdline.cpp:210:41: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). else pers_retry_delay_min = atoi(argv[++i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_cmdline.cpp:220:30: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). else retry_cap = atoi(argv[++i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_cmdline.cpp:229:42: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). else sched_retry_delay_max = atoi(argv[++i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_cmdline.cpp:232:42: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). else sched_retry_delay_min = atoi(argv[++i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_files.cpp:109:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char file[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_files.cpp:175:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cksum[64], pathname[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_files.cpp:195:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gzpath[MAXPATHLEN+16]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_files.cpp:420:21: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[MAXPATHLEN], from_path[MAXPATHLEN+16], to_path[MAXPATHLEN+16]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_files.cpp:479:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_notice.cpp:60:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char url[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_notice.cpp:101:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_notice.cpp:103:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* f = fopen(buf, "w"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_notice.cpp:191:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char day_name[64], month_name[64]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_notice.cpp:220:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_notice.cpp:456:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* f = fopen(path, "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_notice.cpp:503:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_notice.cpp:510:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* f = fopen(path, "w"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_notice.cpp:616:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_notice.cpp:622:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_notice.cpp:631:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_notice.cpp:668:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_notice.cpp:757:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_notice.cpp:775:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char file_name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_notice.cpp:789:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char url[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_notice.cpp:801:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char file_name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_notice.cpp:832:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* f = fopen(file_name, "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_notice.cpp:860:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_notice.cpp:863:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen(path, "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_notice.cpp:993:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* f = fopen(NOTICES_DIR"/feeds.xml", "w"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_notice.cpp:1002:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_notice.h:101:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char url[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_notice.h:102:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char url_base[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_notice.h:103:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char project_name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_platforms.cpp:121:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cmdline[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_platforms.cpp:239:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *f=fopen(exe64,"r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_platforms.cpp:240:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *argv[3]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_prefs.cpp:86:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_prefs.cpp:540:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_prefs.cpp:646:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen(override_fname, "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_scheduler.cpp:83:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_scheduler.cpp:171:24: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* fprefs = fopen(GLOBAL_PREFS_FILE_NAME, "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_scheduler.cpp:563:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024], filename[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_scheduler.cpp:576:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen(filename, "rb"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_scheduler.cpp:1200:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_statefile.cpp:60:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_statefile.cpp:129:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* f = fopen(fname, "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_statefile.cpp:607:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char win_error_msg[4096]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_statefile.cpp:619:21: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). retval = mf.open(STATE_FILE_NEXT, "wc"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_statefile.cpp:621:21: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). retval = mf.open(STATE_FILE_NEXT, "w"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_statefile.cpp:841:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_statefile.cpp:848:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen(path, "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_statefile.cpp:871:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256], path[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_trickle.cpp:52:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *p, *q, result_name[256], fname[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_trickle.cpp:72:13: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). t = atoi(p+1); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_trickle.cpp:117:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[MAXPATHLEN], fname[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_trickle.cpp:138:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_trickle.cpp:139:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char result_name[256], path[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_trickle.cpp:151:23: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* f = fopen(path, "w"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/current_version.cpp:148:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf2[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/current_version.cpp:171:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/current_version.cpp:197:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256], new_version[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/dhrystone.cpp:107:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy (Ptr_Glob->variant.var_1.Str_Comp, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/dhrystone.cpp:109:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy (Str_1_Loc, "DHRYSTONE PROGRAM, 1'ST STRING"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/dhrystone.cpp:131:13: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy (Str_2_Loc, "DHRYSTONE PROGRAM, 2'ND STRING"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/dhrystone.cpp:147:17: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy (Str_2_Loc, "DHRYSTONE PROGRAM, 3'RD STRING"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/dhrystone.h:9:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. typedef char Str_30[31]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/dhrystone.h:20:19: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char Str_Comp [31]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/dhrystone.h:24:19: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char Str_2_Comp [31]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/file_names.cpp:72:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[std::max(len,MAXPATHLEN)]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/file_names.cpp:94:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char url[std::max(len,MAXPATHLEN)]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/file_names.cpp:101:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char url[std::max(len,MAXPATHLEN)]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/file_names.cpp:108:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char url[std::max(len,MAXPATHLEN)]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/file_names.cpp:115:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char url[std::max(len,MAXPATHLEN)]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/file_names.cpp:179:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/file_names.cpp:223:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filename[MAXPATHLEN], path[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/file_names.cpp:237:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char init_data_path[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/file_names.cpp:265:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/file_names.cpp:314:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/file_xfer.cpp:176:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/file_xfer.cpp:256:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pathname[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/file_xfer.h:36:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pathname[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/file_xfer.h:37:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char header[8192]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gpu_amd.cpp:116:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gpu_amd.cpp:406:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gpu_amd.cpp:466:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gpu_detect.cpp:107:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char client_dir[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gpu_detect.cpp:121:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gpu_detect.cpp:219:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256], buf2[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gpu_detect.cpp:619:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char quoted_data_dir[MAXPATHLEN+2]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gpu_detect.cpp:620:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char data_dir[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gpu_detect.cpp:637:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char execpath[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gpu_detect.cpp:699:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[200]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gpu_detect.cpp:701:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf2[200]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gpu_nvidia.cpp:109:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char driver_string[81]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gpu_nvidia.cpp:246:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gpu_nvidia.cpp:375:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "NVIDIA drivers present but no GPUs found"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gpu_nvidia.cpp:382:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "cuDriverGetVersion() returned %d", retval); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gpu_nvidia.cpp:391:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "cuDeviceGetCount() returned %d", retval); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gpu_nvidia.cpp:403:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "cuDeviceGet(%d) returned %d", j, retval); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gpu_nvidia.cpp:409:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "cuDeviceGetName(%d) returned %d", j, retval); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gpu_nvidia.cpp:554:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gpu_opencl.cpp:153:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char vers[100], *p1 = NULL; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gpu_opencl.cpp:167:17: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). major = atoi(vers); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gpu_opencl.cpp:170:17: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). minor = atoi(p1+1); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gpu_opencl.cpp:194:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char platform_version[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gpu_opencl.cpp:195:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char platform_vendor[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gpu_opencl.cpp:196:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gpu_opencl.cpp:627:21: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf2[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gpu_opencl.cpp:628:21: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf2, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gpu_opencl.cpp:729:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gpu_opencl.cpp:1103:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(op.vendor, "ARM"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gpu_opencl.cpp:1111:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(op.extensions, "cl_khr_global_int32_base_atomics cl_khr_global_int32_extended_atomics cl_khr_local_int32_base_atomics cl_khr_local_int32_extended_atomics cl_khr_byte_addressable_store cl_khr_3d_image_writes cl_khr_fp64 cl_khr_int64_base_atomics cl_khr_int64_extended_atomics cl_khr_fp16 cl_khr_gl_sharing cl_khr_icd cl_khr_egl_event cl_khr_egl_image cl_khr_image2d_from_buffer cl_arm_core_id cl_arm_printf cl_arm_thread_limit_hint cl_arm_non_uniform_work_group_size cl_arm_import_memory"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gpu_opencl.cpp:1116:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(op.opencl_platform_version, "OpenCL 1.2 v1.r14p0-01rel0.0fe2d25ca074016740f8ab3fb451b151"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gpu_opencl.cpp:1117:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(op.opencl_device_version, "OpenCL 1.2 v1.r14p0-01rel0.0fe2d25ca074016740f8ab3fb451b151"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gpu_opencl.cpp:1118:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(op.opencl_driver_version, "1.2"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gpu_opencl.cpp:1145:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char opencl_name[256], iokit_name[256], buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gpu_opencl.cpp:1245:58: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. strlcpy(iokit_name, (char *)CFDataGetBytePtr(modelName[j]), sizeof(iokit_name)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gpu_opencl.cpp:1253:79: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ati_opencls[ati_gpu_index].name, (char *)CFDataGetBytePtr(modelName[j]) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gui_rpc_server.cpp:129:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* f = fopen(GUI_RPC_PASSWD_FILE, "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gui_rpc_server.cpp:153:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen(GUI_RPC_PASSWD_FILE, "w"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gui_rpc_server.cpp:195:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gui_rpc_server.cpp:201:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* f = fopen(REMOTEHOST_FILE_NAME, "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gui_rpc_server.cpp:256:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(&addr.sun_path[1], "edu_berkeley_boinc_client_socket"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gui_rpc_server.cpp:388:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gui_rpc_server.h:49:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char request_msg[GUI_RPC_REQ_MSG_SIZE+1]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gui_rpc_server.h:51:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char nonce[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gui_rpc_server.h:113:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char password[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gui_rpc_server_ops.cpp:89:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(nonce, "%f", dtime()); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gui_rpc_server_ops.cpp:94:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char nonce_hash[256], nonce_hash_correct[256], buf2[512]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gui_rpc_server_ops.cpp:177:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gui_rpc_server_ops.cpp:577:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char result_name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gui_rpc_server_ops.cpp:1131:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[65536]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gui_rpc_server_ops.cpp:1182:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gui_rpc_server_ops.cpp:1204:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[65536]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gui_rpc_server_ops.cpp:1252:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gui_rpc_server_ops.cpp:1347:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char screensaverLoginUser[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gui_rpc_server_ops.cpp:1352:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pidString[10]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gui_rpc_server_ops.cpp:1418:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char screensaverLoginUser[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gui_rpc_server_ops.cpp:1419:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char switcher_path[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gui_rpc_server_ops.cpp:1421:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char current_dir[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gui_rpc_server_ops.cpp:1425:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cmd[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gui_rpc_server_ops.cpp:1472:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen("/Library/Application Support/BOINC Data/Branding", "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gui_rpc_server_ops.cpp:1534:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char theSlot[10]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gui_rpc_server_ops.cpp:1535:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(theSlot, "%d", slot); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gui_rpc_server_ops.cpp:1598:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char salt[64]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gui_rpc_server_ops.cpp:1606:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024], my_hash[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gui_rpc_server_ops.cpp:1644:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char auth_hash[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gui_rpc_server_ops.cpp:1747:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char alt_req_tag[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gui_rpc_server_ops.cpp:1902:13: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). int n = atoi(p); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gui_rpc_server_ops.cpp:1969:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gui_rpc_server_ops.cpp:2015:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gui_rpc_server_ops.cpp:2103:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_linux.cpp:42:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_linux.cpp:70:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256], buf2[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_linux.cpp:71:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dist_pretty[256], dist_name[256], dist_version[256], dist_codename[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_network.cpp:68:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_network.cpp:110:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_network.cpp:145:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256+MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_network.cpp:146:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dir[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix.cpp:232:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char path[64] = ""; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix.cpp:236:22: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *fapm = fopen("/proc/apm", "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix.cpp:254:21: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). facpi = fopen(path, "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix.cpp:261:25: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). facpi = fopen(path, "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix.cpp:272:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix.cpp:283:20: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fsys = fopen(path, "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix.cpp:308:26: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* fapm = fopen("/proc/apm", "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix.cpp:311:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char apm_driver_version[11]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix.cpp:333:27: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *facpi = fopen(path, "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix.cpp:336:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[128]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix.cpp:350:26: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *fsys = fopen(path, "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix.cpp:420:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix.cpp:422:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* f = fopen("/proc/meminfo", "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix.cpp:451:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024], features[P_FEATURES_SIZE], model_buf[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix.cpp:459:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char implementer[32] = {0}, architecture[32] = {0}, variant[32] = {0}, cpu_part[32] = {0}, revision[32] = {0}; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix.cpp:462:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf2[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix.cpp:464:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* f = fopen("/proc/cpuinfo", "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix.cpp:570:30: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). family = atoi(testc); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix.cpp:583:22: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). family = atoi(buf+strlen("cpu family\t: ")); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix.cpp:588:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). model = atoi(buf+strlen("model\t\t: ")); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix.cpp:592:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). model = atoi(buf+strlen("model : ")); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix.cpp:597:24: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). stepping = atoi(buf+strlen("stepping\t: ")); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix.cpp:669:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "Family %d ", family); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix.cpp:673:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "Model %d ", model); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix.cpp:677:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "Stepping %d", stepping); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix.cpp:726:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char vendor[13]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix.cpp:728:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char capabilities[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix.cpp:738:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(vendor, &p[1], 4); // copy EBX data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix.cpp:739:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(vendor+4, &p[3], 4); // copy EDX data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix.cpp:740:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(vendor+8, &p[2], 4); // copy ECX data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix.cpp:766:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix.cpp:782:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char brand_string[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix.cpp:783:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char features[P_FEATURES_SIZE]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix.cpp:859:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char brand_string[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix.cpp:888:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[49]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix.cpp:898:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(name, &nameInfo.regs.eax, 4); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix.cpp:899:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(name + 4, &nameInfo.regs.ebx, 4); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix.cpp:900:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(name + 8, &nameInfo.regs.ecx, 4); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix.cpp:901:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(name + 12, &nameInfo.regs.edx, 4); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix.cpp:942:18: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char *kFeatures[32] = { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix.cpp:955:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[12]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix.cpp:968:22: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char *kFeatures2[32] = { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix.cpp:1083:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cmd [MAXPATHLEN+35]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix.cpp:1084:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix.cpp:1193:10: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen("/sys/devices/system/cpu/present", "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix.cpp:1294:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix.cpp:1375:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024] = ""; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix.cpp:1452:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dist_name[256], dist_version[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix.cpp:1467:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen(file_osrelease, "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix.cpp:1477:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen(file_redhatrelease, "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix.cpp:1583:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char devname[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix.cpp:1584:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fullname[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix.cpp:1735:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tty[5 + sizeof u->ut_line + 1] = "/dev/"; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix.cpp:1759:22: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((ufp = fopen(UTMP_LOCATION, "r")) == NULL) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix.cpp:1761:22: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((ufp = fopen(UTMP_FILE, "r")) == NULL) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix.cpp:1763:22: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((ufp = fopen(_PATH_UTMP, "r")) == NULL) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix.cpp:1765:22: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((ufp = fopen("/etc/utmp", "r")) == NULL) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix_test.cpp:153:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024] = ""; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix_test.cpp:204:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256], buf2[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix_test.cpp:205:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dist_pretty[256], dist_name[256], dist_version[256], dist_codename[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix_test.cpp:331:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix_test.cpp:353:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256], features[1024], model_buf[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix_test.cpp:362:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char implementer[32] = {0}, architecture[32] = {0}, variant[32] = {0}, cpu_part[32] = {0}, revision[32] = {0}; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix_test.cpp:365:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char p_vendor[256], p_model[256], product_name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix_test.cpp:366:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char os_name[256], os_version[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix_test.cpp:368:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf2[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix_test.cpp:372:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* f = fopen("/proc/cpuinfo", "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix_test.cpp:472:30: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). family = atoi(testc); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix_test.cpp:486:22: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). family = atoi(buf+strlen("cpu family\t: ")); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix_test.cpp:491:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). model = atoi(buf+strlen("model\t\t: ")); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix_test.cpp:495:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). model = atoi(buf+strlen("model : ")); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix_test.cpp:500:24: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). stepping = atoi(buf+strlen("stepping\t: ")); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix_test.cpp:573:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "Family %d ", family); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix_test.cpp:577:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "Model %d ", model); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix_test.cpp:581:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "Stepping %d", stepping); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix_test.cpp:666:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dist_pretty[256], dist_name[256], dist_version[256], dist_codename[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix_test.cpp:682:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen(file_osrelease, "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix_test.cpp:692:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen(file_redhatrelease, "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_win.cpp:339:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szVersion[128]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_win.cpp:340:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szSKU[128]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_win.cpp:341:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szServicePack[128]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_win.cpp:870:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szProductType[80]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_win.cpp:1302:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char vendor_name[256], processor_name[256], features[P_FEATURES_SIZE]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_win.cpp:1376:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szInstallDir[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_win.cpp:1377:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szVersion[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_wsl.cpp:40:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char default_wsl_guid[buf_len]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_wsl.cpp:50:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char wsl_guid[buf_len]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_wsl.cpp:68:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char wsl_name[buf_len]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_wsl.cpp:112:21: [2] (buffer) MultiByteToWideChar: Requires maximum length in CHARACTERS, not bytes (CWE-120). const int len = MultiByteToWideChar(CP_ACP, 0, s.c_str(), slength, 0, 0); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_wsl.cpp:114:5: [2] (buffer) MultiByteToWideChar: Requires maximum length in CHARACTERS, not bytes (CWE-120). MultiByteToWideChar(CP_ACP, 0, s.c_str(), slength, buf, len); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_wsl.cpp:173:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[bufsize]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_wsl.cpp:199:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256], ostype_found[256], osrelease_found[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_wsl.cpp:270:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char wsl_dist_name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_wsl.cpp:271:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char wsl_dist_version[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/http_curl.cpp:64:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char g_user_agent_string[256] = {""}; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/http_curl.cpp:79:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/http_curl.cpp:135:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ptr, (void*)(phop->req1 + phop->lSeek), stRead); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/http_curl.cpp:191:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char hdr[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/http_curl.cpp:192:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[2048], *p = buf; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/http_curl.cpp:378:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char noproxy[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/http_curl.cpp:427:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/http_curl.cpp:496:9: [2] (buffer) TCHAR: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. TCHAR szPath[MAX_PATH-1]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/http_curl.cpp:1181:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filename[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/http_curl.h:60:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char m_url[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/http_curl.h:61:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char m_curl_ca_bundle_location[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/http_curl.h:63:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char m_curl_user_credentials[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/http_curl.h:68:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char request_header[4096]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/http_curl.h:88:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char infile[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/http_curl.h:96:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char outfile[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/http_curl.h:105:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char error_msg[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/log_flags.cpp:71:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/log_flags.cpp:127:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char t[256], app_name[256], dev[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/log_flags.cpp:173:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* f = fopen(REMOTEHOST_FILE_NAME, "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/log_flags.cpp:178:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/mac_address.cpp:138:17: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buffer, "%02x:%02x:%02x:%02x:%02x:%02x", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/mac_address.cpp:166:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(address, "%02x:%02x:%02x:%02x:%02x:%02x", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/mac_address.cpp:201:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/main.cpp:77:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char evt_msg[2048]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/main.cpp:106:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char evt_msg[2048]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/main.cpp:109:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/main.cpp:138:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char evt_msg[2048]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/main.cpp:468:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char commandLine[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/main.cpp:469:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char execpath[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/net_stats.cpp:336:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* f = fopen(DAILY_XFER_HISTORY_FILENAME, "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/net_stats.cpp:384:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* f = fopen(TEMP_FILE_NAME, "w"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/pers_file_xfer.cpp:97:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pathname[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/project.cpp:168:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/project.cpp:189:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/project.cpp:373:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char un[2048], tn[2048]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/project.cpp:725:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/project.cpp:783:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char link_path[MAXPATHLEN], file_path[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/project.cpp:945:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/project.h:27:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char _project_dir[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/project.h:28:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char _project_dir_absolute[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/project.h:33:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char authenticator[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/project.h:76:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char host_venue[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/project.h:89:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char symstore[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/project.h:91:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char user_name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/project.h:92:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char team_name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/project.h:93:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char email_hash[MD5_LEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/project.h:94:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cross_project_id[MD5_LEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/project.h:96:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char external_cpid[MD5_LEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/project.h:205:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char code_sign_key[MAX_KEY_LEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/project_list.cpp:50:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* f = fopen(ALL_PROJECTS_LIST_FILENAME, "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/result.cpp:449:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/result.cpp:461:25: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf2[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/result.cpp:462:25: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf2, "%d", cp.device_nums[coproc_indices[i]]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/result.cpp:573:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filename[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/result.cpp:575:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* f = fopen(filename, "ab"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/result.h:24:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/result.h:25:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char wu_name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/result.h:29:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char plan_class[64]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/result.h:30:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char platform[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/result.h:192:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char resources[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/result.h:197:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char schedule_backoff_reason[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/result.h:236:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char project_url[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/result.h:237:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char result_name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/result.h:238:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char app_name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/rr_sim.cpp:313:21: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/rr_sim.cpp:551:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/rrsim_test.cpp:34:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/rrsim_test.cpp:54:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/rrsim_test.cpp:127:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[8192]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/sandbox.cpp:60:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char util_path[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/sandbox.cpp:61:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char command [1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/sandbox.cpp:62:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/sandbox.cpp:170:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cmd[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/sandbox.cpp:192:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cmd[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/sandbox.cpp:313:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filename[MAXPATHLEN], path[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/scheduler_op.cpp:94:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char err_msg[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/scheduler_op.cpp:161:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/scheduler_op.cpp:240:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char request_file[1024], reply_file[1024], buf[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/scheduler_op.cpp:303:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char master_filename[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/scheduler_op.cpp:329:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256], buf2[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/scheduler_op.cpp:330:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char master_filename[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/scheduler_op.cpp:466:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/scheduler_op.cpp:588:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256], msg_buf[1024], pri_buf[256], attr_buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/scheduler_op.h:62:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char scheduler_url[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/scheduler_op.h:107:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char master_url[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/scheduler_op.h:108:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char host_venue[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/sim.cpp:97:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char log_filename[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/sim.cpp:253:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/sim.cpp:344:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256], buf2[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/sim.cpp:456:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "got %lu tasks<br>", new_results.size()); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/sim.cpp:554:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/sim.cpp:836:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/sim.cpp:862:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "<td>%d</td>", rp->coproc_indices[0]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/sim.cpp:901:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/sim.cpp:904:16: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). html_out = fopen(buf, "w"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/sim.cpp:1034:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gp_fname[256], cmd[256], png_fname[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/sim.cpp:1037:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* f = fopen(gp_fname, "w"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/sim.cpp:1060:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/sim.cpp:1062:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* f = fopen(buf, "w"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/sim.cpp:1412:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256], buf2[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/sim.cpp:1422:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen(buf, "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/sim.cpp:1511:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen(buf, "w"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/sim.cpp:1515:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen(buf, "w"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/sim.cpp:1554:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/sim.cpp:1592:18: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). index_file = fopen(buf, "w"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/sim.cpp:1595:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). logfile = fopen(log_filename, "w"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/sim.cpp:1603:16: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). rec_file = fopen(buf, "w"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/sim.cpp:1606:20: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). summary_file = fopen(buf, "w"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/sim_util.cpp:59:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/sim_util.cpp:60:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf2[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/sim_util.cpp:65:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf2, "1 day "); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/sim_util.cpp:67:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf2, "%d days ", n); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/sim_util.cpp:82:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char message[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/sim_util.cpp:131:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/switcher.cpp:46:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char boinc_project_user_name[256], boinc_project_group_name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/switcher.cpp:47:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char boinc_master_user_name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/switcher.cpp:52:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char libpath[8192]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/switcher.cpp:53:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char newlibs[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/switcher.cpp:57:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char current_dir[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/switcher.cpp:60:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(boinc_project_user_name, "boinc_project"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/switcher.cpp:61:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(boinc_project_group_name, "boinc_project"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/switcher.cpp:62:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(boinc_master_user_name, "boinc_master"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/switcher.cpp:132:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen(INIT_DATA_FILE, "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/switcher.cpp:148:9: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(newlibs, ":/usr/local/cuda/lib/"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/switcher.cpp:190:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cmd[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/sysmon_win.cpp:314:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[1024], buf[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/sysmon_win.cpp:483:1: [2] (buffer) TCHAR: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. TCHAR szErr[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/sysmon_win.cpp:691:5: [2] (buffer) TCHAR: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. TCHAR szMsg[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/time_stats.cpp:117:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/time_stats.cpp:124:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* f = fopen(TIME_STATS_LOG, "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/time_stats.cpp:126:16: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* f2 = fopen(TEMP_TIME_STATS_FILE_NAME, "w"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/time_stats.cpp:143:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/time_stats.cpp:146:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* f = fopen(filename, "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/time_stats.cpp:164:22: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). time_stats_log = fopen(TIME_STATS_LOG, "a"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/time_stats.cpp:226:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/time_stats.cpp:463:22: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). time_stats_log = fopen(TIME_STATS_LOG, "a"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/work_fetch.cpp:323:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/work_fetch.cpp:363:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024], buf2[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/work_fetch.cpp:739:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/work_fetch.cpp:943:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf2[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/work_fetch.cpp:985:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/work_fetch.cpp:1273:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf2[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/AdvancedFrame.cpp:1478:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/AdvancedFrame.cpp:1479:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/BOINCClientManager.cpp:268:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/BOINCClientManager.cpp:269:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *argv[5]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/BOINCClientManager.cpp:291:9: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(buf, "/Contents/Resources/boinc"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/BOINCGUIApp.cpp:177:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char displayName[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/BOINCGUIApp.cpp:314:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path_to_error[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/BOINCGUIApp.cpp:740:5: [2] (buffer) TCHAR: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. TCHAR szPath[MAX_PATH-1]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/BOINCGUIApp.cpp:753:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[PATH_MAX]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/BOINCGUIApp.cpp:771:5: [2] (buffer) TCHAR: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. TCHAR szPath[MAX_PATH-1]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/BOINCGUIApp.cpp:784:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[PATH_MAX]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/BOINCGUIApp.cpp:808:5: [2] (buffer) TCHAR: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. TCHAR szPath[MAX_PATH]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/DlgDiagnosticLogFlags.cpp:158:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[64000]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/DlgDiagnosticLogFlags.cpp:197:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[64000]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/DlgEventLog.cpp:1068:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[80]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/MainDocument.cpp:129:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/MainDocument.cpp:1604:12: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). slot = atoi(p+1); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/MainDocument.cpp:1707:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char currentDir[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/MainDocument.cpp:1708:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char thePIDbuf[20]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/MainDocument.cpp:1824:20: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). slot = atoi(p+1); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/MainDocument.cpp:1852:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pathToCoRD[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/MainDocument.h:124:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char m_szLanguage[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/SkinManager.cpp:104:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/SkinManager.cpp:243:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/SkinManager.cpp:269:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/SkinManager.cpp:391:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/SkinManager.cpp:495:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/SkinManager.cpp:747:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/SkinManager.cpp:796:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/SkinManager.cpp:842:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/SkinManager.cpp:900:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). p = fopen((const char*)ConstructSkinFileName().mb_str(wxConvUTF8), "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/SkinManager.cpp:1016:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/ViewWork.cpp:1229:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[80]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/sg_ProjectPanel.cpp:534:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char proj_dir[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/sg_ProjectPanel.cpp:544:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char defaultIcnPath[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/sg_ProjectPanel.h:27:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char project_url[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/sg_ProjectPanel.h:73:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char m_CurrentSelectedProjectURL[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/sg_TaskPanel.cpp:880:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char proj_dir[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/sg_TaskPanel.cpp:881:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fileName[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/sg_TaskPanel.cpp:882:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char resolvedFileName[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/sg_TaskPanel.h:30:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char result_name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/sg_TaskPanel.h:31:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char project_url[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/Mac_Saver_Module.h:59:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. extern char gUserName[64]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/Mac_Saver_Module.h:100:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char m_gfx_Switcher_Path[PATH_MAX]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/Mac_Saver_Module.h:101:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char m_gfx_Cleanup_Path[PATH_MAX]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/Mac_Saver_Module.h:159:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char m_MessageText[2048]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/gfx_switcher.cpp:89:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char user_name[256], group_name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/gfx_switcher.cpp:90:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfx_app_path[MAXPATHLEN], resolved_path[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/gfx_switcher.cpp:145:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char current_dir[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/gfx_switcher.cpp:191:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char shmem_name[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/gfx_switcher.cpp:249:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char shmem_name[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/gfx_switcher.cpp:267:15: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). pid = atoi(argv[2]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/gfx_switcher.cpp:320:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/gfx_switcher.cpp:323:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen("/Users/Shared/test_log_gfx_switcher.txt", "a"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/mac_saver_module.cpp:107:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char passwd_buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/mac_saver_module.cpp:108:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gUserName[64]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/mac_saver_module.cpp:199:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/mac_saver_module.cpp:309:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char saved_dir[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/mac_saver_module.cpp:445:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char boincPath[2048]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/mac_saver_module.cpp:471:5: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(boincPath, "/Contents/Resources/boinc"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/mac_saver_module.cpp:480:13: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(boincPath, "/Contents/Resources/boinc"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/mac_saver_module.cpp:490:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/mac_saver_module.cpp:932:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/mac_saver_module.cpp:939:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *f = fopen("/Library/Application Support/BOINC Data/Branding", "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/mac_saver_module.cpp:945:13: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(buf, "/Contents/Resources/Branding"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/mac_saver_module.cpp:946:17: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen(buf, "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/mac_saver_module.cpp:962:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open("//Library/Application Support/BOINC Data/lockfile", O_RDONLY); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/mac_saver_module.cpp:1110:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/mac_saver_module.cpp:1117:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen(buf, "a"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/screensaver.cpp:359:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char current_dir[PATH_MAX]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/screensaver.cpp:360:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gfx_pid[16]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/screensaver.cpp:369:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(gfx_pid, "%d", graphics_application); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/screensaver.cpp:503:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char full_path[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/screensaver.cpp:581:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char full_path[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/screensaver.cpp:603:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char shmem_name[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/screensaver.cpp:1034:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/screensaver_win.cpp:380:5: [2] (buffer) TCHAR: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. TCHAR strMsg[512]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/screensaver_win.cpp:1305:5: [2] (buffer) TCHAR: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. TCHAR szError[400]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/screensaver_win.cpp:1465:5: [2] (buffer) TCHAR: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. TCHAR szError[400]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/screensaver_win.cpp:1893:5: [2] (buffer) TCHAR: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. TCHAR szError[400]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/screensaver_win.h:41:5: [2] (buffer) TCHAR: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. TCHAR strDeviceName[128]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/screensaver_win.h:42:5: [2] (buffer) TCHAR: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. TCHAR strMonitorName[128]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/screensaver_win.h:68:5: [2] (buffer) TCHAR: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. TCHAR DeviceName[32]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/screensaver_win.h:69:5: [2] (buffer) TCHAR: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. TCHAR DeviceString[128]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/screensaver_win.h:71:5: [2] (buffer) TCHAR: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. TCHAR DeviceID[128]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/screensaver_win.h:72:5: [2] (buffer) TCHAR: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. TCHAR DeviceKey[128]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/screensaver_win.h:123:5: [2] (buffer) TCHAR: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. TCHAR m_szError[400]; // Error message text data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/screensaver_win.h:256:5: [2] (buffer) TCHAR: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. TCHAR m_strWindowTitle[200]; // Title for the app's window data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/ss_app.cpp:121:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dir[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/ss_app.cpp:127:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dir[256], buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/ss_app.cpp:138:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dir[256], path[256], filename[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/ss_app.cpp:193:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/ss_app.cpp:216:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/ss_app.cpp:218:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "%d", i); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/ss_app.cpp:223:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "%d", i); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/ss_app.cpp:232:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/ss_app.cpp:258:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/ss_app.cpp:265:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/ss_app.cpp:282:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/ss_app.cpp:525:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *f = fopen("/Library/Application Support/BOINC Data/Branding", "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:239:10: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). id = atol(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:240:19: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). create_time = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:243:18: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). deprecated = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:286:10: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). id = atol(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:287:19: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). create_time = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:289:19: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). min_version = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:290:18: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). deprecated = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:292:30: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). homogeneous_redundancy = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:294:12: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). beta = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:295:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). target_nresults = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:297:25: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). host_scale_check = (atoi(r[i++]) != 0); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:298:32: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). homogeneous_app_version = (atoi(r[i++]) != 0); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:299:26: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). non_cpu_intensive = (atoi(r[i++]) != 0); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:300:27: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). locality_scheduling = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:301:22: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). n_size_classes = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:302:28: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). fraction_done_exact = (atoi(r[i++]) != 0); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:343:10: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). id = atol(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:344:19: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). create_time = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:345:13: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). appid = atol(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:346:19: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). version_num = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:347:18: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). platformid = atol(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:349:24: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). min_core_version = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:350:24: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). max_core_version = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:351:18: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). deprecated = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:358:12: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). beta = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:413:10: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). id = atol(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:414:19: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). create_time = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:425:14: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). teamid = atol(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:428:18: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). send_email = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:429:18: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). show_hosts = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:436:19: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). has_profile = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:439:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). email_validated = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:440:15: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). donated = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:457:14: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). userid = atol(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:502:10: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). id = atol(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:503:19: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). create_time = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:504:14: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). userid = atol(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:508:12: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). type = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:511:14: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). nusers = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:611:10: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). id = atol(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:612:19: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). create_time = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:613:14: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). userid = atol(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:614:17: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). rpc_seqno = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:615:16: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). rpc_time = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:619:16: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). timezone = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:623:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). nsame_ip_addr = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:629:15: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). p_ncpus = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:649:22: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). nresults_today = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:653:24: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). _max_results_day = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:660:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[BLOB_SIZE], updates[BLOB_SIZE], query[BLOB_SIZE]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:663:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, " avg_turnaround=%.15e,", avg_turnaround); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:668:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, " error_rate=%.15e,", error_rate); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:673:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, " total_credit=total_credit+%.15e,", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:679:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, " expavg_credit=%.15e,", expavg_credit); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:683:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, " expavg_time=%.15e,", expavg_time); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:688:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, " credit_per_cpu_sec=%.15e,", credit_per_cpu_sec); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:704:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[BLOB_SIZE], updates[BLOB_SIZE], query[BLOB_SIZE]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:707:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, " rpc_seqno=%d,", rpc_seqno); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:711:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, " rpc_time=%d,", rpc_time); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:715:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, " timezone=%d,", timezone); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:737:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, " nsame_ip_addr=%d,", nsame_ip_addr); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:741:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, " on_frac=%.15e,", on_frac); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:745:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, " connected_frac=%.15e,", connected_frac); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:749:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, " active_frac=%.15e,", active_frac); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:753:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, " cpu_efficiency=%.15e,", cpu_efficiency); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:757:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, " duration_correction_factor=%.15e,", duration_correction_factor); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:761:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, " p_ncpus=%d,", p_ncpus); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:777:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, " p_fpops=%.15e,", p_fpops); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:781:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, " p_iops=%.15e,", p_iops); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:785:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, " p_membw=%.15e,", p_membw); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:801:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, " m_nbytes=%.15e,", m_nbytes); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:805:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, " m_cache=%.15e,", m_cache); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:809:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, " m_swap=%.15e,", m_swap); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:813:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, " d_total=%.15e,", d_total); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:817:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, " d_free=%.15e,", d_free); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:821:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, " d_boinc_used_total=%.15e,", d_boinc_used_total); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:825:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, " d_boinc_used_project=%.15e,", d_boinc_used_project); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:829:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, " d_boinc_max=%.15e,", d_boinc_max); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:833:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, " n_bwdown=%.15e,", n_bwdown); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:837:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, " n_bwup=%.15e,", n_bwup); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:847:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, " nresults_today=%d,", nresults_today); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:851:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, " avg_turnaround=%.15e,", avg_turnaround); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:868:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, " max_results_day=%d,", max_results_day); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:879:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, " gpu_active_frac=%.15e,", gpu_active_frac); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:883:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, " p_ngpus=%d,", p_ngpus); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:887:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, " p_gpu_fpops=%.15e,", p_gpu_fpops); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:899:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char query[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:903:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(query, "where expavg_credit>10"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:908:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(query, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:916:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char query[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:917:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(query, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:924:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char query[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:925:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(query, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:941:14: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). hostid = atol(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1044:10: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). id = atol(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1045:19: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). create_time = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1046:13: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). appid = atol(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1049:13: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). batch = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1054:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). need_validate = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1055:26: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). canonical_resultid = atol(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1057:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). transition_time = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1058:19: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). delay_bound = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1059:18: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). error_mask = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1060:25: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). file_delete_state = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1061:24: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). assimilate_state = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1062:16: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). hr_class = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1064:18: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). min_quorum = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1065:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). target_nresults = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1066:25: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). max_error_results = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1067:25: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). max_total_results = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1068:27: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). max_success_results = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1070:16: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). priority = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1073:18: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). fileset_id = atol(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1074:22: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). app_version_id = atol(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1075:26: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). transitioner_flags = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1076:18: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). size_class = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1078:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). app_version_num = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1082:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1091:14: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). userid = atol(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1092:18: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). workunitid = atol(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1170:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char query[MAX_QUERY_LEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1173:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(query, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1194:10: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). id = atol(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1195:19: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). create_time = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1196:18: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). workunitid = atol(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1197:20: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). server_state = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1198:15: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). outcome = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1199:20: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). client_state = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1200:14: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). hostid = atol(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1201:14: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). userid = atol(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1202:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). report_deadline = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1203:17: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). sent_time = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1204:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). received_time = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1210:13: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). batch = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1211:25: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). file_delete_state = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1212:22: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). validate_state = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1216:14: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). random = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1217:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). app_version_num = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1218:13: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). appid = atol(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1219:19: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). exit_status = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1220:14: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). teamid = atol(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1221:16: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). priority = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1225:22: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). app_version_id = atol(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1226:24: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). runtime_outlier = (atoi(r[i++]) != 0); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1227:18: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). size_class = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1237:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char query[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1242:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(query, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1266:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char query[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1273:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(query, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1284:18: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). int sc = atoi(row[0]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1285:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). int count = atoi(row[1]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1301:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char query[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1337:10: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). id = atol(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1338:19: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). create_time = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1339:14: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). hostid = atol(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1341:15: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). handled = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1363:10: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). id = atol(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1364:19: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). create_time = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1365:14: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). hostid = atol(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1367:15: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). handled = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1372:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1391:10: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). id = atol(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1392:19: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). create_time = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1393:17: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). target_id = atol(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1394:19: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). target_type = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1395:13: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). multi = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1396:18: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). workunitid = atol(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1397:17: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). _resultid = atol(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1401:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char query[1024], clause[512]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1409:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(query, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1415:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(clause, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1423:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char query[8192], clause[512]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1440:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(query, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1466:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(clause, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1474:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1511:15: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). host_id = atol(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1512:22: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). app_version_id = atol(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1519:24: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). max_jobs_per_day = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1520:20: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). n_jobs_today = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1525:25: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). consecutive_valid = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1529:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1546:15: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). user_id = atol(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1549:19: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). submit_all = (atoi(r[i++]) != 0); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1550:19: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). manage_all = (atoi(r[i++]) != 0); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1554:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1583:13: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). appid = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1584:24: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). last_update_time = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1585:29: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). result_server_state_2 = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1586:29: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). result_server_state_4 = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1587:34: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). result_file_delete_state_1 = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1588:34: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). result_file_delete_state_2 = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1589:53: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). result_server_state_5_and_file_delete_state_0 = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1590:32: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). workunit_need_validate_1 = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1591:35: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). workunit_assimilate_state_1 = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1592:36: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). workunit_file_delete_state_1 = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1593:36: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). workunit_file_delete_state_2 = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1599:10: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). id = atol(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1601:13: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). appid = atol(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1602:18: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). min_quorum = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1603:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). need_validate = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1604:26: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). canonical_resultid = atol(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1605:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). transition_time = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1606:19: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). delay_bound = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1607:18: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). error_mask = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1608:25: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). max_error_results = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1609:25: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). max_total_results = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1610:25: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). file_delete_state = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1611:24: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). assimilate_state = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1612:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). target_nresults = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1614:16: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). priority = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1615:16: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). hr_class = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1616:13: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). batch = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1617:22: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). app_version_id = atol(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1618:26: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). transitioner_flags = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1619:18: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). size_class = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1643:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char query[MAX_QUERY_LEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1644:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char mod_clause[256];; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1645:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char time_clause[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1650:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(time_clause, " wu.transition_time < %d ", transition_time); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1656:17: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(mod_clause, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1661:17: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(mod_clause, " and wu.id = %u ", wu_id_remainder); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1662:17: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(time_clause, " true "); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1764:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char query[MAX_QUERY_LEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1766:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(query, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1783:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char query[MAX_QUERY_LEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1784:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char updates[4096], buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1788:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, " need_validate=%d,", ti.need_validate); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1792:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, " error_mask=%d,", ti.error_mask); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1796:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, " assimilate_state=%d,", ti.assimilate_state); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1800:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, " file_delete_state=%d,", ti.file_delete_state); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1807:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, " transition_time=if(transition_time=%d,%d,%d),", ti_original.transition_time, ti.transition_time, (int)time(NULL)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1811:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, " hr_class=%d,", ti.hr_class); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1815:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, " app_version_id=%lu,", ti.app_version_id); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1834:13: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). wu.id = atol(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1836:29: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). wu.canonical_resultid = atol(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1838:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). wu.min_quorum = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1839:27: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). wu.assimilate_state = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1840:26: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). wu.transition_time = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1842:16: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). wu.batch = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1843:26: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). wu.target_nresults = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1844:30: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). wu.max_success_results = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1845:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). wu.error_mask = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1849:14: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). res.id = atol(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1850:22: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). res.workunitid = atol(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1852:26: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). res.validate_state = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1853:24: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). res.server_state = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1854:19: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). res.outcome = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1860:17: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). res.batch = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1862:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). res.exit_status = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1863:18: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). res.hostid = atol(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1864:18: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). res.userid = atol(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1865:18: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). res.teamid = atol(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1866:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). res.sent_time = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1867:25: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). res.received_time = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1868:17: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). res.appid = atol(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1869:26: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). res.app_version_id = atol(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1870:27: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). res.app_version_num = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1873:26: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). res.app_version_id = atol(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1874:28: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). res.runtime_outlier = (atoi(r[i++]) != 0); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1884:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char query[MAX_QUERY_LEN], mod_clause[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1885:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char main_clause[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1890:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(main_clause, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1898:17: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(mod_clause, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1903:17: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(mod_clause, " and wu.id = %u ", wu_id_remainder); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1910:11: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(mod_clause+(strlen(mod_clause)), " and wu.id >= %lu", wu_id_min); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1913:11: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(mod_clause+(strlen(mod_clause)), " and wu.id <= %lu", wu_id_max); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2015:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char query[MAX_QUERY_LEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2017:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(query, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2036:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char query[MAX_QUERY_LEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2038:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(query, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2060:14: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). res_id = atol(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2061:20: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). res_priority = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2062:24: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). res_server_state = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2064:13: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). wu.id = atol(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2065:22: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). wu.create_time = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2066:16: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). wu.appid = atol(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2069:16: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). wu.batch = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2074:24: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). wu.need_validate = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2075:29: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). wu.canonical_resultid = atol(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2077:26: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). wu.transition_time = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2078:22: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). wu.delay_bound = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2079:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). wu.error_mask = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2080:28: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). wu.file_delete_state = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2081:27: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). wu.assimilate_state = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2082:19: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). wu.hr_class = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2084:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). wu.min_quorum = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2085:26: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). wu.target_nresults = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2086:28: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). wu.max_error_results = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2087:28: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). wu.max_total_results = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2088:30: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). wu.max_success_results = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2090:19: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). wu.priority = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2093:21: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). wu.fileset_id = atol(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2094:25: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). wu.app_version_id = atol(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2095:29: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). wu.transitioner_flags = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2096:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). wu.size_class = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2098:26: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). wu.app_version_num = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2104:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char query[MAX_QUERY_LEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2148:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char query[MAX_QUERY_LEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2200:18: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). error_mask = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2201:24: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). assimilate_state = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2202:20: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). server_state = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2203:15: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). outcome = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2207:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char query[MAX_QUERY_LEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2248:10: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). id = atol(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2250:18: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). workunitid = atol(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2251:13: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). appid = atol(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2252:20: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). server_state = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2253:14: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). hostid = atol(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2254:14: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). userid = atol(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2255:17: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). sent_time = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2256:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). received_time = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2257:22: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). validate_state = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2258:15: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). outcome = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2259:20: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). client_state = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2260:25: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). file_delete_state = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2261:22: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). app_version_id = atol(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2348:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char query[MAX_QUERY_LEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2403:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char query[MAX_QUERY_LEN], buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2407:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(query, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2416:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "%lu", results[i].workunitid); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2437:10: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). id = atol(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2450:10: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). id = atol(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2455:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char where_clause[MAX_QUERY_LEN] = {0}; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2472:18: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). fileset_id = atol(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2473:15: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). file_id = atol(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2486:10: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). id = atol(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2487:18: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). fileset_id = atol(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2488:17: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). need_work = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2489:22: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). work_available = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2490:25: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). no_work_available = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2491:27: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). working_set_removal = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2495:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char query[MAX_QUERY_LEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2557:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char column_clause[MAX_QUERY_LEN] = {0}; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2592:18: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). fileset.id = atol(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2594:18: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). trigger.id = atol(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2595:26: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). trigger.fileset_id = atol(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2596:25: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). trigger.need_work = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2597:30: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). trigger.work_available = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2598:33: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). trigger.no_work_available = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2599:35: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). trigger.working_set_removal = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2608:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char where_clause[MAX_QUERY_LEN] = {0}; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2609:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char query[MAX_QUERY_LEN] = {0}; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2620:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char state_filter[MAX_QUERY_LEN] = {0}; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2738:10: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). id = atol(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2744:20: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). need_update = (atoi(r[i++]) != 0); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2745:20: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). initialized = (atoi(r[i++]) != 0); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2746:19: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). retrieving = (atoi(r[i++]) != 0); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2747:18: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). retrieved = (atoi(r[i++]) != 0); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2777:19: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). vda_file_id = atol(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2778:15: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). host_id = atol(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2780:24: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). present_on_host = (atoi(r[i++]) != 0); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2781:29: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). transfer_in_progress = (atoi(r[i++]) != 0); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2782:22: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). transfer_wait = (atoi(r[i++]) != 0); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2790:10: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). id = atol(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2792:12: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). type = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2805:16: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). badge_id = atol(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2806:15: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). user_id = atol(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2814:16: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). badge_id = atol(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2815:15: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). team_id = atol(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2821:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2842:14: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). userid = atol(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2843:13: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). appid = atol(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2844:13: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). njobs = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2848:19: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). credit_type = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2852:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2873:14: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). teamid = atol(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2874:13: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). appid = atol(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2875:13: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). njobs = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2879:19: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). credit_type = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2902:10: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). id = atol(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2905:15: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). enabled = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2906:24: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). project_specific = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2907:19: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). privacypref = atoi(r[i++]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.h:46:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.h:59:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char result_template_file[64]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.h:67:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char res_name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.h:346:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char result_name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.h:365:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char queried_name[256]; // name as reported by client data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.h:367:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.h:380:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char xml_doc_out[BLOB_SIZE]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.h:381:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char stderr_out[BLOB_SIZE]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.h:415:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[254]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.h:416:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char md5sum[34]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.h:433:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[254]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db_types.h:53:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[256]; // i.e. "sparc-sun-solaris" data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db_types.h:54:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char user_friendly_name[256]; // i.e. "SPARC Solaris 2.8" data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db_types.h:69:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[256]; // application name, preferably short data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db_types.h:72:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char user_friendly_name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db_types.h:110:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char xml_doc[APP_VERSION_XML_BLOB_SIZE]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db_types.h:132:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char plan_class[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db_types.h:164:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char email_addr[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db_types.h:165:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db_types.h:166:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char authenticator[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db_types.h:167:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char country[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db_types.h:168:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char postal_code[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db_types.h:172:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char global_prefs[BLOB_SIZE]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db_types.h:174:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char project_prefs[BLOB_SIZE]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db_types.h:190:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char venue[256]; // home/work/school (default) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db_types.h:191:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char url[256]; // user's web page if any data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db_types.h:204:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char signature[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db_types.h:209:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cross_project_id[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db_types.h:213:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char passwd_hash[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db_types.h:216:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char login_token[32]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db_types.h:218:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char previous_email_addr[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db_types.h:225:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char public_cross_project_id[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db_types.h:245:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db_types.h:246:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name_lc[256]; // Team name in lowercase (used for searching) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db_types.h:247:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char url[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db_types.h:249:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name_html[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db_types.h:250:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char description[BLOB_SIZE]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db_types.h:252:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char country[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db_types.h:283:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char domain_name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db_types.h:284:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char serialnum[256]; // textual description of coprocessors data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db_types.h:285:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char last_ip_addr[256]; // internal IP address as of last RPC data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db_types.h:297:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char p_vendor[256]; // Vendor name of CPU data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db_types.h:298:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char p_model[256]; // Model of CPU data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db_types.h:304:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char os_name[256]; // Name of operating system data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db_types.h:305:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char os_version[256]; // Version of operating system data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db_types.h:342:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char venue[256]; // home/work/school data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db_types.h:345:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char host_cpid[256]; // host cross-project ID data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db_types.h:346:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char external_ip_addr[256]; // IP address seen by scheduler data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db_types.h:360:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char product_name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db_types.h:370:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char p_features[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db_types.h:371:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char virtualbox_version[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db_types.h:396:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char public_cross_project_id[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db_types.h:441:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db_types.h:442:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char xml_doc[BLOB_SIZE]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db_types.h:490:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char result_template_file[64]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db_types.h:492:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char mod_time[20]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db_types.h:504:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char keywords[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db_types.h:603:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db_types.h:605:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char xml_doc_in[BLOB_SIZE]; // descriptions of output files data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db_types.h:606:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char xml_doc_out[BLOB_SIZE]; // MD5s of output files data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db_types.h:607:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char stderr_out[BLOB_SIZE]; // stderr output, if any data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db_types.h:621:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char mod_time[20]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db_types.h:671:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db_types.h:676:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char description[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db_types.h:698:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char variety[256]; // project-defined; what kind of msg data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db_types.h:700:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char xml[MSG_FROM_HOST_BLOB_SIZE]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db_types.h:708:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char variety[256]; // project-defined; what kind of msg data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db_types.h:710:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char xml[MSG_TO_HOST_BLOB_SIZE]; // text to include in sched reply data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db_types.h:767:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dir[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db_types.h:768:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char file_name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db_types.h:782:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char physical_file_name[256]; // e.g. vda_467_0_file.ext data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db_types.h:806:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db_types.h:807:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char title[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db_types.h:808:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char description[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db_types.h:809:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char image_url[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db_types.h:810:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char level[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db_types.h:811:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tags[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db_types.h:812:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sql_rule[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db_types.h:857:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char shortname[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db_types.h:858:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char description[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/db_base.cpp:40:14: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int DB_CONN::open( data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/db_base.cpp:76:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char host[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/db_base.cpp:82:16: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). port = atoi(p+1); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/db_base.cpp:110:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char query[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/db_base.cpp:165:13: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). int x = atoi(row[0]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/db_base.cpp:204:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char vals[MAX_QUERY_LEN*2], query[MAX_QUERY_LEN*2]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/db_base.cpp:223:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char query[MAX_QUERY_LEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/db_base.cpp:246:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char vals[MAX_QUERY_LEN], query[MAX_QUERY_LEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/db_base.cpp:259:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char query[MAX_QUERY_LEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/db_base.cpp:275:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char query[MAX_QUERY_LEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/db_base.cpp:281:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char query[MAX_QUERY_LEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/db_base.cpp:287:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char query[MAX_QUERY_LEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/db_base.cpp:302:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). vals[i] = atoi(row[i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/db_base.cpp:311:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char query[MAX_QUERY_LEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/db_base.cpp:333:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char query[MAX_QUERY_LEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/db_base.cpp:341:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char query[MAX_QUERY_LEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/db_base.cpp:360:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char query[MAX_QUERY_LEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/db_base.cpp:374:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char query[MAX_QUERY_LEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/db_base.cpp:431:13: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). n = atol(row[0]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/db_base.cpp:457:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char query[MAX_QUERY_LEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/db_base.cpp:465:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char query[MAX_QUERY_LEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/db_base.cpp:480:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[MAX_QUERY_LEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/db_base.h:33:12: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). return atoi(s); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/db_base.h:38:12: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). return atol(s); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/db_base.h:69:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int open(char* name, char* host, char* user, char* passwd); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/app_ipc.cpp:72:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&shmem_seg_name, &a.shmem_seg_name, sizeof(SHMEM_SEG_NAME)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/app_ipc.cpp:123:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[2048]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/app_ipc.cpp:465:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[512], *p; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/app_ipc.cpp:499:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[512], *p; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/app_ipc.cpp:521:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024], physical_name[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/app_ipc.cpp:543:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/app_ipc.h:57:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[MSG_CHANNEL_SIZE]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/app_ipc.h:108:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/app_ipc.h:132:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. typedef char SHMEM_SEG_NAME[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/app_ipc.h:145:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char app_name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/app_ipc.h:146:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char symstore[256]; // symstore URL (Windows) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/app_ipc.h:147:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char acct_mgr_url[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/app_ipc.h:155:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char user_name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/app_ipc.h:156:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char team_name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/app_ipc.h:157:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char project_dir[256]; // where project files are stored on host data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/app_ipc.h:158:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char boinc_dir[MAXPATHLEN]; // BOINC data directory data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/app_ipc.h:159:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char wu_name[256]; // workunit name data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/app_ipc.h:160:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char result_name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/app_ipc.h:161:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char authenticator[256]; // user's authenticator data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/app_ipc.h:193:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gpu_type[64]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/base64.cpp:33:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char base64_value_to_char[64] = data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/boinc_fcgi.cpp:29:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FCGI_FILE *fopen(const char *path, const char *mode) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/boinc_fcgi.cpp:78:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[BUFSIZ]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/boinc_fcgi.h:30:8: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). #undef fopen data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/boinc_fcgi.h:53:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FCGI_FILE *fopen(const char *path, const char *mode); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/cc_config.cpp:709:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/cc_config.cpp:738:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/cc_config.cpp:778:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/cc_config.cpp:805:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/cc_config.h:226:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/cc_config.h:239:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char app_name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/cc_config.h:240:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char plan_class[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/cc_config.h:241:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cmdline[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/cert_sig.cpp:69:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/cert_sig.cpp:138:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *f = fopen(filename, "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/cert_sig.cpp:140:26: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FCGI_FILE *f = FCGI::fopen(filename, "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/cert_sig.cpp:167:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tag[4096]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/cert_sig.h:30:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char signature[MAX_CERT_SIG_LEN]; // RSA signature expected. data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/cert_sig.h:32:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char subject[MAX_SUBJECT_LEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/cert_sig.h:33:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char hash[9]; // 8 + '\0'... data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/common_defs.h:346:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char device_name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/coproc.cpp:137:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/coproc.cpp:163:36: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). device_nums[i++] = atoi(p); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/coproc.cpp:177:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf2[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/coproc.cpp:308:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char vers[256], cuda_vers[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/coproc.cpp:439:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf2[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/coproc.cpp:474:37: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). prop.maxThreadsDim[0] = atoi(buf2); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/coproc.cpp:478:41: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). prop.maxThreadsDim[1] = atoi(p); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/coproc.cpp:482:45: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). prop.maxThreadsDim[2] = atoi(p); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/coproc.cpp:488:35: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). prop.maxGridSize[0] = atoi(buf2); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/coproc.cpp:492:39: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). prop.maxGridSize[1] = atoi(p); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/coproc.cpp:496:43: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). prop.maxGridSize[2] = atoi(p); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/coproc.h:128:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char type[256]; // must be unique data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/coproc.h:159:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char type[256]; // must be unique data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/coproc.h:248:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/coproc.h:269:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/coproc.h:330:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/coproc.h:331:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char version[50]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/coproc.h:358:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/coproc.h:359:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char version[50]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/coproc.h:454:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(c.type, "CPU"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/coproc.h:518:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(c.type, "CPU"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/crypt.cpp:91:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(p, ".\n"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/crypt.cpp:125:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *p, buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/crypt.cpp:195:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *p, buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/crypt.cpp:292:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char md5_buf[MD5_LEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/crypt.cpp:307:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char md5_buf[MD5_LEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/crypt.cpp:328:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char signature_buf[SIGNATURE_SIZE_BINARY]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/crypt.cpp:347:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char clear_buf[MD5_LEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/crypt.cpp:374:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char signature_buf[SIGNATURE_SIZE_BINARY]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/crypt.cpp:398:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char md5_buf[MD5_LEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/crypt.cpp:399:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char signature_buf[SIGNATURE_SIZE_BINARY]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/crypt.cpp:400:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char clear_buf[MD5_LEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/crypt.cpp:435:18: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* fkey = fopen(keyfile, "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/crypt.cpp:437:29: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FCGI_FILE* fkey = FCGI::fopen(keyfile, "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/crypt.cpp:720:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char md5_md[MD5_DIGEST_LENGTH], rbuf[2048]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/crypt.cpp:739:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char file[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/crypt.cpp:741:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fpath[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/crypt.cpp:759:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char md5_md[MD5_DIGEST_LENGTH], rbuf[2048]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/crypt.cpp:760:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/crypt.cpp:761:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fbuf[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/crypt.cpp:797:23: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *f = fopen(fbuf, "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/crypt.cpp:799:34: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FCGI_FILE *f = FCGI::fopen(fbuf, "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/crypt.h:41:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char modulus[MAX_RSA_MODULUS_LEN]; /* modulus */ data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/crypt.h:42:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char exponent[MAX_RSA_MODULUS_LEN]; /* public exponent */ data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/crypt.h:47:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char modulus[MAX_RSA_MODULUS_LEN]; /* modulus */ data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/crypt.h:48:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char publicExponent[MAX_RSA_MODULUS_LEN]; /* public exponent */ data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/crypt.h:49:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char exponent[MAX_RSA_MODULUS_LEN]; /* private exponent */ data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/crypt.h:50:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char prime[2][MAX_RSA_PRIME_LEN]; /* prime factors */ data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/crypt.h:51:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char primeExponent[2][MAX_RSA_PRIME_LEN]; /* exponents for CRT */ data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/crypt.h:52:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char coefficient[MAX_RSA_PRIME_LEN]; /* CRT coefficient */ data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/crypt.h:67:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char data[1]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/crypt_prog.cpp:98:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buff[32]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/crypt_prog.cpp:107:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* f = fopen("/dev/random", "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/crypt_prog.cpp:125:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char signature_buf[256], buf[256], buf2[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/crypt_prog.cpp:127:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cbuf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/crypt_prog.cpp:151:13: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). n = atoi(argv[2]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/crypt_prog.cpp:165:17: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fpriv = fopen(argv[3], "w"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/crypt_prog.cpp:167:16: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fpub = fopen(argv[4], "w"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/crypt_prog.cpp:179:17: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fpriv = fopen(argv[3], "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/crypt_prog.cpp:193:17: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fpriv = fopen(argv[3], "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/crypt_prog.cpp:205:16: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fpub = fopen(argv[4], "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/crypt_prog.cpp:209:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen(argv[3], "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/crypt_prog.cpp:218:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char md5_buf[64]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/crypt_prog.cpp:237:17: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fpriv = fopen(argv[2], "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/crypt_prog.cpp:241:16: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fpub = fopen(argv[3], "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/crypt_prog.cpp:247:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy((char*)buf2, "encryption test successful"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/crypt_prog.cpp:260:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen(argv[3], "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/crypt_prog.cpp:290:17: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen(argv[3], "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/crypt_prog.cpp:296:17: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen(argv[4], "w+"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/crypt_prog.cpp:301:17: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen(argv[3], "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/crypt_prog.cpp:307:17: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen(argv[4], "w+"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/crypt_prog.cpp:349:25: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fpriv = fopen(argv[4], "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/crypt_prog.cpp:368:25: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fpriv = fopen(argv[5], "w+"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/crypt_prog.cpp:381:24: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fpub = fopen(argv[4], "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/crypt_prog.cpp:388:24: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fpub = fopen(argv[5], "w+"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/crypt_prog.cpp:407:25: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fpriv = fopen (argv[4], "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/crypt_prog.cpp:416:25: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fpriv = fopen(argv[5], "w"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/crypt_prog.cpp:422:24: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fpub = fopen (argv[4], "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/crypt_prog.cpp:433:24: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fpub = fopen(argv[5], "w"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/daemonmgt_win.cpp:235:5: [2] (buffer) TCHAR: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. TCHAR szPath[MAX_PATH+1]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/daemonmgt_win.cpp:236:5: [2] (buffer) TCHAR: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. TCHAR szExe[MAX_PATH+1]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/daemonmgt_win.cpp:332:5: [2] (buffer) TCHAR: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. TCHAR szPath[MAX_PATH+1]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/daemonmgt_win.cpp:333:5: [2] (buffer) TCHAR: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. TCHAR szExe[MAX_PATH+1]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/diagnostics.cpp:88:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char stdout_log[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/diagnostics.cpp:89:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char stdout_archive[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/diagnostics.cpp:91:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char stderr_log[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/diagnostics.cpp:92:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char stderr_archive[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/diagnostics.cpp:94:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char boinc_dir[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/diagnostics.cpp:95:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char boinc_install_dir[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/diagnostics.cpp:97:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char boinc_proxy[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/diagnostics.cpp:98:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char symstore[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/diagnostics.cpp:288:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char user_dir[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/diagnostics.cpp:452:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/diagnostics.cpp:453:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char proxy_address[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/diagnostics.cpp:468:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). p = fopen(INIT_DATA_FILE, "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/diagnostics.cpp:470:19: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). p = FCGI::fopen(INIT_DATA_FILE, "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/diagnostics.cpp:747:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[20]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/diagnostics.cpp:796:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char mbuf[10]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/diagnostics.cpp:829:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char line[DUMP_LINE_LEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/diagnostics.cpp:897:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char szBuffer[4096]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/diagnostics.cpp:898:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char szDate[64]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/diagnostics.cpp:899:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char szTime[64]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/diagnostics.cpp:965:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char szBuffer[4096]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/diagnostics.cpp:966:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char szDate[64]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/diagnostics.cpp:967:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char szTime[64]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/diagnostics_win.cpp:125:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char crash_message[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/diagnostics_win.cpp:597:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char data[4096 - sizeof(DWORD)]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/diagnostics_win.cpp:1021:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char window_name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/diagnostics_win.cpp:1022:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char window_class[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/diagnostics_win.cpp:1155:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szDate[64]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/diagnostics_win.cpp:1156:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szTime[64]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/diagnostics_win.cpp:1375:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char status[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/diagnostics_win.cpp:1376:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char substatus[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/diagnostics_win.cpp:1377:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char message[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/filesys.cpp:91:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char boinc_failed_file[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/filesys.cpp:160:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char b[MAXPATHLEN+1]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/filesys.cpp:242:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char file[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/filesys.cpp:431:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filename[MAXPATHLEN], path[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/filesys.cpp:463:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[_MAX_PATH]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/filesys.cpp:464:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path2[_MAX_PATH]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/filesys.cpp:494:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filename[MAXPATHLEN], subdir[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/filesys.cpp:532:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[_MAX_PATH]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/filesys.cpp:533:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path2[_MAX_PATH]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/filesys.cpp:564:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filename[MAXPATHLEN], subdir[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/filesys.cpp:606:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *f = fopen(path, mode); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/filesys.cpp:608:26: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FCGI_FILE *f = FCGI::fopen(path,mode); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/filesys.cpp:632:17: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen(path, mode); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/filesys.cpp:634:23: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = FCGI::fopen(path, mode); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/filesys.cpp:689:16: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *fp = fopen(path, "w"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/filesys.cpp:691:27: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FCGI_FILE *fp = FCGI::fopen(path, "w"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/filesys.cpp:707:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cmd[2*MAXPATHLEN+5]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/filesys.cpp:722:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buf[65536]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/filesys.cpp:791:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[MAXPATHLEN+MAXPATHLEN+1+7]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/filesys.cpp:869:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[MAXPATHLEN], oldpath[MAXPATHLEN], newpath[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/filesys.cpp:919:14: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(filename, O_WRONLY|O_CREAT, S_IRUSR|S_IWUSR|S_IRGRP|S_IWGRP|S_IROTH); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/filesys.cpp:1017:14: [2] (tmpfile) mkstemp: Potential for temporary file vulnerability in some circumstances. Some older Unix-like systems create temp files with permission to write by all by default, so be sure to set the umask to override this. Also, some older Unix systems might fail to use O_EXCL when opening the file, so make sure that O_EXCL is used by the library (CWE-377). int fd = mkstemp(temp_path); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/filesys.cpp:1040:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cwd[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/filesys.h:70:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. extern char boinc_failed_file[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/filesys.h:111:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client.cpp:268:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char nonce[256], nonce_hash[256], buf[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client.cpp:325:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[8193]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client.cpp:381:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256], error_msg[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client.cpp:418:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg_buf[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client.cpp:419:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* f = fopen(GUI_RPC_PASSWD_FILE, "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client.cpp:422:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client.cpp:434:19: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* g = fopen(LINUX_CONFIG_FILE, "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client.cpp:436:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf2[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client.cpp:447:21: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen(path, "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client.cpp:474:17: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen(path, "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client.cpp:484:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf2[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client.h:128:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char master_url[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client.h:175:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char venue[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client.h:179:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char external_cpid[64]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client.h:197:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client.h:198:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char user_friendly_name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client.h:209:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char app_name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client.h:211:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char platform[64]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client.h:212:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char plan_class[64]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client.h:220:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char exec_filename[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client.h:234:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client.h:235:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char app_name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client.h:253:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client.h:254:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char wu_name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client.h:255:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char project_url[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client.h:256:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char platform[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client.h:258:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char plan_class[64]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client.h:274:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char scheduler_wait_reason[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client.h:298:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char graphics_exec_path[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client.h:299:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char web_graphics_url[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client.h:300:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char remote_desktop_addr[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client.h:301:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char slot_path[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client.h:303:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char resources[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client.h:649:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char project_url[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client.h:650:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char result_name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client.h:651:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char app_name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client_ops.cpp:274:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client_ops.cpp:545:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client_ops.cpp:669:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[65536]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client_ops.cpp:1314:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[65536]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client_ops.cpp:1449:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client_ops.cpp:1492:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client_ops.cpp:1497:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "<get_results>\n<active_only>%d</active_only>\n</get_results>\n", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client_ops.cpp:1518:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client_ops.cpp:1542:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client_ops.cpp:1565:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client_ops.cpp:1598:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client_ops.cpp:1661:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client_ops.cpp:1700:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client_ops.cpp:1734:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client_ops.cpp:1762:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[512]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client_ops.cpp:1810:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[768]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client_ops.cpp:1830:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[768]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client_ops.cpp:1874:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client_ops.cpp:1894:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client_ops.cpp:1914:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client_ops.cpp:1934:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client_ops.cpp:1974:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client_ops.cpp:2016:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1792]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client_ops.cpp:2071:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client_ops.cpp:2087:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client_ops.cpp:2123:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[768]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client_ops.cpp:2155:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[768]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client_ops.cpp:2190:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client_ops.cpp:2214:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client_ops.cpp:2246:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client_ops.cpp:2312:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[512]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client_ops.cpp:2348:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client_ops.cpp:2395:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1280]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client_ops.cpp:2439:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client_ops.cpp:2474:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client_ops.cpp:2503:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client_ops.cpp:2552:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client_ops.cpp:2580:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[64000]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client_ops.cpp:2616:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[64000]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client_ops.cpp:2649:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[64000]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client_ops.cpp:2669:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client_ops.cpp:2694:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[64000]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client_ops.cpp:2736:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client_ops.cpp:2757:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client_ops.cpp:2789:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client_print.cpp:53:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client_print.cpp:256:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/hostinfo.cpp:172:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pv[265], pm[256], pf[P_FEATURES_SIZE], osn[256], osv[256], pn[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/hostinfo.cpp:254:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/hostinfo.cpp:287:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/hostinfo.h:58:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char domain_name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/hostinfo.h:59:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char serialnum[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/hostinfo.h:60:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ip_addr[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/hostinfo.h:61:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char host_cpid[64]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/hostinfo.h:64:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char p_vendor[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/hostinfo.h:65:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char p_model[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/hostinfo.h:66:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char p_features[P_FEATURES_SIZE]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/hostinfo.h:80:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char os_name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/hostinfo.h:81:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char os_version[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/hostinfo.h:89:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char product_name[256]; // manufacturer and/or model of system data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/hostinfo.h:90:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char mac_address[256]; // MAC addr e.g. 00:00:00:00:00:00 data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/hostinfo.h:95:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char virtualbox_version[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/keyword.cpp:108:19: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). ids.push_back(atoi(p)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/keyword.cpp:112:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). ids.push_back(atoi(p)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/md5.cpp:170:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(xbuf, data, 64); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/md5.cpp:321:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(pms->buf + offset, p, copy); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/md5.cpp:335:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(pms->buf, p, left); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/md5_file.cpp:47:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buf[4096]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/md5_file.cpp:48:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char binout[16]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/md5_file.cpp:54:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *f = fopen(path, "rb"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/md5_file.cpp:56:21: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *f = FCGI::fopen(path, "rb"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/md5_file.cpp:93:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(output+2*i, "%02x", binout[i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/md5_file.cpp:103:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char binout[16]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/md5_file.cpp:114:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(output+2*i, "%02x", binout[i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/md5_file.cpp:121:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char output[MD5_LEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/md5_file.cpp:130:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/md5_file.cpp:148:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* f = fopen("/dev/random", "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/md5_file.cpp:150:21: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* f = FCGI::fopen("/dev/random", "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/md5_test.cpp:6:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char out[33]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/mem_usage.cpp:46:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). using std::fopen; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/mem_usage.cpp:82:14: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((f = fopen("/proc/self/psinfo", "r")) != 0) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/mem_usage.cpp:101:14: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((f = fopen("/proc/self/stat", "r")) != 0) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/mem_usage.cpp:102:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/mfile.cpp:46:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int MFILE::open(const char* path, const char* mode) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/mfile.cpp:70:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf2[BUFSIZE]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/mfile.cpp:114:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( buf+len, ptr, size*nitems ); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/mfile.h:40:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int open(const char* path, const char* mode); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/miofile.cpp:108:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dst, buf, n); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/miofile.cpp:134:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/miofile.cpp:151:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/msg_log.cpp:97:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/msg_log.cpp:101:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, " [PID=%-5d]", pid); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/msg_log.cpp:117:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sprefix[256] = ""; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/msg_log.cpp:144:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sprefix[256] = ""; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/msg_log.cpp:152:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* f = fopen(filename, "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/msg_log.cpp:154:21: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* f = FCGI::fopen(filename, "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/msg_log.cpp:157:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/msg_log.h:46:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char spaces[80]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/msg_test.cpp:36:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg_text[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/network.cpp:52:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[80]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/network.cpp:112:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/network.cpp:167:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[512]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/network.cpp:180:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&ip_addr, aip->ai_addr, aip->ai_addrlen); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/network.cpp:227:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/notice.h:30:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char title[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/notice.h:35:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char category[64]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/notice.h:39:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char link[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/notice.h:41:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char project_name[64]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/notice.h:47:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char guid[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/notice.h:48:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char feed_url[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/opencl_boinc.cpp:266:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s1[256], s2[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/opencl_boinc.cpp:345:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s1[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/opencl_boinc.h:39:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[256]; // Device name data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/opencl_boinc.h:40:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char vendor[256]; // Device vendor (NVIDIA, ATI, AMD, etc.) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/opencl_boinc.h:48:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char extensions[2048]; // List of device extensions data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/opencl_boinc.h:67:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char opencl_platform_version[64]; // Version of OpenCL supported data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/opencl_boinc.h:69:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char opencl_device_version[128]; // OpenCL version supported by device; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/opencl_boinc.h:75:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char opencl_driver_version[32]; // For example: "CLH 1.0" data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/opencl_boinc.h:100:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char platform_vendor[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/parse.cpp:60:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tag2[256], tag3[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/parse.cpp:102:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dest, p, len); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/parse.cpp:110:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tempbuf[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/parse.cpp:135:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/parse.cpp:172:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char start_tag[256], end_tag[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/parse.cpp:228:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char temp[4096], *p, *q; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/parse.cpp:253:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char temp[4096], *p; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/parse.cpp:274:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/parse.cpp:320:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256], *p; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/parse.cpp:345:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256], *p; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/parse.cpp:353:13: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(p, "<"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/parse.cpp:356:13: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(p, "&"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/parse.cpp:375:17: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(p, "]]>"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/parse.cpp:449:29: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). int ascii = atoi(in); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/parse.cpp:507:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/parse.cpp:547:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tag[TAG_BUF_LEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/parse.cpp:565:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char end_tag[TAG_BUF_LEN], tag[TAG_BUF_LEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/parse.cpp:636:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256], *end; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/parse.cpp:638:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char end_tag[TAG_BUF_LEN], tag[TAG_BUF_LEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/parse.cpp:671:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256], *end; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/parse.cpp:673:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char end_tag[TAG_BUF_LEN], tag[TAG_BUF_LEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/parse.cpp:706:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256], *end; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/parse.cpp:708:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char end_tag[TAG_BUF_LEN], tag[TAG_BUF_LEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/parse.cpp:741:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256], *end; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/parse.cpp:743:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char end_tag[TAG_BUF_LEN], tag[TAG_BUF_LEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/parse.cpp:776:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256], *end=0; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/parse.cpp:778:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char end_tag[TAG_BUF_LEN], tag[TAG_BUF_LEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/parse.cpp:811:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256], *end; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/parse.cpp:813:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char end_tag[TAG_BUF_LEN], tag[TAG_BUF_LEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/parse.cpp:847:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tag[TAG_BUF_LEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/parse.cpp:873:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[TAG_BUF_LEN], end_tag[TAG_BUF_LEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/parse.cpp:901:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char end_tag[TAG_BUF_LEN], buf[ELEMENT_BUF_LEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/parse.h:49:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char parsed_tag[TAG_BUF_LEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/parse.h:297:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[64]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/parse_test.cpp:14:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[64]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/parse_test.cpp:15:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char foo[64]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/parse_test.cpp:20:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(name, "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/parse_test.cpp:26:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(foo, "xxx"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/parse_test.cpp:54:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* f = fopen("foo.xml", "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/prefs.cpp:373:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf2[256], attrs[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/prefs.cpp:612:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen(filename, "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/prefs.cpp:614:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = FCGI::fopen(filename, "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/prefs.h:188:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char source_project[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/prefs.h:189:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char source_scheduler[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/procinfo.h:36:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char command[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/procinfo_mac.cpp:54:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *f = fopen("/Library/Application Support/BOINC Data/Branding", "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/procinfo_unix.cpp:70:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char comm[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/procinfo_unix.cpp:176:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pidpath[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/procinfo_unix.cpp:177:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/procinfo_unix.cpp:195:14: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = fopen(pidpath, "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/procinfo_unix.cpp:209:14: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = fopen(pidpath, "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/procinfo_unix.cpp:224:14: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = fopen(pidpath, "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/project_init.cpp:50:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* f = fopen(PROJECT_INIT_FILENAME, "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/project_init.cpp:77:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* f = fopen(PROJECT_INIT_FILENAME, "w"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/project_init.h:28:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char url[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/project_init.h:29:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/project_init.h:30:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char account_key[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/proxy_info.cpp:62:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s5un[2048], s5up[2048], hun[2048], hup[2048]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/proxy_info.h:34:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char http_server_name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/proxy_info.h:36:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char http_user_name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/proxy_info.h:37:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char http_user_passwd[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/proxy_info.h:43:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char socks_server_name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/proxy_info.h:45:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char socks5_user_name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/proxy_info.h:46:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char socks5_user_passwd[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/proxy_info.h:53:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char noproxy_hosts[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/proxy_info.h:68:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char autodetect_server_name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.cpp:49:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char error_msg[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.cpp:50:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char type[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.cpp:51:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char file[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.cpp:52:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char line[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.cpp:77:19: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* reply = fopen(dst_path, "w"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.cpp:109:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.cpp:130:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "file_%d", i); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.cpp:166:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.cpp:171:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "<batch_id>%d</batch_id>\n", batch_id); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.cpp:179:19: [2] (tmpfile) tmpfile: Function tmpfile() has a security flaw on some systems (e.g., older System V systems) (CWE-377). FILE* reply = tmpfile(); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.cpp:180:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char url[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.cpp:226:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.cpp:231:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "<batch_id>%d</batch_id>\n", batch_id); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.cpp:239:19: [2] (tmpfile) tmpfile: Function tmpfile() has a security flaw on some systems (e.g., older System V systems) (CWE-377). FILE* reply = tmpfile(); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.cpp:240:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char url[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.cpp:283:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char request[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.cpp:284:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char url[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.cpp:298:19: [2] (tmpfile) tmpfile: Function tmpfile() has a security flaw on some systems (e.g., older System V systems) (CWE-377). FILE* reply = tmpfile(); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.cpp:332:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char app_name[256], data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.cpp:337:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024], url[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.cpp:357:19: [2] (tmpfile) tmpfile: Function tmpfile() has a security flaw on some systems (e.g., older System V systems) (CWE-377). FILE* reply = tmpfile(); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.cpp:393:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char app_name[256], data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.cpp:415:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char app_name[256], data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.cpp:422:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024], url[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.cpp:491:19: [2] (tmpfile) tmpfile: Function tmpfile() has a security flaw on some systems (e.g., older System V systems) (CWE-377). FILE* reply = tmpfile(); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.cpp:534:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char url[1024], buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.cpp:540:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "<min_mod_time>%f</min_mod_time>\n", min_mod_time); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.cpp:548:19: [2] (tmpfile) tmpfile: Function tmpfile() has a security flaw on some systems (e.g., older System V systems) (CWE-377). FILE* reply = tmpfile(); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.cpp:668:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char url[1024], buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.cpp:674:19: [2] (tmpfile) tmpfile: Function tmpfile() has a security flaw on some systems (e.g., older System V systems) (CWE-377). FILE* reply = tmpfile(); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.cpp:748:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char url[1024], buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.cpp:753:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "<batch_id>%d</batch_id>\n", batch_id); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.cpp:760:19: [2] (tmpfile) tmpfile: Function tmpfile() has a security flaw on some systems (e.g., older System V systems) (CWE-377). FILE* reply = tmpfile(); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.cpp:798:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char url[1024], buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.cpp:808:19: [2] (tmpfile) tmpfile: Function tmpfile() has a security flaw on some systems (e.g., older System V systems) (CWE-377). FILE* reply = tmpfile(); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.cpp:851:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char url[1024], buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.cpp:864:19: [2] (tmpfile) tmpfile: Function tmpfile() has a security flaw on some systems (e.g., older System V systems) (CWE-377). FILE* reply = tmpfile(); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.cpp:950:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char url[1024], job_name_esc[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.cpp:959:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.cpp:974:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char url[1024], buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.cpp:982:19: [2] (tmpfile) tmpfile: Function tmpfile() has a security flaw on some systems (e.g., older System V systems) (CWE-377). FILE* reply = tmpfile(); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.cpp:1021:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char url[1024], buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.cpp:1029:19: [2] (tmpfile) tmpfile: Function tmpfile() has a security flaw on some systems (e.g., older System V systems) (CWE-377). FILE* reply = tmpfile(); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.cpp:1071:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char url[1024], buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.cpp:1077:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "<expire_time>%f</expire_time>\n", expire_time); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.cpp:1081:19: [2] (tmpfile) tmpfile: Function tmpfile() has a security flaw on some systems (e.g., older System V systems) (CWE-377). FILE* reply = tmpfile(); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.cpp:1121:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char url[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.cpp:1124:19: [2] (tmpfile) tmpfile: Function tmpfile() has a security flaw on some systems (e.g., older System V systems) (CWE-377). FILE* reply = tmpfile(); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.h:43:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char logical_name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.h:47:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char src_path[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.h:52:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char physical_name[256]; // BOINC physical name data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.h:55:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char url[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.h:57:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char md5[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.h:61:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char job_name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.h:90:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char src[256]; // logical name data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.h:91:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dest[256]; // name or path on submit host data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.h:95:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char job_name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.h:96:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dir[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.h:158:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char app_name[256], data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.h:168:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char app_name[256], data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.h:179:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char app_name[256], data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.h:199:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[256]; // name of batch data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.h:200:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char app_name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.h:228:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.h:245:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char batch_name[256], data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/run_app_windows.cpp:143:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/run_app_windows.cpp:155:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen(CLIENT_AUTH_FILENAME, "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/run_app_windows.cpp:216:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/run_app_windows.cpp:228:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen(CLIENT_AUTH_FILENAME, "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/run_app_windows.cpp:545:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cmdline[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/run_app_windows.cpp:546:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char error_msg[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/shmem.cpp:94:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char global_seg_name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/shmem.cpp:217:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char global_seg_name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/shmem.cpp:252:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/shmem.cpp:288:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/shmem.cpp:327:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(path, O_RDWR | O_CREAT, 0666); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/shmem.cpp:369:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(path, O_RDWR); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/stackwalker_win.cpp:199:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szSymbolType[32]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/stackwalker_win.cpp:203:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szQuery[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/stackwalker_win.cpp:207:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szVersionInfo[24]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/stackwalker_win.cpp:208:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szCompanyName[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/stackwalker_win.cpp:209:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szProductName[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/stackwalker_win.cpp:210:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szFileVersion[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/stackwalker_win.cpp:211:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szProductVersion[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/stackwalker_win.cpp:293:17: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(szQuery, "\\StringFileInfo\\%04x%04x\\CompanyName", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/stackwalker_win.cpp:307:17: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(szQuery, "\\StringFileInfo\\%04x%04x\\ProductName", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/stackwalker_win.cpp:321:17: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(szQuery, "\\StringFileInfo\\%04x%04x\\FileVersion", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/stackwalker_win.cpp:333:17: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(szQuery, "\\StringFileInfo\\%04x%04x\\ProductVersion", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/stackwalker_win.cpp:626:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[TTBUFLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/stackwalker_win.cpp:703:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char undName[MAX_SYM_NAME]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/stackwalker_win.cpp:705:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szMsgSymFromAddr[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/stackwalker_win.cpp:706:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szMsgSymGetLineFromAddr[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/stackwalker_win.cpp:707:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szMsgSymGetModuleInfo[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/std_fixes.h:83:8: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). #undef fopen data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/std_fixes.h:85:8: [2] (tmpfile) tmpfile: Function tmpfile() has a security flaw on some systems (e.g., older System V systems) (CWE-377). #undef tmpfile data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/std_fixes.h:90:8: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). #undef open data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/std_fixes.h:94:7: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *fopen(const char *, const char *); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/std_fixes.h:96:7: [2] (tmpfile) tmpfile: Function tmpfile() has a security flaw on some systems (e.g., older System V systems) (CWE-377). FILE *tmpfile(void); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/std_fixes.h:101:5: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int open(const char *, int, mode_t mode=0); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/std_fixes.h:105:14: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). inline FILE *fopen(const char *path, const char *mode) { return fopen64(path, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/std_fixes.h:109:14: [2] (tmpfile) tmpfile: Function tmpfile() has a security flaw on some systems (e.g., older System V systems) (CWE-377). inline FILE *tmpfile(void) {return tmpfile64();} data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/std_fixes.h:114:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). inline int open(const char *filename, int flags, mode_t mode) { return open64(filename,flags,mode); } data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/str_util.cpp:60:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dst, src, len); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/str_util.cpp:75:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&dst[dst_len], src, len); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/str_util.cpp:88:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char needle[1024], haystack[1024], *p=NULL; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/str_util.cpp:129:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char year_buf[64], day_buf[16], hour_buf[16], min_buf[16], sec_buf[16]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/str_util.cpp:140:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf( year_buf, "%.3f yr ", years ); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/str_util.cpp:142:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf( year_buf, "%d yr ", (int)years ); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/str_util.cpp:156:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf( hour_buf, "%.2f hr ", hours ); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/str_util.cpp:158:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf( hour_buf, "%d hr ", (int)hours ); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/str_util.cpp:164:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf( min_buf, "%.2f min ", minutes ); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/str_util.cpp:166:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf( min_buf, "%d min ", (int)minutes ); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/str_util.cpp:172:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf( sec_buf, "%.2f sec ", seconds ); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/str_util.cpp:174:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf( sec_buf, "%d sec ", (int)seconds ); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/str_util.cpp:195:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "%uh%02um%02us%02u", h, m, s, f); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/str_util.cpp:202:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/str_util.cpp:210:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "%0.2f/%0.2f TB", nbytes/xTera, total_bytes/xTera); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/str_util.cpp:212:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "%0.2f/%0.2f GB", nbytes/xGiga, total_bytes/xGiga); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/str_util.cpp:214:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "%0.2f/%0.2f MB", nbytes/xMega, total_bytes/xMega); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/str_util.cpp:216:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "%0.2f/%0.2f KB", nbytes/xKilo, total_bytes/xKilo); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/str_util.cpp:218:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "%0.0f/%0.0f bytes", nbytes, total_bytes); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/str_util.cpp:222:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "%0.2f TB", nbytes/xTera); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/str_util.cpp:224:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "%0.2f GB", nbytes/xGiga); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/str_util.cpp:226:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "%0.2f MB", nbytes/xMega); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/str_util.cpp:228:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "%0.2f KB", nbytes/xKilo); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/str_util.cpp:230:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "%0.0f bytes", nbytes); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/str_util.cpp:406:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[100]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/str_util.cpp:418:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[100]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/str_util.cpp:419:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char finer[16]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/str_util.cpp:431:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(finer, ".%04d", hundreds_of_microseconds); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/str_util.cpp:437:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/str_util.cpp:443:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "00:00:%02d", sex); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/str_util.cpp:450:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "00:%02d:%02d", min, sex); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/str_util.cpp:457:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "%02d:%02d:%02d", hours, min, sex); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/str_util.cpp:461:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "%d days %02d:%02d:%02d", tdiff, hours, min, sex); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/str_util.cpp:470:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(p, "%4d%02d%02d%02d%02d%02d", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/str_util.cpp:629:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[128]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/str_util.cpp:630:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "Error %d", which_error); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/translate.cpp:78:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char languageCode[32]; // language code (e.g., "it_IT") data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/translate.cpp:79:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char catalogName[128]; // catalog name (e.g., "BOINC-Setup") data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/translate.cpp:113:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char searchPath[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/translate.cpp:115:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char temp[32]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/translate.cpp:186:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen(searchPath, "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/translate.cpp:322:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filename[64]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/unix_util.cpp:32:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char ether_ntoa_buffer[18]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/unix_util.cpp:37:8: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(ether_ntoa_buffer+i*3,"%02x:",addr->ether_addr_octet[i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/unix_util.cpp:39:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(ether_ntoa_buffer+15,"%02x",addr->ether_addr_octet[i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/unix_util.h:68:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char ether_addr_octet[6]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/url.cpp:42:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char _buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/url.cpp:93:21: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). purl.port = atol(p+1); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/url.cpp:134:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/url.cpp:151:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/url.cpp:172:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/url.cpp:208:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/url.cpp:233:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/url.h:30:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char user[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/url.h:31:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char passwd[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/url.h:32:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char host[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/url.h:34:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char file[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/util.cpp:300:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char file_name[24]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/util.cpp:305:17: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((file = fopen(file_name,"r")) != NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/util.cpp:363:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *f = fopen(path, "rb"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/util.cpp:365:26: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FCGI_FILE *f = FCGI::fopen(path, "rb"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/util.cpp:418:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cmdline[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/util.cpp:419:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char error_msg[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/util.cpp:561:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[MAX_PATH] = ""; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/util.cpp:574:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/win_util.cpp:54:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szPath[MAX_PATH]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/win_util.cpp:123:21: [2] (buffer) MultiByteToWideChar: Requires maximum length in CHARACTERS, not bytes (CWE-120). int length_wide = MultiByteToWideChar(CP_ACP, 0, str.data(), -1, NULL, 0); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/win_util.cpp:125:3: [2] (buffer) MultiByteToWideChar: Requires maximum length in CHARACTERS, not bytes (CWE-120). MultiByteToWideChar(CP_ACP, 0, str.data(), -1, string_wide, length_wide); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/wslinfo.cpp:32:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dn[256], n[256], v[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/condor/boinc_gahp.cpp:55:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char project_url[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/condor/boinc_gahp.cpp:56:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char authenticator[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/condor/boinc_gahp.cpp:57:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char response_prefix[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/condor/boinc_gahp.cpp:70:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char batch_name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/condor/boinc_gahp.cpp:71:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char app_name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/condor/boinc_gahp.cpp:75:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char app_version_num[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/condor/boinc_gahp.cpp:79:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char boinc_name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/condor/boinc_gahp.cpp:88:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cmd[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/condor/boinc_gahp.cpp:99:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char batch_name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/condor/boinc_gahp.cpp:137:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char md5[64], ext[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/condor/boinc_gahp.cpp:170:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/condor/boinc_gahp.cpp:269:17: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). int njobs = atoi(strtok_r(NULL, " ", &p)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/condor/boinc_gahp.cpp:273:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). int nargs = atoi(strtok_r(NULL, " ", &p)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/condor/boinc_gahp.cpp:278:24: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). int ninfiles = atoi(strtok_r(NULL, " ", &p)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/condor/boinc_gahp.cpp:316:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/condor/boinc_gahp.cpp:322:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "error\\ getting\\ templates:\\ %d\\ ", retval); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/condor/boinc_gahp.cpp:333:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "error\\ creating\\ batch:\\ %d\\ ", retval); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/condor/boinc_gahp.cpp:340:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "error\\ processing\\ input\\ files:\\ %d\\ ", retval); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/condor/boinc_gahp.cpp:349:18: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). req.job_params, atoi(req.app_version_num) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/condor/boinc_gahp.cpp:352:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "error\\ submitting\\ jobs:\\ %d\\ ", retval); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/condor/boinc_gahp.cpp:362:13: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). int n = atoi(strtok_r(NULL, " ", &p)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/condor/boinc_gahp.cpp:372:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/condor/boinc_gahp.cpp:379:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "error\\ querying\\ batch:\\ %d\\ ", retval); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/condor/boinc_gahp.cpp:383:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, " %f", reply.server_time); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/condor/boinc_gahp.cpp:388:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, " %d", n); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/condor/boinc_gahp.cpp:429:18: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). int nfiles = atoi(strtok_r(NULL, " ", &p)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/condor/boinc_gahp.cpp:457:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/condor/boinc_gahp.cpp:458:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/condor/boinc_gahp.cpp:472:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "error\\ getting\\ templates:\\ %d\\ ", retval); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/condor/boinc_gahp.cpp:484:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "query_completed_job()\\ returned\\ %d\\ ", retval); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/condor/boinc_gahp.cpp:488:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, " %d %f %f", cjd.exit_status, cjd.elapsed_time, cjd.cpu_time); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/condor/boinc_gahp.cpp:499:19: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* f = fopen(path, "a"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/condor/boinc_gahp.cpp:517:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "get_output_file()\\ returned\\ %d\\ ", retval); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/condor/boinc_gahp.cpp:535:17: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "get_output_file()\\ returned\\ %d\\ ", retval); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/condor/boinc_gahp.cpp:546:23: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "too\\ many\\ output\\ files\\ specified\\ submit:%u\\ template:%lu", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/condor/boinc_gahp.cpp:559:17: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "get_output_file()\\ returned\\ %d\\ ", retval); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/condor/boinc_gahp.cpp:571:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dst_path[4096]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/condor/boinc_gahp.cpp:604:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/condor/boinc_gahp.cpp:606:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "abort_jobs()\\ returned\\ %d\\ ", retval); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/condor/boinc_gahp.cpp:625:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/condor/boinc_gahp.cpp:627:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "retire_batch()\\ returned\\ %d\\ ", retval); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/condor/boinc_gahp.cpp:647:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/condor/boinc_gahp.cpp:649:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "set_lease()\\ returned\\ %d\\ ", retval); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/condor/boinc_gahp.cpp:659:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/condor/boinc_gahp.cpp:662:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "ping_server\\ returned\\ %d\\ ", retval); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/condor/boinc_gahp.cpp:748:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cmd[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/condor/boinc_gahp.cpp:866:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* f = fopen("config.txt", "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/cygwin_fstab/fstab.c:50:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[PATH_MAX]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/cygwin_fstab/fstab.c:78:5: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(path, "\\040"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/cygwin_fstab/fstab.c:86:14: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* fp = fopen("etc\\fstab", "w"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/cygwin_fstab/fstab.c:89:14: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* fp = fopen("etc/fstab", "w"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/example_app/slide_show.cpp:70:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/example_app/slide_show.cpp:78:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char new_dir_path[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/example_app/slide_show.cpp:236:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cs[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/example_app/uc2.cpp:103:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* f = fopen("temp", "w"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/example_app/uc2.cpp:146:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char input_path[512], output_path[512], chkpt_path[512], buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/example_app/uc2.cpp:213:22: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). retval = out.open(output_path, "ab"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/example_app/uc2.cpp:215:22: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). retval = out.open(output_path, "wb"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/example_app/uc2_graphics.cpp:91:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/example_app/uc2_graphics.cpp:105:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "%% Done: %f", 100*fd); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/example_app/uc2_graphics.cpp:107:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "CPU time: %f", cpu); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/example_app/uc2_graphics.cpp:245:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/example_app/uc2_graphics.cpp:258:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cs[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/example_app/ucn.cpp:49:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char input_path[1024], output_path[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/example_app/ucn.cpp:50:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/example_app/ucn.cpp:86:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/browserlog.cpp:37:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/browsermain_win.cpp:64:5: [2] (buffer) TCHAR: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. TCHAR szPath[MAX_PATH-1]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/browsermain_win.cpp:111:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szWindowTitle[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/browsermain_win.cpp:112:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szWindowInfo[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/browsermain_win.cpp:113:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szDebuggingInfo[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/browserwnd_win.cpp:69:5: [2] (buffer) TCHAR: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. TCHAR szExecutable[MAX_PATH]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:317:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char message[NS_CTL_MSG_MESSAGE_SIZE]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:350:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(io->buf + io->len, buf, len); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:354:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(io->buf + io->len, buf, len); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:456:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char mem[NS_VPRINTF_BUFFER_SIZE], *buf = mem; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:482:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *buf, src[60], dst[60]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:485:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fp = fopen(path, "a")) != NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:600:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ina, he->h_addr_list[0], sizeof(*ina)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:618:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char host[200]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:620:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[100]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:737:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cert[100], ca_cert[100]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:845:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ascii[17] = ""; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:875:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[NS_READ_BUFFER_SIZE]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:982:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[NS_UDP_RECEIVE_BUFFER_SIZE]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:1115:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cert[100], ca_cert[100]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:1180:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ctl_msg.message, data, len); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:1252:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). #define fopen(x, y) mg_fopen((x), (y)) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:1253:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). #define open(x, y, z) mg_open((x), (y), (z)) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:1436:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *config_options[NUM_OPTIONS]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:1568:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[MAX_PATH_SIZE * 2], buf2[MAX_PATH_SIZE * 2], *p; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:1580:3: [2] (buffer) MultiByteToWideChar: Requires maximum length in CHARACTERS, not bytes (CWE-120). MultiByteToWideChar(CP_UTF8, 0, buf, -1, wbuf, (int) wbuf_len); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:1589:3: [2] (buffer) wchar_t: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. wchar_t wpath[MAX_PATH_SIZE]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:1596:3: [2] (buffer) wchar_t: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. wchar_t wpath[MAX_PATH_SIZE], wmode[10]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:1603:3: [2] (buffer) wchar_t: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. wchar_t wpath[MAX_PATH_SIZE]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:1811:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char headers[200], body[200]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:1826:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if ((match_code = atoi(a.ptr)) > 0 && match_code == code) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:1858:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char chunk_size[50]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:1901:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[IOBUF_SIZE]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:1921:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[IOBUF_SIZE]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:1949:3: [2] (buffer) wchar_t: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. wchar_t buf[MAX_PATH_SIZE], buf2[MAX_PATH_SIZE]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:1961:3: [2] (buffer) wchar_t: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. wchar_t wcmd[MAX_PATH_SIZE], full_dir[MAX_PATH_SIZE]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:1962:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[MAX_PATH_SIZE], buf4[MAX_PATH_SIZE], buf5[MAX_PATH_SIZE], data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:1980:31: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (interp == NULL && (fp = fopen(cmd, "r")) != NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:2025:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[500]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:2067:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[CGI_ENVIRONMENT_SIZE]; // Environment buffer data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:2068:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *vars[MAX_CGI_ENVIR_VARS]; // char *envp[] data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:2213:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dir[MAX_PATH_SIZE]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:2271:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[MAX_REQUEST_SIZE], *s = buf; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:2282:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf, io->buf + s_len, len); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:2290:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(io->buf + 9, status, 3); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:2291:35: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). conn->mg_conn.status_code = atoi(status); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:2432:25: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). ri->status_code = atoi(ri->uri); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:2684:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char mem[IOBUF_SIZE], *buf = mem; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:2716:31: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. union char64long16 { unsigned char c[64]; uint32_t l[16]; }; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:2748:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buffer[64]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:2751:61: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static void SHA1Transform(uint32_t state[5], const unsigned char buffer[64]) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:2755:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(block, buffer, 64); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:2812:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&context->buffer[j], data, (i = 64-j)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:2820:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&context->buffer[j], &data[i], len - i); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:2823:32: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static void SHA1Final(unsigned char digest[20], SHA1_CTX *context) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:2825:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char finalcount[8], c; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:2875:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[500], sha[20], b64_sha[sizeof(sha) * 2]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:2941:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char mem[4192], *copy = mem; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:2955:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(copy + 2, data, data_len); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:2961:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(copy + 4, data, data_len); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:2968:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(copy+2,&hi,sizeof(hi)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:2969:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(copy+6,&lo,sizeof(lo)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:2970:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(copy + 10, data, data_len); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:2992:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char mem[4192], *buf = mem; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:3088:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char month_str[32]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:3149:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char etag[64]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:3216:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char date[64], lm[64], etag[64], range[64], headers[1000]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:3299:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char d_name[MAX_PATH_SIZE]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:3311:3: [2] (buffer) wchar_t: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. wchar_t wpath[MAX_PATH_SIZE]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:3323:14: [2] (buffer) wcscat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Risk is low because the source is a constant string. (void) wcscat(wpath, L"\\*"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:3379:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[MAX_PATH_SIZE]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:3448:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char size[64], mod[64], href[MAX_PATH_SIZE * 3]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:3538:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char mtime[64]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:3592:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[MAX_PATH_SIZE * 3]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:3624:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[MAX_PATH_SIZE]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:3666:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[MAX_PATH_SIZE]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:3673:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf, path, p - path); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:3698:15: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). open(path, O_RDWR | O_CREAT | O_TRUNC | O_BINARY, 0644)) < 0) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:3756:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[MAX_PATH_SIZE]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:3762:10: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen(gpass, "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:3765:10: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen(name, "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:3771:10: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen(name, "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:3798:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char in[64]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:3932:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(p, buf, len); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:3935:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(p, buf, t); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:3943:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ctx->in, buf, 64); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:3950:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ctx->in, buf, len); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:3953:31: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static void MD5Final(unsigned char digest[16], MD5_CTX *ctx) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:3979:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(digest, ctx->buf, 16); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:3999:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *mg_md5(char buf[33], ...) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:3999:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *mg_md5(char buf[33], ...) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:4000:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char hash[16]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:4022:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ha2[32 + 1], expected_response[32 + 1]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:4043:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char line[256], f_user[256], ha1[256], f_domain[256], user[100], nonce[100], data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:4092:41: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). } else if (auth_file != NULL && (fp = fopen(auth_file, "r")) != NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:4149:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[IOBUF_SIZE]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:4158:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char file_name[IOBUF_SIZE], path[MAX_PATH_SIZE], *p; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:4186:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fp = fopen(path, "rb")) == NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:4203:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cmd[IOBUF_SIZE]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:4219:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[IOBUF_SIZE]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:4284:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fp = fopen(path, "rb")) == NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:4387:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char proto[10], host[500], cert[500], addr[1000]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:4412:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[MAX_PATH_SIZE]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:4459:35: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). } else if ((conn->endpoint.fd = open(path, O_RDONLY | O_BINARY, 0)) != -1) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:4477:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[MAX_PATH_SIZE]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:4586:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(conn->request, io->buf, conn->request_len); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:4735:39: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *fp = (path == NULL) ? NULL : fopen(path, "a+"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:4736:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char date[64], user[100]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:4821:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[IOBUF_SIZE]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:4983:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tmp, c, sizeof(*tmp)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:5047:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[100]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:5076:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[100]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:5259:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[8 * 1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.h:37:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char remote_ip[48]; // Max IPv6 string length is 45 characters data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.h:38:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char local_ip[48]; // Local IP address data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.h:129:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *mg_md5(char buf[33], ...); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.h:129:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *mg_md5(char buf[33], ...); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/webapi.cpp:68:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/webapi.cpp:88:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/webserver.cpp:57:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char webserver_listening[64]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/webserver.cpp:58:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char webserver_documentroot[64]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/webserver.cpp:59:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char webserver_domain[64]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/image_libs/bmplib.cpp:74:19: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *bmp_file = fopen(file_name, "rb"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/image_libs/tgalib.cpp:31:14: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if((pFile = fopen(filename, "rb")) == NULL) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/multi_thread/multi_thread.cpp:71:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/multi_thread/multi_thread.cpp:140:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/multi_thread/multi_thread.cpp:158:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/multi_thread/multi_thread.cpp:167:24: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). nthreads = atoi(argv[++i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/nvcuda/cuda.cpp:60:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char input_path[512], output_path[512], chkpt_path[512], buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/nvcuda/cuda.cpp:124:18: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). retval = out.open(output_path, "wb"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/nvcuda/cuda.cpp:268:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* f = fopen("temp", "w"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/nvcuda/cuda.cpp:299:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). infile=fopen(INPUT_FILENAME,"w"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/openclapp/openclapp.cpp:49:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char input_path[512], output_path[512], chkpt_path[512], buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/openclapp/openclapp.cpp:109:18: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). retval = out.open(output_path, "wb"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/openclapp/openclapp.cpp:280:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* f = fopen("temp", "w"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/openclapp/openclapp.cpp:305:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). infile=fopen(INPUT_FILENAME,"w"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/openclapp/openclapp.cpp:427:18: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *infile=fopen(fileName,"r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/openclapp/openclapp.cpp:430:18: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). infile = fopen(KERNELS_FILEPATH,"r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/openclapp/openclapp.cpp:989:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&AI_d[lda*i*2], &input[n*i], sizeof(cl_float)*n); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/openclapp/openclapp.cpp:1041:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&output[n*i], &AI_d[lda*i*2+n], sizeof(cl_float)*n); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/floppyio.cpp:101:8: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fIO->open(filename, fOpenFlags); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/floppyio.cpp:112:16: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fIO->open(filename, fOpenFlags); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/gbac.cpp:70:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char resolved_buffer[2048]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/gbac.cpp:71:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg_buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/gbac.cpp:97:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen(resolved_buffer, "w"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/gbac.cpp:115:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg_buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/gbac.cpp:116:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/gbac.cpp:117:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dest_buffer[2048]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/gbac.cpp:118:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char resolved_buffer[2048]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/gbac.cpp:187:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char arg_buffer[4096]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/gbac.cpp:189:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cl_file_buffer[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/gbac.cpp:213:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). cl_file = fopen(cl_file_buffer, "w+"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/gbac.cpp:231:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg_buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/gbac.cpp:232:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/gbac.cpp:233:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char src_buffer[2048]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/gbac.cpp:234:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char resolved_buffer[2048]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/gbac.cpp:290:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg_buf[8192]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/gbac.cpp:298:20: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). input_file.open(log_files[i], ios::in | ios::binary); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/gbac.cpp:321:21: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). output_file.open("stderr.txt", ios::out | ios::app); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/gbac.cpp:413:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg_buf[8192]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/gbac.cpp:451:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg_buf[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/gbac.cpp:453:16: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). input_file.open("shared/gbac_exit_status", ios::in | ios::binary); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/gbac.cpp:483:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buf[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/gbac.cpp:484:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg_buf[MSG_CHANNEL_SIZE]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/gbac.cpp:549:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg_buf[MSG_CHANNEL_SIZE]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/gbac.cpp:582:17: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). outfile.open(GBAC_VAUNZIP_STATUS, ios::out | ios::trunc); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/gbac.cpp:600:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vbox_common.cpp:511:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char screenshot_md5[33]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vbox_common.cpp:537:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen(screenshot_location.c_str(), "rb"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vbox_common.cpp:662:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char slot_dir[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vbox_common.cpp:883:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vbox_common.cpp:972:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cmdline[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vbox_common.cpp:1004:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vbox_common.cpp:1394:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vbox_common.cpp:1436:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* f = fopen(REPLAYLOG_FILENAME, "a"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vbox_common.cpp:1444:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vbox_common.cpp:1461:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* f = fopen(TRACELOG_FILENAME, "a"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vbox_mscom_impl.cpp:295:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vbox_mscom_impl.cpp:401:38: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). rc = pMachine->put_CPUCount((int)atoi(vm_cpu_count.c_str())); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vbox_mscom_impl.cpp:819:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "%d", rd_host_port); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vbox_mscom_impl.cpp:1825:14: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen(screenshot_location.c_str(), "wb"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vbox_mscom_impl.cpp:1851:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vbox_mscom_impl.cpp:1865:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "%d", (int)elapsed_time); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vbox_mscom_impl.cpp:2208:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vbox_mscom_impl.cpp:2533:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vbox_mscom_impl.cpp:2620:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cmdline[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vbox_mscom_impl.cpp:2625:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vbox_vboxmanage.cpp:179:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vbox_vboxmanage.cpp:226:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "%d", (int)memory_size_mb); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vbox_vboxmanage.cpp:619:17: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "%d", rd_host_port); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vbox_vboxmanage.cpp:1350:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vbox_vboxmanage.cpp:1362:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "%d", (int)elapsed_time); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vbox_vboxmanage.cpp:1690:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vbox_vboxmanage.cpp:1909:30: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). vm_pid = atol(pid.c_str()); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vbox_vboxmanage.cpp:1984:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vbox_vboxmanage.cpp:1990:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "%d", percentage); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vbox_vboxmanage.cpp:2004:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vbox_vboxmanage.cpp:2027:17: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "%d", kilobytes); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vbox_vboxmanage.cpp:2040:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "%d", kilobytes); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vboxjob.cpp:141:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vboxlogging.cpp:37:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vboxwrapper.cpp:111:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vboxwrapper.cpp:118:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vboxwrapper.cpp:124:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vboxwrapper.cpp:130:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vboxwrapper.cpp:131:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vboxwrapper.cpp:135:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* f = fopen(path, "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vboxwrapper.cpp:161:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vboxwrapper.cpp:162:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vboxwrapper.cpp:168:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* f = fopen(path, "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vboxwrapper.cpp:171:25: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). exit_code = atoi(buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vboxwrapper.cpp:174:25: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). is_notice = atoi(buf) != 0; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vboxwrapper.cpp:184:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vboxwrapper.cpp:185:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vboxwrapper.cpp:191:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* f = fopen(path, "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vboxwrapper.cpp:194:26: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). temp_delay = atoi(buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vboxwrapper.cpp:197:25: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). is_notice = atoi(buf) != 0; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vboxwrapper.cpp:251:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vboxwrapper.cpp:269:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "%d", aid.userid); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vboxwrapper.cpp:272:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "%d", aid.hostid); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vboxwrapper.cpp:275:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "%.17g", aid.user_total_credit); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vboxwrapper.cpp:278:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "%.17g", aid.host_total_credit); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vboxwrapper.cpp:288:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vboxwrapper.cpp:290:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "http://localhost:%d", vm.pf_host_port); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vboxwrapper.cpp:299:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vboxwrapper.cpp:301:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "localhost:%d", vm.rd_host_port); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vboxwrapper.cpp:311:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filename[256], path[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vboxwrapper.cpp:339:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filename[256], path[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vboxwrapper.cpp:366:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vboxwrapper.cpp:374:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vboxwrapper.cpp:425:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vboxwrapper.cpp:555:24: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). vm_image = atoi(argv[++i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vboxwrapper.cpp:694:19: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* f = fopen("shared/cmdline", "wb"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vboxwrapper.cpp:750:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "%d", (int)ceil(ncpus)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vboxwrapper.cpp:752:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "%d", (int)ceil(aid.ncpus)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vboxwrapper.cpp:1149:21: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vboxwrapper.cpp:1162:21: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vboxwrapper.cpp:1241:25: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vboxwrapper.cpp:1294:36: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* output = fopen("output", "w"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/worker/worker.cpp:50:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/worker/worker.cpp:62:16: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). nsec = atoi(argv[i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/worker/worker.cpp:68:14: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). in = fopen("in", "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/worker/worker.cpp:73:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). out = fopen("out", "w"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/wrapper/regerror.c:63:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char convbuf[ERROR_BUFFER_SIZE]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/wrapper/wrapper.cpp:186:19: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* f = fopen(fraction_done_filename.c_str(), "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/wrapper/wrapper.cpp:194:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/wrapper/wrapper.cpp:250:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf2[64000]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/wrapper/wrapper.cpp:285:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char nt[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/wrapper/wrapper.cpp:286:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(nt, "%d", nthreads); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/wrapper/wrapper.cpp:296:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(nt, "%d", gpu_device_num); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/wrapper/wrapper.cpp:310:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cwd[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/wrapper/wrapper.cpp:322:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fname[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/wrapper/wrapper.cpp:329:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* f = fopen("initial_file_list_temp", "w"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/wrapper/wrapper.cpp:342:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/wrapper/wrapper.cpp:343:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* f = fopen("initial_file_list", "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/wrapper/wrapper.cpp:384:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fname[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/wrapper/wrapper.cpp:425:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[8192]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/wrapper/wrapper.cpp:491:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf2[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/wrapper/wrapper.cpp:510:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/wrapper/wrapper.cpp:538:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256], buf2[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/wrapper/wrapper.cpp:678:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char app_path[1024], buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/wrapper/wrapper.cpp:711:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char lbuf[16384]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/wrapper/wrapper.cpp:712:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fname[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/wrapper/wrapper.cpp:826:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char error_msg[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/wrapper/wrapper.cpp:842:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char arglist[4096]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/wrapper/wrapper.cpp:933:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/wrapper/wrapper.cpp:1069:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/wrapper/wrapper.cpp:1076:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/wrapper/wrapper.cpp:1090:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* f = fopen(CHECKPOINT_FILENAME, "w"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/wrapper/wrapper.cpp:1110:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* f = fopen(CHECKPOINT_FILENAME, "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/wrapper/wrapper.cpp:1163:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/wrapper/wrapper.cpp:1178:24: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). nthreads = atoi(argv[++j]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/wrapper/wrapper.cpp:1180:30: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). gpu_device_num = atoi(argv[++j]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/wrappture/fermi.cpp:10:16: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *fo = fopen("fermi_out.dat", "w"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/wrappture/wrappture.cpp:111:19: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* f = fopen(fraction_done_filename.c_str(), "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/wrappture/wrappture.cpp:181:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char app_path[1024], buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/wrappture/wrappture.cpp:250:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char error_msg[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/wrappture/wrappture.cpp:261:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char progname[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/wrappture/wrappture.cpp:263:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char arglist[4096]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/wrappture/wrappture.cpp:439:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/wrappture/wrappture_example.cpp:30:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/wrappture/wrappture_example.cpp:97:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "%g %g", T, Ef); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/adjust_user_priority.cpp:42:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/adjust_user_priority.cpp:52:22: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). userid = atoi(argv[++i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/adjust_user_priority.cpp:73:23: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). retval = boinc_db.open( data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/adjust_user_priority.cpp:104:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "where user_id=%d", userid); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/adjust_user_priority.cpp:131:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char set_clause[256], where_clause[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/adjust_user_priority.cpp:132:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(set_clause, "logical_start_time=%f", x); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/adjust_user_priority.cpp:133:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(where_clause, "user_id=%lu", us.user_id); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/antique_file_deleter.cpp:118:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/antique_file_deleter.cpp:266:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[270]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/antique_file_deleter.cpp:299:22: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). int dl = atoi(argv[i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/antique_file_deleter.cpp:305:30: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). antique_usleep = atoi(argv[++i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/antique_file_deleter.cpp:329:23: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). retval = boinc_db.open( data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/assimilator.cpp:84:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/assimilator.cpp:85:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char mod_clause[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/assimilator.cpp:90:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(mod_clause, " and workunit.id %% %d = %d ", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/assimilator.cpp:125:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "where workunitid=%ld", wu.id); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/assimilator.cpp:156:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "error_mask=%d", wu.error_mask); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/assimilator.cpp:174:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf( data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/assimilator.cpp:216:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/assimilator.cpp:228:29: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). one_pass_N_WU = atoi(argv[i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/assimilator.cpp:235:30: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). sleep_interval = atoi(argv[i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/assimilator.cpp:243:22: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). int dl = atoi(argv[i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/assimilator.cpp:264:31: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). wu_id_modulus = atoi(argv[i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/assimilator.cpp:269:31: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). wu_id_remainder = atoi(argv[i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/assimilator.cpp:302:23: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). retval = boinc_db.open(config.db_name, config.db_host, config.db_user, config.db_passwd); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/census.cpp:75:23: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). retval = boinc_db.open( data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/credit.cpp:56:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/credit.cpp:84:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf( data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/credit.cpp:112:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/credit.cpp:129:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char clause1[1024], clause2[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/credit.cpp:132:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(clause1, "where userid=%lu and appid=%lu", result.userid, result.appid); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/credit.cpp:148:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(clause1, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/credit.cpp:152:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(clause2, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/credit.cpp:161:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(clause1, "where teamid=%lu and appid=%lu", result.teamid, result.appid); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/credit.cpp:177:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(clause1, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/credit.cpp:181:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(clause2, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/credit.cpp:241:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/credit.cpp:256:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "pfc_scale=%.15e", av.pfc_scale); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/credit.cpp:276:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "min_avg_pfc=%.15e", avg); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/credit.cpp:393:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/credit.cpp:394:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "where host_id=%lu and app_version_id=%ld", hostid, gen_avid); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/credit.cpp:420:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "where host_id=%lu", hostid); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/credit.cpp:443:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char query[256], where_clause[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/credit.cpp:444:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(query, "app_version_id=%ld", gen_avid); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/credit.cpp:445:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(where_clause, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/credit.cpp:1077:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char query[512], clause[512]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/credit.cpp:1078:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(query, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/credit.cpp:1101:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(clause, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/credit_test.cpp:352:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* f = fopen("credit_test_unsorted", "w"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/credit_test.cpp:360:23: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). retval = boinc_db.open( data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/credit_test.cpp:375:16: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* in = fopen("credit_test_data", "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:98:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filename[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:105:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char output_dir[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:106:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char final_output_dir[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:107:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char archive_dir[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:113:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256], buf2[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:147:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256], buf2[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:186:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:223:18: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). virtual bool open(const char* filename) = 0; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:241:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). bool open(const char* filename) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:242:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen(filename, "w"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:260:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char current_path[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:267:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). bool open(const char* filename) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:268:15: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if(!f.open(filename)) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:279:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:308:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). bool open(const char* filename) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:309:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:356:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). void open(const char* filename) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:359:22: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!stream->open(filename)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:372:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:374:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). open(buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:446:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char p_vendor[2048], p_model[2048], os_name[2048], os_version[2048]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:494:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char boinc[256], vbox[256], coprocs[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:495:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:571:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:572:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cpid[MD5_LEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:574:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[2048], url[2048]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:625:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "where userid=%d", user.id); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:646:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:649:8: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). zf.open(path); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:667:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:670:8: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). zf.open(path); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:688:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:689:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[2048]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:690:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char url[2048], name_html[2048]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:692:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char description[BLOB_SIZE]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:718:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fname[2048]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:758:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "where teamid=%lu", team.id); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:782:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:786:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "where appid=%d and server_state=%d", app.id, RESULT_SERVER_STATE_UNSENT); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:792:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "where appid=%d and server_state=%d", app.id, RESULT_SERVER_STATE_IN_PROGRESS); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:798:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "where appid=%d and server_state=%d", app.id, RESULT_SERVER_STATE_OVER); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:841:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:845:8: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). zf.open(buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:875:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char clause[512]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:876:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char lookupclause[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:877:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char userclause[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:878:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char hostclause[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:879:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char teamclause[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:880:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char joinclause[512]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:881:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char orderclause[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:882:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:896:24: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). out.zfile->open(path); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:952:6: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(joinclause, "INNER JOIN (\ data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:1040:6: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(joinclause, "INNER JOIN (\ data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:1167:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char spec_filename[256], buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:1191:28: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). retry_period = atoi(argv[i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:1200:22: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). int dl = atoi(argv[i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:1231:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* f = fopen(spec_filename, "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:1268:31: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). while ((retval = boinc_db.open( data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:1329:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char base[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:1332:13: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(base, "/stats"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_purge.cpp:238:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *suffix[4] = {"", ".gz", ".zip", ".gz"}; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_purge.cpp:248:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char app_name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_purge.cpp:270:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_purge.cpp:271:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char command[MAXPATHLEN+512]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_purge.cpp:272:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(command, "/bin/false"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_purge.cpp:276:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dirname[32]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_purge.cpp:281:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errstr[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_purge.cpp:314:19: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!(f = fopen(path,"w"))) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_purge.cpp:315:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_purge.cpp:353:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_purge.cpp:374:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dirname[32]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_purge.cpp:461:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char stderr_out_escaped[BLOB_SIZE*6]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_purge.cpp:494:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[BLOB_SIZE*7]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_purge.cpp:498:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char stderr_out_escaped[BLOB_SIZE*6]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_purge.cpp:533:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[BLOB_SIZE*2]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_purge.cpp:568:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_purge.cpp:572:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "where workunitid=%lu", wu.id); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_purge.cpp:623:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256], buf2[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_purge.cpp:631:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "state=%d", BATCH_STATE_RETIRED); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_purge.cpp:636:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "where file_delete_state=%d", FILE_DELETE_DONE); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_purge.cpp:639:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf2, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_purge.cpp:646:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf2, " and id %% %d = %d", id_modulus, id_remainder); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_purge.cpp:650:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf2, " and appid=%lu", app.id); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_purge.cpp:653:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf2, " limit %d", DB_QUERY_LIMIT); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_purge.cpp:714:17: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf2, "workunitid=%lu", wu.id); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_purge.cpp:771:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_purge.cpp:784:22: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). int dl = atoi(argv[i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_purge.cpp:800:44: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). max_number_workunits_to_purge= atoi(argv[i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_purge.cpp:815:31: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). max_wu_per_file = atoi(argv[i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_purge.cpp:826:25: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). sleep_sec = atoi(argv[i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_purge.cpp:849:28: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). id_modulus = atoi(argv[++i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_purge.cpp:850:28: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). id_remainder = atoi(argv[++i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_purge.cpp:880:23: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). retval = boinc_db.open( data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/delete_file.cpp:59:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char file_name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/delete_file.cpp:74:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). host_id = atoi(argv[i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/delete_file.cpp:106:23: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). retval = boinc_db.open( data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/edf_sim.h:28:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/feeder.cpp:143:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char mod_select_clause[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/feeder.cpp:177:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen(config.project_path(REREAD_DB_FILENAME), "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/feeder.cpp:246:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char select_clause[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/feeder.cpp:308:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/feeder.cpp:311:17: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "server_state=%d, outcome=%d", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/feeder.cpp:443:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/feeder.cpp:444:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/feeder.cpp:532:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/feeder.cpp:533:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "/proc/%d", pid); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/feeder.cpp:731:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[MAXPATHLEN], order_buf[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/feeder.cpp:740:22: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). int dl = atoi(argv[i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/feeder.cpp:762:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(order_buf, "and 0=1 union (SELECT r1.id, r1.priority, r1.server_state, r1.report_deadline, workunit.* FROM workunit JOIN (" data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/feeder.cpp:770:32: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). purge_stale_time = atoi(argv[++i])*60; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/feeder.cpp:777:13: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(mod_select_clause, " and workunit.appid in ("); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/feeder.cpp:786:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). int n = atoi(argv[++i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/feeder.cpp:787:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). int j = atoi(argv[++i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/feeder.cpp:788:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(mod_select_clause, "and r1.id %% %d = %d ", n, j); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/feeder.cpp:796:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). int n = atoi(argv[++i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/feeder.cpp:797:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). int j = atoi(argv[++i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/feeder.cpp:798:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(mod_select_clause, "and workunit.id %% %d = %d ", n, j); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/feeder.cpp:806:30: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). sleep_interval = atoi(argv[i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/feeder.cpp:862:23: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). retval = boinc_db.open( data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_deleter.cpp:138:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_deleter.cpp:139:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path_gz[MAXPATHLEN], path_md5[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_deleter.cpp:236:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pathname[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_deleter.cpp:326:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_deleter.cpp:327:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char clause[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_deleter.cpp:334:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(clause, " and id %% %d = %d ", id_modulus, id_remainder); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_deleter.cpp:337:9: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(clause, " and batch <= 0 "); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_deleter.cpp:340:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, " and appid = %lu ", appid); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_deleter.cpp:374:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "file_delete_state=%d", new_state); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_deleter.cpp:394:9: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(clause, " and xml_doc like '"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_deleter.cpp:428:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "file_delete_state=%d", new_state); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_deleter.cpp:493:21: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). appid = atol(argv[i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_deleter.cpp:500:22: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). int dl = atoi(argv[i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_deleter.cpp:509:28: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). id_modulus = atoi(argv[++i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_deleter.cpp:510:28: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). id_remainder = atoi(argv[++i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_deleter.cpp:551:30: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). sleep_interval = atoi(argv[i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_deleter.cpp:591:23: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). retval = boinc_db.open(config.db_name, config.db_host, config.db_user, config.db_passwd); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_deleter.cpp:607:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_upload_handler.cpp:62:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char this_filename[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_upload_handler.cpp:75:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[10240]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_upload_handler.cpp:115:14: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int fd = open(path, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_upload_handler.cpp:131:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buf[BLOCK_SIZE]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_upload_handler.cpp:143:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buf[BLOCK_SIZE]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_upload_handler.cpp:170:18: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(path, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_upload_handler.cpp:310:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256], path[MAXPATHLEN], signed_xml[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_upload_handler.cpp:311:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[256], stemp[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_upload_handler.cpp:313:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char xml_signature[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_upload_handler.cpp:389:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_upload_handler.cpp:475:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[MAXPATHLEN], buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_upload_handler.cpp:499:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(path, O_RDONLY); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_upload_handler.cpp:550:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "<file_size>%d</file_size>", (int)sbuf.st_size); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_upload_handler.cpp:557:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_upload_handler.cpp:558:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char file_name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_upload_handler.cpp:603:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_upload_handler.cpp:606:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *f = fopen(buf, "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_upload_handler.cpp:608:26: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FCGI_FILE *f = FCGI::fopen(buf, "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_upload_handler.cpp:622:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[512]=""; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_upload_handler.cpp:645:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char log_name[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_upload_handler.cpp:646:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char log_path[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_upload_handler.cpp:667:26: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FCGI_FILE *f = FCGI::fopen(log_path, "a"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/get_file.cpp:60:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char file_name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/get_file.cpp:77:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). host_id = atoi(argv[i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/get_file.cpp:113:23: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). retval = boinc_db.open( data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/get_file.cpp:130:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char keypath[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:81:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[2048]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:82:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dn[512], ip[512], os[512], pm[512]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:133:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filename[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:134:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pid_string[16]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:143:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(filename, O_WRONLY|O_CREAT, S_IRUSR|S_IWUSR|S_IRGRP|S_IROTH); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:158:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. count = sprintf(pid_string, "%d\n", getpid()); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:173:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filename[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:185:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024], buf2[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:208:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256], buf2[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:210:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "where hostid=%lu and server_state=%d", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:215:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf2, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:227:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf2, "transition_time=%d", (int)time(0)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:254:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:289:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "where id=%lu", host.userid); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:366:26: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). int userid = atoi(g_request->authenticator); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:535:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024], buf2[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:536:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "[BOINC|%d.%d.%d", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:608:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:667:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:728:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:752:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[BLOB_SIZE+256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:880:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:971:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[512]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:975:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(msg, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:1009:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:1035:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:1114:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:1115:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "where hostid = %lu and handled = %d", g_reply->host.id, 0); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:1178:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:1424:21: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:1501:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/hr_info.cpp:38:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* f = fopen(HR_INFO_FILENAME, "w"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/hr_info.cpp:40:26: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FCGI_FILE* f = FCGI::fopen(HR_INFO_FILENAME, "w"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/hr_info.cpp:54:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/hr_info.cpp:56:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* f = fopen(HR_INFO_FILENAME, "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/hr_info.cpp:58:26: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FCGI_FILE* f = FCGI::fopen(HR_INFO_FILENAME, "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/make_work.cpp:70:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[BLOB_SIZE], temp[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/make_work.cpp:94:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char file_name[256], buf[BLOB_SIZE], new_file_name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/make_work.cpp:95:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char new_buf[BLOB_SIZE]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/make_work.cpp:130:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(wu.name, "wu_%d_%d", start_time, wu_seqno++); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/make_work.cpp:160:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/make_work.cpp:162:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "where workunitid=%lu", wu_id); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/make_work.cpp:180:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char keypath[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/make_work.cpp:181:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[BLOB_SIZE]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/make_work.cpp:194:23: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). retval = boinc_db.open(config.db_name, config.db_host, config.db_user, config.db_passwd); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/make_work.cpp:307:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). cushion = atoi(argv[i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/make_work.cpp:314:22: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). int dl = atoi(argv[i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/make_work.cpp:330:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). max_wus = atoi(argv[i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/message_handler.cpp:44:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char app_name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/message_handler.cpp:70:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/message_handler.cpp:74:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "where handled=0"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/message_handler.cpp:101:23: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). retval = boinc_db.open(config.db_name, config.db_host, config.db_user, config.db_passwd); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/message_handler.cpp:158:22: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). int dl = atoi(argv[i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/plan_class_spec.cpp:126:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* f = fopen(path, "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/plan_class_spec.cpp:128:26: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FCGI_FILE *f = FCGI::fopen(path, "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/plan_class_spec.cpp:241:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[8192], buf2[512]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/plan_class_spec.cpp:502:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tag[256], value[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/plan_class_spec.cpp:503:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[65536]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/plan_class_spec.cpp:531:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tag[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/plan_class_spec.cpp:532:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[65536]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/plan_class_spec.cpp:954:21: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/plan_class_spec.cpp:955:21: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, " --memory_size_mb %.0f", hu.mem_usage/MEGA); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/plan_class_spec.cpp:963:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/plan_class_spec.cpp:964:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, " --nthreads %d", (int)hu.avg_ncpus); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/plan_class_spec.cpp:1014:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/plan_class_spec.cpp:1252:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(sreq.host.p_features, "pni"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/plan_class_spec.h:29:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/plan_class_spec.h:30:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gpu_type[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/plan_class_spec.h:54:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char project_prefs_tag[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/plan_class_spec.h:81:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gpu_utilization_tag[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/put_file.cpp:57:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char file_name[256], url[1024], path[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/put_file.cpp:61:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char md5[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/put_file.cpp:73:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). host_id = atoi(argv[i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/put_file.cpp:103:23: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). retval = boinc_db.open( data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sample_assimilator.cpp:42:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sample_assimilator.cpp:44:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen(config.project_path(path), "a"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sample_assimilator.cpp:75:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sample_assimilator.cpp:103:23: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* f = fopen(copy_path, "w"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sample_bitwise_validator.cpp:80:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char md5_buf[MD5_LEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sample_work_generator.cpp:75:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[256], path[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sample_work_generator.cpp:88:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* f = fopen(path, "w"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sample_work_generator.cpp:198:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sample_work_generator.cpp:207:22: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). int dl = atoi(argv[i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sample_work_generator.cpp:237:23: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). retval = boinc_db.open( data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_assign.cpp:69:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_assign.cpp:72:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "where workunitid=%lu", wu.id); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_assign.cpp:107:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char suffix[256], path[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_assign.cpp:148:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(suffix, "%d_%d_%d", getpid(), (int)time(0), seqno++); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_assign.cpp:178:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_assign.cpp:194:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "where hostid=%lu and workunitid=%lu", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_assign.cpp:205:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "where workunitid=%lu and hostid=%lu", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_assign.cpp:216:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "where workunitid=%lu and hostid=%lu", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_assign.cpp:240:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char query[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_assign.cpp:244:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(query, "where target_type=%d and target_id=%lu and multi=0", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_assign.cpp:249:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(query, "where target_type=%d and target_id=%lu and multi=0", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_assign.cpp:254:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(query, "where target_type=%d and target_id=%lu and multi=0", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_assign.cpp:301:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf2[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_assign.cpp:302:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf2, "transition_time=%d", new_tt); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_check.cpp:66:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char message[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_check.cpp:91:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char message[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_check.cpp:115:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char message[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_check.cpp:392:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_check.cpp:398:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_check.cpp:422:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_config.cpp:71:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_config.cpp:93:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(httpd_user, "apache"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_config.cpp:112:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char hostname[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_config.cpp:114:45: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. if (!strcmp(hostname, db_host)) strcpy(db_host, "localhost"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_config.cpp:363:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[MAXPATHLEN], path_aux[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_config.cpp:374:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* f = fopen(path, "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_config.cpp:376:26: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FCGI_FILE *f = FCGI::fopen(path, "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_config.cpp:384:19: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* f_aux = fopen(path_aux, "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_config.cpp:386:30: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FCGI_FILE *f_aux = FCGI::fopen(path_aux, "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_config.cpp:403:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_config.cpp:420:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char path[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_config.cpp:434:13: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(project_dir, ".."); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_config.h:44:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char master_url[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_config.h:45:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char long_name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_config.h:46:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char db_name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_config.h:47:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char db_user[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_config.h:48:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char db_passwd[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_config.h:49:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char db_host[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_config.h:50:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char replica_db_name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_config.h:51:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char replica_db_user[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_config.h:52:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char replica_db_passwd[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_config.h:53:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char replica_db_host[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_config.h:55:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char project_dir[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_config.h:56:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key_dir[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_config.h:57:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char download_url[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_config.h:58:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char download_dir[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_config.h:59:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char upload_url[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_config.h:60:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char upload_dir[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_config.h:96:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char httpd_user[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_config.h:112:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char debug_req_reply_dir[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_config.h:158:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char replace_download_url_by_timezone[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_config.h:174:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sched_lockfile_dir[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_config.h:176:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char symstore[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_customize.cpp:166:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(hu.cmdline, "--nthreads %d", nthreads); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_customize.cpp:206:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char modelnum[64]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_customize.cpp:216:15: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). i=atoi(modelnum); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_customize.cpp:721:13: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). int ver=atoi(p); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_customize.cpp:904:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(hu.cmdline, "--nthreads %f", ncpus); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_customize.cpp:925:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_driver.cpp:56:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char os_name[512]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_driver.cpp:57:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char p_vendor[512]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_driver.cpp:58:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char p_model[512]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_driver.cpp:66:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256], buf2[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_driver.cpp:68:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* f = fopen("host_descs.txt", "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_driver.cpp:166:25: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). nrequests = atoi(argv[i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_files.cpp:41:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_files.cpp:43:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* f = fopen("../file_delete_regex", "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_files.cpp:45:26: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FCGI_FILE* f = FCGI::fopen("../file_delete_regex", "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_limit.h:77:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char app_name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_locality.cpp:84:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_locality.cpp:95:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_locality.cpp:100:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_locality.cpp:107:13: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(buf, "Review preferences for maximum disk space used."); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_locality.cpp:109:13: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(buf, "Review preferences for maximum disk percentage used."); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_locality.cpp:111:13: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(buf, "Review preferences for minimum disk free space allowed."); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_locality.cpp:183:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char wu_filename[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_locality.cpp:223:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filename[256], path[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_locality.cpp:291:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_locality.cpp:309:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char help_msg_buf[512]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_locality.cpp:328:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "where userid=%lu and workunitid=%lu", g_reply->user.id, wu.id); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_locality.cpp:567:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256], query[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_locality.cpp:595:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pattern[256], escaped_pattern[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_locality.cpp:806:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filename[256], min_resultname[256], query[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_locality.cpp:888:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char start_filename[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_locality.cpp:921:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filename[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_locality.cpp:1009:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024], filename[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_locality.cpp:1321:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_main.cpp:107:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmpfilename[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_main.cpp:118:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(tmpfilename, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_main.cpp:125:8: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp=fopen(tmpfilename, "w"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_main.cpp:127:14: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp=FCGI::fopen(tmpfilename,"w"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_main.cpp:144:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(tmpfilename, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_main.cpp:148:8: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp=fopen(tmpfilename, "w"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_main.cpp:150:14: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp=FCGI::fopen(tmpfilename,"w"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_main.cpp:199:23: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). retval = boinc_db.open( data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_main.cpp:249:16: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). length=atoi(cl); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_main.cpp:266:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char short_string[256], *short_message=short_string; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_main.cpp:268:26: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. short_message += sprintf(short_message,"Default resource limit for core dump size curr="); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_main.cpp:270:30: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. short_message += sprintf(short_message,"Inf max="); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_main.cpp:272:30: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. short_message += sprintf(short_message,"%d max=", (int)limit.rlim_cur); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_main.cpp:276:30: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. short_message += sprintf(short_message,"Inf\n"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_main.cpp:278:30: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. short_message += sprintf(short_message,"%d\n", (int)limit.rlim_max); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_main.cpp:299:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_main.cpp:365:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* f = fopen("req", "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_main.cpp:385:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char req_path[MAXPATHLEN], reply_path[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_main.cpp:386:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char log_path[MAXPATHLEN], path[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_main.cpp:439:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_main.cpp:447:30: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FCGI_FILE* f = FCGI::fopen(path, "a"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_main.cpp:451:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_main.cpp:571:16: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fout = fopen(log_path, "a"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_main.cpp:573:22: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fout = FCGI::fopen(log_path,"a"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_main.cpp:589:16: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fout = fopen(req_path, "w"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_main.cpp:591:22: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fout = FCGI::fopen(req_path,"w"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_main.cpp:610:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fin = fopen(req_path, "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_main.cpp:612:21: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fin = FCGI::fopen(req_path,"r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_main.cpp:621:16: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fout = fopen(reply_path, "w"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_main.cpp:623:22: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fout = FCGI::fopen(reply_path, "w"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_main.cpp:636:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fin = fopen(reply_path, "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_main.cpp:638:21: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fin = FCGI::fopen(reply_path, "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_nci.cpp:118:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_resend.cpp:108:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_resend.cpp:109:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char warning_msg[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_resend.cpp:117:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, " where hostid=%lu and server_state=%d ", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:515:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char temp[BLOB_SIZE]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:544:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[BLOB_SIZE]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:561:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf2[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:642:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:655:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:656:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "<report_deadline>%d</report_deadline>\n", result.report_deadline); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:674:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256], buf2[256], where_clause[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:681:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:687:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf2, ", app_version_id=%lu", bav.avp->id); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:689:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(where_clause, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:695:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf2, ", hr_class=%d", host_hr_class); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:698:13: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(where_clause, " and "); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:700:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf2, "(hr_class=0 or hr_class=%d)", host_hr_class); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:841:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256], buf2[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:980:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf1[64],buf2[64]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:1043:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:1044:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:1051:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "transition_time=%ld", time(0)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:1068:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:1069:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:1106:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:1169:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:1174:21: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(buf, " or "); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:1179:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:1215:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[512]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:1243:25: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char explanation[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:1303:17: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:1308:17: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:1348:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "This computer has finished a daily quota of %d tasks", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:1361:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "This computer has reached a limit on tasks in progress"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:1510:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_shmem.cpp:149:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_shmem.cpp:152:23: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* f = fopen(path, "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_shmem.cpp:154:34: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FCGI_FILE* f = FCGI::fopen(path, "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_shmem.cpp:163:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_shmem.cpp:194:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char query[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_shmem.cpp:195:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(query, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_timezone.cpp:40:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[124]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_timezone.cpp:58:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char longname[512]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_timezone.cpp:115:14: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *fp=fopen(download_servers, "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_timezone.cpp:117:25: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FCGI_FILE *fp=FCGI::fopen(download_servers, "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_timezone.cpp:225:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_types.cpp:176:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[8096]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_types.cpp:363:33: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_types.cpp:406:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[BLOB_SIZE]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_types.cpp:526:29: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(ir.name, "ip%d", i++); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_types.cpp:714:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_types.cpp:758:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[BLOB_SIZE]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_types.cpp:829:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char prio[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_types.cpp:834:17: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(prio, "high"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_types.cpp:902:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char external_cpid[MD5_LEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_types.cpp:1155:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_types.cpp:1181:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[APP_VERSION_XML_BLOB_SIZE]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_types.cpp:1252:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[BLOB_SIZE]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_types.cpp:1507:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf2[BLOB_SIZE]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_types.cpp:1542:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char userid[256], teamid[256], hostid[256], weak_auth[256], rss_auth[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_types.cpp:1547:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(userid, "%lu", user.id); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_types.cpp:1548:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(hostid, "%lu", host.id); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_types.cpp:1550:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(teamid, "%lu", team.id); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_types.cpp:1583:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf2[1024], out[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_types.cpp:1590:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf2[256], out[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_types.cpp:1598:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char clause[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_types.cpp:1600:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(clause, "where host_id=%lu", g_reply->host.id); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_types.h:78:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cmdline[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_types.h:79:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char custom_coproc_type[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_types.h:126:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_types.h:135:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char variety[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_types.h:144:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char app_name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_types.h:145:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char platform[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_types.h:147:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char plan_class[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_types.h:201:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char wu_name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_types.h:204:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char platform_name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_types.h:244:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_types.h:246:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char plan_class[64]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_types.h:261:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_types.h:270:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char authenticator[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_types.h:274:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cross_project_id[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_types.h:297:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char global_prefs_xml[BLOB_SIZE]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_types.h:298:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char working_global_prefs_xml[BLOB_SIZE]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_types.h:299:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char code_sign_key[4096]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_types.h:301:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char client_brand[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_types.h:307:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char global_prefs_source_email_hash[MD5_LEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_types.h:533:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char email_hash[MD5_LEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_types.h:546:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char code_sign_key[4096]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_types.h:547:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char code_sign_key_signature[4096]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_util.cpp:66:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char query[1024], buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_util.cpp:67:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(query, "where server_state<=%d", RESULT_SERVER_STATE_UNSENT); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_util.cpp:69:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, " and appid=%lu", appid); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_util.cpp:73:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, " and size_class=%d", size_class); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_util.cpp:89:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_util.cpp:94:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "where workunitid=%lu and server_state=%d", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_util.cpp:98:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf2[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_util.cpp:99:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf2, "server_state=%d, outcome=%d", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_util.cpp:108:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "transitioner_flags=%d", TRANSITION_NO_NEW_RESULTS); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_util_basic.cpp:52:18: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* fpid = fopen(filename, "w"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_util_basic.cpp:54:29: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FCGI_FILE* fpid = FCGI::fopen(filename,"w"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_util_basic.cpp:121:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dirpath[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_util_basic.cpp:124:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen(path, mode); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_util_basic.cpp:126:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = FCGI::fopen(path, mode); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_util_basic.cpp:148:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char host[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_util_basic.cpp:169:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(dir, "%x", x % fanout); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_util_basic.cpp:179:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dir[256], dirpath[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_util_basic.cpp:209:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dir[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_util_basic.cpp:261:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_util_basic.cpp:262:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(buf, "--"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_util_basic.cpp:300:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char currenttime[64]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_util_basic.cpp:301:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fsim = fopen(config.project_path("simulator/sim_time.txt"),"r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_util_basic.cpp:317:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char daemonfilelok[64]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_util_basic.cpp:318:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char daemonfile[64]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_util_basic.cpp:319:25: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. sprintf(daemonfile, strcat((char*)config.project_path("simulator/"),"sim_%s.txt"),daemonname); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_util_basic.cpp:320:28: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. sprintf(daemonfilelok, strcat((char*)config.project_path("simulator/"),"sim_%s.lok"),daemonname); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_util_basic.cpp:321:21: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *fsimlok = fopen(daemonfilelok, "w"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_util_basic.cpp:324:22: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *fsim = fopen(daemonfile, "w"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_version.cpp:167:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char message[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_version.cpp:455:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(buf, "none"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_version.cpp:461:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "[AV#%lu]", bav.avp->id); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_version.cpp:585:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/script_assimilator.cpp:93:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cmd[4096], buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/script_assimilator.cpp:109:17: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, " %lu", wu.id); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/script_assimilator.cpp:112:17: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, " %f", canonical_result.elapsed_time); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/script_validator.cpp:110:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/script_validator.cpp:121:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cmd[4096]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/script_validator.cpp:131:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, " %f", result.elapsed_time); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/script_validator.cpp:134:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, " %lu", result.id); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/script_validator.cpp:152:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/script_validator.cpp:167:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cmd[4096]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/script_validator.cpp:182:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, " %f", r1.elapsed_time); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/script_validator.cpp:185:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, " %lu", r1.id); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/script_validator.cpp:188:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, " %f", r2.elapsed_time); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/script_validator.cpp:191:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, " %lu", r2.id); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/single_job_assimilator.cpp:59:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024], filename[MAXPATHLEN], job_dir[MAXPATHLEN], job_dir_file[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/single_job_assimilator.cpp:69:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(filename, "sj_%lu", wu.id); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/single_job_assimilator.cpp:73:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* f = fopen(job_dir_file, "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/single_job_assimilator.cpp:104:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen(filename, "w"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/single_job_assimilator.cpp:120:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char copy_path[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/size_regulator.cpp:71:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/size_regulator.cpp:77:18: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). lo = atoi(argv[++i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/size_regulator.cpp:79:18: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). hi = atoi(argv[++i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/size_regulator.cpp:81:42: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). log_messages.set_debug_level(atoi(argv[++i])); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/size_regulator.cpp:83:42: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). log_messages.set_debug_level(atoi(argv[++i])); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/size_regulator.cpp:85:26: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). sleep_time = atoi(argv[++i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/size_regulator.cpp:114:23: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). retval = boinc_db.open( data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/target_batch.cpp:102:23: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). retval = boinc_db.open( data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/target_batch.cpp:112:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/target_batch.cpp:143:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/target_batch.cpp:193:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cmd_buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/time_stats_log.cpp:49:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filename[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/time_stats_log.cpp:68:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* f = fopen(filename, "w"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/time_stats_log.cpp:70:26: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FCGI_FILE *f = FCGI::fopen(filename, "w"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/transitioner.cpp:79:19: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if (p) return atoi(p+1); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/transitioner.cpp:89:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char query[512], clause[512]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/transitioner.cpp:126:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(query, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/transitioner.cpp:135:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(clause, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/transitioner.cpp:156:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char suffix[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/transitioner.cpp:450:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char value_buf[MAX_QUERY_LEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/transitioner.cpp:461:17: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(suffix, "%d", max_result_suffix+j+1); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/transitioner.cpp:738:23: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). retval = boinc_db.open(config.db_name, config.db_host, config.db_user, config.db_passwd); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/transitioner.cpp:784:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/transitioner.cpp:796:22: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). int dl = atoi(argv[i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/transitioner.cpp:805:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). mod_n = atoi(argv[++i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/transitioner.cpp:806:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). mod_i = atoi(argv[++i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/transitioner.cpp:814:30: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). sleep_interval = atoi(argv[i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/transitioner.cpp:822:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). wu_id = atoi(argv[++i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/trickle_deadline.cpp:73:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char task_name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/trickle_deadline.cpp:74:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/trickle_handler.cpp:49:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char variety[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/trickle_handler.cpp:66:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/trickle_handler.cpp:154:22: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). int dl = atoi(argv[i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/trickle_handler.cpp:176:23: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). retval = boinc_db.open( data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/update_stats.cpp:61:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/update_stats.cpp:65:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "where expavg_credit>0.1 and expavg_time < %f", max_update_time); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/update_stats.cpp:77:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf( buf, "expavg_credit=%f, expavg_time=%f", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/update_stats.cpp:93:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/update_stats.cpp:97:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "where expavg_credit>0.1 and expavg_time < %f", max_update_time); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/update_stats.cpp:109:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf( data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/update_stats.cpp:127:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/update_stats.cpp:131:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "where teamid=%lu", team.id); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/update_stats.cpp:153:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/update_stats.cpp:181:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf( data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/update_stats.cpp:240:22: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). int dl = atoi(argv[i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/update_stats.cpp:273:23: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). retval = boinc_db.open(config.db_name, config.db_host, config.db_user, config.db_passwd); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/validate_util.cpp:66:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/validate_util.cpp:95:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/validate_util.cpp:164:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char file_name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/validate_util.cpp:165:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char open_name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/validate_util.cpp:184:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024], phys_name[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/validator.cpp:95:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char app_name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/validator.cpp:189:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/validator.cpp:197:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "where host_id=%ld and app_version_id=%ld", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/validator.cpp:812:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/validator.cpp:832:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char nameforsim[64]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/validator.cpp:833:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(nameforsim, "validator%i", app.id); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/validator.cpp:902:29: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). one_pass_N_WU = atoi(argv[++i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/validator.cpp:905:30: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). sleep_interval = atoi(argv[++i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/validator.cpp:913:27: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). debug_level = atoi(argv[++i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/validator.cpp:917:29: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). wu_id_modulus = atoi(argv[++i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/validator.cpp:918:31: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). wu_id_remainder = atoi(argv[++i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/validator.cpp:920:25: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). wu_id_min = atoi(argv[++i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/validator.cpp:922:25: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). wu_id_max = atoi(argv[++i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/validator.cpp:936:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). wu_id = atoi(argv[++i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/validator.cpp:962:23: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). retval = boinc_db.open( data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/wu_check.cpp:51:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/wu_check.cpp:62:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/wu_check.cpp:63:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/wu_check.cpp:77:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen(path, "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/wu_check.cpp:88:17: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf( data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/wu_check.cpp:122:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char clause[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/wu_check.cpp:145:23: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). retval = boinc_db.open( data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/wu_check.cpp:155:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(clause, "where server_state=%d", RESULT_SERVER_STATE_UNSENT); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/wu_check.cpp:164:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(clause, "where server_state=%d", RESULT_SERVER_STATE_IN_PROGRESS); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tests/unit-tests/lib/test_str_util.cpp:55:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[128]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tests/unit-tests/lib/test_str_util.cpp:82:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[128]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tests/unit-tests/lib/test_str_util.cpp:97:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tests/unit-tests/lib/test_str_util.cpp:121:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tests/unit-tests/lib/test_str_util.cpp:125:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "one two three"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tests/unit-tests/lib/test_str_util.cpp:133:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "four \'five\' \"six\""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tests/unit-tests/lib/test_str_util.cpp:141:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "seven \'eig ht\' \"ni ne\""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tests/unit-tests/lib/test_str_util.cpp:149:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "tän \'elèv én\' \"tŵelv e\""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tests/unit-tests/lib/test_str_util.cpp:158:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "13\" \'\"4teen\'\" "); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tests/unit-tests/lib/test_str_util.cpp:175:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[128] = " char space "; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tests/unit-tests/lib/test_str_util.cpp:190:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[128] = "\"\' char\' \"space\'\" "; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tests/unit-tests/lib/test_str_util.cpp:205:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[128] = " char spaces "; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tests/unit-tests/lib/test_str_util.cpp:212:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[128] = "a\\\\b\\$c\\\'d\\\"e\\`f\\\?g\\\th\\\bi\\12j"; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tests/unit-tests/lib/test_str_util.cpp:258:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[128]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tests/unit-tests/lib/test_str_util.cpp:272:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tests/unit-tests/lib/test_str_util.cpp:287:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256] = "_(\"The quick brown fox jumps over the lazy dog\")"; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tests/unit-tests/lib/test_str_util.cpp:290:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "The _(\"quick brown\") fox jumps over the _(\"lazy\") dog"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tests/unit-tests/lib/test_str_util.cpp:293:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "The _\"quick brown\" ) fox jumps over the (_\"lazy\") dog"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tests/unit-tests/lib/test_str_util.cpp:301:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(buf, "no\nlf ending"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tests/unit-tests/lib/test_str_util.cpp:304:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(buf, "lf\n ending\n"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tests/unit-tests/lib/test_str_util.cpp:310:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256] = "[BOINC|1.2.3]", buf1[256], buf2[256], buf3[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tests/unit-tests/lib/test_str_util.cpp:317:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(buf, "[BOINC|1.2.3][vbox|4.5.6abc]"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tests/unit-tests/lib/test_str_util.cpp:322:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(buf, "[BOINC|1.2.3][INTEL|Intel(R) HD Graphics|1|2406MB||201]"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tests/unit-tests/lib/test_str_util.cpp:327:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(buf, "[vbox|4.5.6abc][INTEL|Intel(R) HD Graphics|1|2406MB||201][BOINC|1.2.3]"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tests/unit-tests/lib/test_str_util.cpp:332:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(buf, "[BOINC|1.2.3][INTEL|Intel(R) HD Graphics|1|2406MB||201][vbox|4.5.6abc]"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tests/unit-tests/lib/test_str_util.cpp:337:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(buf, "[BOINC|1.2.3][vbox|4.5.6abc][INTEL|Intel(R) HD Graphics|1|2406MB||201]"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tests/unit-tests/lib/test_str_util.cpp:342:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(buf, "[BOINC|7.6.22][CAL|ATI Radeon HD 5800/5900 series (Cypress/Hemlock)|2|1024MB|1.4.1848|102][vbox|5.1.26]"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tests/unit-tests/lib/test_str_util.cpp:347:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(buf, "[BOINC|7.6.22[CAL|ATI Radeon HD 5800/5900 series (Cypress/Hemlock)|2|1024MB|1.4.1848|102][vbox|5.1.26]"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tests/unit-tests/lib/test_str_util.cpp:352:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(buf, "[BOINC|7.6.22][CAL|ATI Radeon HD 5800/5900 series [Cypress/Hemlock]|2|1024MB|1.4.1848|102][vbox|5.1.26]"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tests/unit-tests/lib/test_str_util.cpp:357:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(buf, "[BOINC|7.6.22][CAL|ATI Radeon HD 5800/5900 series (Cypress/Hemlock)|2|1024MB|1.4.1848|102][extra|7.8.9][vbox|5.1.26]"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tests/unit-tests/lib/test_url.cpp:127:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tests/unit-tests/lib/test_url.cpp:128:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char url[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tests/unit-tests/lib/test_url.cpp:173:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char url[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tests/unit-tests/lib/test_url.cpp:197:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tests/unit-tests/lib/test_url.cpp:198:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char url[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/backend_lib.cpp:74:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* f = fopen(path, "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/backend_lib.cpp:76:24: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FCGI_FILE *f=FCGI::fopen(path, "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/backend_lib.cpp:161:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char base_outfile_name[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/backend_lib.cpp:162:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char result_template[BLOB_SIZE]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/backend_lib.cpp:216:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/backend_lib.cpp:284:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char wu_template[BLOB_SIZE]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/backend_lib.cpp:404:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[8192]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/backend_lib.cpp:463:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(mth.variety, "file_xfer"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/backend_lib.cpp:484:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[8192]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/backend_lib.cpp:540:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(mth.variety, "file_xfer"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/backend_lib.cpp:564:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(mth.variety, "delete_file"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/backend_lib.cpp:578:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char set_clause[256], where_clause[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/backend_lib.cpp:581:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(set_clause, "server_state=%d, outcome=%d", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/backend_lib.cpp:584:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(where_clause, "server_state<=%d and workunitid >=%d and workunitid<= %d", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/backend_lib.cpp:590:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(set_clause, "error_mask=error_mask|%d, transition_time=%d", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/backend_lib.cpp:593:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(where_clause, "id>=%d and id<=%d", min_id, max_id); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/backend_lib.cpp:603:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char set_clause[256], where_clause[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/backend_lib.cpp:608:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(set_clause, "server_state=%d, outcome=%d", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/backend_lib.cpp:611:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(where_clause, "server_state<=%d and workunitid=%lu", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/backend_lib.cpp:619:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(set_clause, "error_mask=error_mask|%d, transition_time=%d", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/backend_lib.cpp:648:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/backend_lib.cpp:652:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "where expavg_time > %f", dtime() - 30*86400); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/backend_lib.h:50:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char md5[64]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/backend_lib.h:51:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char url[1024]; // make this a vector to support multiple URLs data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/backend_lib.h:55:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[1024]; // physical name data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/cancel_jobs.cpp:40:23: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). retval = boinc_db.open( data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/cancel_jobs.cpp:49:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/cancel_jobs.cpp:58:22: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). int min_id = atoi(argv[1]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/cancel_jobs.cpp:59:22: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). int max_id = atoi(argv[2]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/create_work.cpp:101:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/create_work.cpp:124:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char wu_template[BLOB_SIZE]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/create_work.cpp:125:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char wu_template_file[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/create_work.cpp:126:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char result_template_file[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/create_work.cpp:127:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char result_template_path[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/create_work.cpp:188:25: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). assign_id = atoi(argv[++i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/create_work.cpp:193:25: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). assign_id = atoi(argv[++i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/create_work.cpp:196:27: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). wu.priority = atoi(argv[++i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/create_work.cpp:239:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char download_dir[256], db_name[256], db_passwd[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/create_work.cpp:240:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char db_user[256],db_host[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/create_work.cpp:241:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[4096]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/create_work.cpp:255:22: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). int dl = atoi(argv[++i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/create_work.cpp:268:27: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). jd.wu.batch = atoi(argv[++i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/create_work.cpp:270:30: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). jd.wu.priority = atoi(argv[++i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/create_work.cpp:280:32: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). jd.wu.size_class = atoi(argv[++i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/create_work.cpp:282:37: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). jd.wu.app_version_num = atoi(argv[++i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/create_work.cpp:286:33: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). jd.wu.delay_bound = atoi(argv[++i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/create_work.cpp:288:30: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). jd.wu.hr_class = atoi(argv[++i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/create_work.cpp:290:32: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). jd.wu.min_quorum = atoi(argv[++i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/create_work.cpp:292:37: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). jd.wu.target_nresults = atoi(argv[++i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/create_work.cpp:294:39: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). jd.wu.max_error_results = atoi(argv[++i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/create_work.cpp:296:39: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). jd.wu.max_total_results = atoi(argv[++i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/create_work.cpp:298:41: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). jd.wu.max_success_results = atoi(argv[++i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/create_work.cpp:300:28: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). jd.wu.opaque = atoi(argv[++i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/create_work.cpp:304:24: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). jd.wu.id = atoi(argv[++i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/create_work.cpp:313:28: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). jd.assign_id = atoi(argv[++i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/create_work.cpp:319:28: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). jd.assign_id = atoi(argv[++i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/create_work.cpp:324:28: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). jd.assign_id = atoi(argv[++i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/create_work.cpp:329:28: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). jd.assign_id = atoi(argv[++i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/create_work.cpp:334:28: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). jd.assign_id = atoi(argv[++i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/create_work.cpp:392:23: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). retval = boinc_db.open(db_name, db_host, db_user, db_passwd); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/create_work.cpp:425:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(jd.result_template_path, "./"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/dir_hier_move.cpp:42:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dst_path[MAXPATHLEN], src_path[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/dir_hier_move.cpp:51:14: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). fanout = atoi(argv[3]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/dir_hier_path.cpp:42:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/hr_db_convert.cpp:36:17: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ( boinc_db.open("predictor", "boinc", NULL, NULL) ) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/hr_db_convert.cpp:42:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/hr_db_convert.cpp:48:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "where workunitid=%d", workunit.id); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/hr_db_convert.cpp:51:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "where id=%d", result.hostid); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/kill_wu.cpp:50:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/kill_wu.cpp:74:23: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). retval = boinc_db.open(config.db_name, config.db_host,config.db_user, config.db_passwd); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/kill_wu.cpp:87:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf,"update workunit set error_mask=error_mask|16 where id='%d'",wu.id); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/kill_wu.cpp:93:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf,"update result set server_state=5,outcome=5 where server_state=2 and workunitid='%d'",wu.id); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/poll_wu.cpp:62:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/poll_wu.cpp:88:23: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). retval = boinc_db.open(config.db_name, config.db_host,config.db_user, config.db_passwd); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/poll_wu.cpp:110:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf,"select * from result where workunitid='%d'",wu.id); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/process_input_template.cpp:53:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char md5name[512]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/process_input_template.cpp:74:14: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *fp=fopen(md5name, "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/process_input_template.cpp:76:25: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FCGI_FILE *fp=FCGI::fopen(md5name, "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/process_input_template.cpp:112:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char md5name[512]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/process_input_template.cpp:125:14: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *fp=fopen(md5name, "w"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/process_input_template.cpp:127:25: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FCGI_FILE *fp=FCGI::fopen(md5name, "w"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/process_input_template.cpp:177:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char physical_name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/process_input_template.cpp:178:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[BLOB_SIZE], path[MAXPATHLEN], top_download_path[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/process_input_template.cpp:179:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gzip_path[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/process_input_template.cpp:180:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char md5[33], url[256], gzipped_url[256], buf2[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/process_input_template.cpp:287:21: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf2, " <gzipped_nbytes>%.0f</gzipped_nbytes>\n", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/process_input_template.cpp:412:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256], open_name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/process_input_template.cpp:606:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(id.name, "input"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/process_input_template.cpp:611:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(id.name, "input"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/process_input_template.cpp:613:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(id.url, "http://blah.foo"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/process_input_template.cpp:614:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(id.md5, "sfslkjsdlfkj"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/process_result_template.cpp:42:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char signature_hex[BLOB_SIZE]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/process_result_template.cpp:43:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char signature_xml[BLOB_SIZE]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/process_result_template.cpp:44:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char signed_xml[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/process_result_template.cpp:58:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf, q1, len); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/process_result_template.cpp:60:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/process_result_template.cpp:123:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char temp[BLOB_SIZE], buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/remote_submit_test.cpp:26:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char authenticator[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/remote_submit_test.cpp:63:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* f = fopen("test_auth", "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/sign_executable.cpp:27:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char signature_buf[SIGNATURE_SIZE_BINARY]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/sign_executable.cpp:49:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char signature_text[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/updater.cpp:65:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char prev_dir[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/updater.cpp:81:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char old_path[MAXPATHLEN], new_path[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/updater.cpp:107:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filepath[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/updater.cpp:116:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cur_dir[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/sched_vda.cpp:53:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/sched_vda.cpp:86:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char chunk_dirs[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/sched_vda.cpp:97:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char chunk_dirs[256], buf[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/sched_vda.cpp:113:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char md5_path[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/sched_vda.cpp:116:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* f = fopen(md5_path, "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/sched_vda.cpp:118:26: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FCGI_FILE* f = FCGI::fopen(md5_path, "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/sched_vda.cpp:138:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[MAXPATHLEN], buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/sched_vda.cpp:139:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char chunk_name[1024], file_name[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/sched_vda.cpp:171:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char client_md5[64], server_md5[64]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/sched_vda.cpp:172:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char chunk_dir[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/sched_vda.cpp:199:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dst_path[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/sched_vda.cpp:244:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fname[256], chunk_name[256], buf[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/sched_vda.cpp:340:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/sched_vda.cpp:406:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char xml_buf[8192], chunk_name[256], file_name[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/sched_vda.cpp:408:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char url[1024], buf[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/sched_vda.cpp:462:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char md5[64], chunk_dir[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/sched_vda.cpp:529:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/sched_vda.cpp:530:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "where host_id=%lu", g_reply->host.id); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/ssim.cpp:293:19: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* f = fopen("summary.txt", "w"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/ssim.cpp:647:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* f = fopen("mft.dat", "w"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/stats.cpp:28:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen(filename, "w"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/stats.cpp:49:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/stats.h:38:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda.cpp:106:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dir[MAXPATHLEN], filename[256], buf[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda.cpp:153:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda.cpp:161:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "vda_file_id=%lu", vf.id); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda.cpp:181:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda.cpp:191:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda.cpp:226:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda.cpp:239:23: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). retval = boinc_db.open( data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda_lib.cpp:50:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda_lib.cpp:57:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "%4d days %02d:%02d:%02d", (int)t, nhour, nmin, nsec); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda_lib.cpp:80:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(name, "%.64s.%d", parent->name, index); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda_lib.cpp:82:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(name, "%d", index); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda_lib.cpp:504:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda_lib.h:47:13: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). int n = atoi(p + strlen("BOINC|")); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda_lib.h:79:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char enum_query[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda_lib.h:115:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda_lib.h:116:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dir[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda_lib2.cpp:75:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda_lib2.cpp:83:17: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). int i = atoi(p); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda_lib2.cpp:95:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[2048], buf[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda_lib2.cpp:118:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(name, "%.64s.%d", parent->name, index); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda_lib2.cpp:120:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(name, "%d", index); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda_lib2.cpp:132:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char child_dir[2048]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda_lib2.cpp:156:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char file_path[2048], md5_file_path[2048]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda_lib2.cpp:159:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char md5[64]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda_lib2.cpp:161:23: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* f = fopen(md5_file_path, "w"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda_lib2.cpp:177:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char child_dir[2048]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda_lib2.cpp:205:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cmd[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda_lib2.cpp:231:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char enc_filename[1024], target_path[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda_lib2.cpp:232:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dir_name[1024], link_name[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda_lib2.cpp:258:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cmd[1024], enc_filename[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda_lib2.cpp:306:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char linkpath[1024], filepath[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda_lib2.cpp:368:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(name, "%.64s.%d", parent->name, index); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda_lib2.cpp:370:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(name, "%d", index); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda_lib2.cpp:372:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(dir, "%.256s/%d", mc->dir, index); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda_lib2.cpp:373:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[2048]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda_lib2.cpp:417:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char set_clause[256], where_clause[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda_lib2.cpp:423:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(set_clause, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda_lib2.cpp:478:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[MAXPATHLEN], buf2[MAXPATHLEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda_lib2.cpp:491:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* f = fopen(buf, "w"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda_lib2.cpp:515:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[2048]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda_lib2.cpp:518:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* f = fopen(buf, "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda_lib2.cpp:535:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "where vda_file_id=%lu", id); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda_lib2.cpp:583:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda_lib2.cpp:591:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(enum_query, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda_lib2.cpp:657:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "where vda_file_id=%lu and host_id=%lu", id, enum_host.id); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda_policy.cpp:25:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda_policy.cpp:29:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* f = fopen(filename, "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda_policy.cpp:57:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "(%d %d %d) ", c.n, c.k, c.n_upload); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda_policy.cpp:62:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "X%d", replication); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda_policy.h:45:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char description[256]; // derived from the above data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vdad.cpp:51:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vdad.cpp:77:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "initialized=1, chunk_size=%.0f", vf.policy.chunk_size()); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vdad.cpp:195:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vdad.cpp:200:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "where host_id=%lu", h.id); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vdad.cpp:231:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vdad.cpp:235:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vdad.cpp:266:22: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). int dl = atoi(argv[++i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vdad.cpp:284:23: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). retval = boinc_db.open( data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vdad.cpp:295:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(vf.dir, "/mydisks/b/users/boincadm/vda_test"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vdad.cpp:296:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(vf.name, "file.ext"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/boinc_zip.cpp:131:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(av[0], "zip"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/boinc_zip.cpp:134:13: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(av[1], "-j9q"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/boinc_zip.cpp:144:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(av[0], "unzip"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/boinc_zip.cpp:147:13: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(av[1], "-oq"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/boinc_zip.cpp:210:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char strPart[3][32]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/testzlibconflict.cpp:37:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char in[CHUNK]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/testzlibconflict.cpp:38:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char out[CHUNK]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/testzlibconflict.cpp:93:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char in[CHUNK]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/testzlibconflict.cpp:94:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char out[CHUNK]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/testzlibconflict.cpp:206:24: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *sf = fopen(source_file.c_str(), "rb"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/testzlibconflict.cpp:207:25: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *rzf = fopen(result_zipfile.c_str(), "wb"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/testzlibconflict.cpp:212:19: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). rzf = fopen(result_zipfile.c_str(), "rb"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/testzlibconflict.cpp:213:24: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *rf = fopen(result_file.c_str(), "wb"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/api.c:389:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *incname[2]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/api.c:492:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(G.redirect_pointer, rawbuf, size); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/crypt.c:599:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(hh, h, RAND_HEAD_LEN); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/explode.c:339:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(redirSlide + w, redirSlide + d, e); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/explode.c:457:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(redirSlide + w, redirSlide + d, e); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/extract.c:144:18: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static ZCONST char Far *ComprNames[NUM_METHODS] = { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/extract.c:1532:25: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(G.answerbuf, "{ENTER}"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/extract.c:2137:46: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. Info(slide, 1, ((char *)slide, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/extract.c:2285:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *)tgt, (char *)G.inptr, (extent)G.incnt); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/extract.c:2359:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *)G.outbufptr, (char *)rawbuf, (extent)size); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/extract.c:2411:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *)ucdata, (ZCONST char *)init, needlen); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/extract.c:2416:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ucdata, ebdata+EB_IZVMS_HLEN, usiz); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/extract.c:2645:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy((char *)se, "..."); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/fileio.c:228:15: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). G.zipfd = open(G.zipfn, O_RDONLY, 0, OPNZIP_RMS_ARGS); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/fileio.c:231:15: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). G.zipfd = open(G.zipfn, 0); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/fileio.c:237:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). G.zipfd = fopen(G.zipfn, FOPR); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/fileio.c:239:15: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). G.zipfd = open(G.zipfn, O_RDONLY | O_BINARY); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/fileio.c:285:21: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *tmp = fopen(G.filename, "wb+"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/fileio.c:354:21: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(numtail,"%u", ++i); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/fileio.c:410:22: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((G.outfile = fopen(tfilnam, FOPW)) == (FILE *)NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/fileio.c:598:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf, G.inptr, count); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/fileio.c:1730:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char temp[20]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/fileio.c:1767:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (temp, "%02d/%02d/%02d %02d:%02d:%02d", mo+1, dy+1, yr, hh, mm, ss); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/fileio.c:2010:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp_fnote[2 * AMIGA_FILENOTELEN]; /* extra room for squozen chars */ data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/fileio.c:2500:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fmt[16]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/fileio.c:2643:8: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. zvoid *memcpy(dst, src, len) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/globals.c:30:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char central_hdr_sig[4] = {0, 0, 0x01, 0x02}; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/globals.c:31:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char local_hdr_sig[4] = {0, 0, 0x03, 0x04}; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/globals.c:32:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char end_central_sig[4] = {0, 0, 0x05, 0x06}; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/globals.c:33:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char end_central64_sig[4] = {0, 0, 0x06, 0x06}; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/globals.c:34:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char end_centloc64_sig[4] = {0, 0, 0x06, 0x07}; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/globals.c:37:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ZCONST char *fnames[2] = {"*", NULL}; /* default filenames vector */ data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/globals.h:219:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sig[4]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/globals.h:220:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char answerbuf[10]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/globals.h:294:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filename[FILNAMSIZ]; /* also used by NT for temporary SFX path */ data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/globals.h:351:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fzofft_buf[FZOFFT_NUM][FZOFFT_LEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/globals.h:355:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char rgchBigBuffer[512]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/globals.h:356:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char rgchSmallBuffer[96]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/globals.h:357:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char rgchSmallBuffer2[160]; /* boosted to 160 for local3[] in unzip.c */ data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/globals.h:379:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char autorun_command[FILNAMSIZ]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/globals.h:401:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. extern char local_hdr_sig[4]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/globals.h:402:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. extern char central_hdr_sig[4]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/globals.h:403:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. extern char end_central_sig[4]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/globals.h:404:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. extern char end_central32_sig[4]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/globals.h:405:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. extern char end_central64_sig[4]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/globals.h:406:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. extern char end_centloc64_sig[4]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/inflate.c:1021:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(redirSlide + (unsigned)w, redirSlide + d, e); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/list.c:100:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sgn, cfactorstr[10]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/list.c:119:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char methbuf[8]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/list.c:121:19: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static ZCONST char Far method[NUM_METHODS+1][8] = data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/list.c:152:30: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. Info(slide, 0, ((char *)slide, LoadFarString(CaseConversion), data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/list.c:342:17: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(&methbuf[4], "%03u", G.crec.compression_method); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/match.c:422:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pat[256], str[256]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/process.c:1048:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char waste[4]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/process.c:1156:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *)G.hold, (char *)G.inbuf, 3); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/process.c:1188:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *)G.hold, (char *)G.inbuf, 3); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/process.c:2234:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char mb[6]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/process.c:2350:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char d[3]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/process.c:2351:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char e[11]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/process.c:2371:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(d, "%02x", b[i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/process.c:2443:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[9]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/ttyio.c:269:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char kbbuf[16]; /* input buffer with - some - excess length */ data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/ttyio.c:416:44: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if (envptr == (char *)NULL || (n = atoi(envptr)) < 5) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/ttyio.c:426:44: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if (envptr == (char *)NULL || (n = atoi(envptr)) < 5) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/ttyio.c:623:14: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((f = open(_PATH_TTY, 0)) == -1) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/ttyio.c:673:14: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((f = fopen(ctermid(NULL), "r")) == NULL) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unix/unix.c:85:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fnbuf[1]; /* buffer stub for directory name */ data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unix/unix.c:130:23: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). #define opendir(path) fopen(path,"r") data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unix/unix.c:147:32: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((dirp->dirhandle = fopen(dirspec, "r")) == NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unix/unix.c:512:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pathcomp[FILNAMSIZ]; /* path-component buffer */ data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unix/unix.c:688:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(pathcomp, "__"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unix/unix.c:706:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(pathcomp+strlen(pathcomp), ",%03x", (int)(ft>>8) & 0xFFF); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unix/unix.c:1026:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char command[FILNAMSIZ+40]; /* buffer for system() call */ data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unix/unix.c:1159:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(slnk_entry->buf, &(G.pInfo->file_attr), data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unix/unix.c:1162:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(slnk_entry->buf + 4, z_uidgid, sizeof(z_uidgid)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unix/unix.c:1220:38: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. Info(slide, 0x201, ((char *)slide, CannotSetItemUidGid, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unix/unix.c:1224:38: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. Info(slide, 0x201, ((char *)slide, CannotSetUidGid, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unix/unix.c:1294:34: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. Info(slide, 0x201, ((char *)slide, CannotSetItemUidGid, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unix/unix.c:1423:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cc_namebuf[40]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unix/unix.c:1424:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cc_versbuf[40]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unix/unix.c:1427:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cc_versbuf[17]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unix/unix.c:1430:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cc_versbuf[25]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unix/unix.c:1433:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cc_versbuf[17]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unix/unix.c:1437:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cc_versbuf[40]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unix/unix.c:1445:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char os_namebuf[40]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unix/unix.c:1448:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char os_namebuf[40]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unix/unix.c:1457:8: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. (sprintf(cc_namebuf, "NeXT DevKit %d.%02d ", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unix/unix.c:1467:18: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. "Sun C ", (sprintf(cc_versbuf, "version %x", __SUNPRO_C), cc_versbuf), data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unix/unix.c:1472:8: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. (sprintf(cc_versbuf, "version A.%02d.%02d", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unix/unix.c:1474:8: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. (sprintf(cc_versbuf, "version A.%02d.%02d.%02d", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unix/unix.c:1480:8: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. (sprintf(cc_versbuf, "%c%d.%d-%03d", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unix/unix.c:1488:15: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. "cc ", (sprintf(cc_versbuf, "version %d", _RELEASE), cc_versbuf), data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unix/unix.c:1492:8: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. (sprintf(cc_versbuf, "version %d.%d.%d", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unix/unix.c:1555:8: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. (sprintf(os_namebuf, " (Cray UNICOS release %d)", _UNICOS), os_namebuf), data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unix/unix.c:1588:8: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. (sprintf(os_namebuf, " (NetBSD 0.8%c)", (char)(NetBSD0_8 - 1 + 'A')), data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unix/unix.c:1592:8: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. (sprintf(os_namebuf, " (NetBSD 0.9%c)", (char)(NetBSD0_9 - 1 + 'A')), data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unix/unix.c:1596:8: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. (sprintf(os_namebuf, " (NetBSD 1.0%c)", (char)(NetBSD1_0 - 1 + 'A')), data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unix/unix.c:1733:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char d_name[36] __attribute__ ((packed));/* name area */ data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unix/unix.c:1745:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char eb_header[4] __attribute__ ((packed)); /* place_holder */ data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unix/unix.c:1746:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char longid[8] __attribute__ ((packed)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unix/unix.c:1751:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char eb_header[4]; /* place_holder */ data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unix/unix.c:1752:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char longid[4]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unix/unxcfg.h:220:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *dirname, matchname[FILNAMSIZ];\ data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unzip.h:590:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char betalevel[10]; /* e.g. "g BETA" or "" */ data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unzip.h:591:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char date[20]; /* e.g. "9 Oct 08" (beta) or "9 October 2008" */ data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unzip.h:592:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char zlib_version[10]; /* e.g. "1.2.3" or NULL */ data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unzpriv.h:537:15: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). extern int open(), close(), read(); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unzpriv.h:1288:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memcpy(dest,src,len) bcopy(src,dest,len) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unzpriv.h:1288:34: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memcpy(dest,src,len) bcopy(src,dest,len) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unzpriv.h:1366:19: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). # define zfopen fopen data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unzpriv.h:1422:21: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). # define zfopen fopen data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unzpriv.h:1445:21: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). # define zfopen fopen data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unzpriv.h:1469:21: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). # define zfopen fopen data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unzpriv.h:1498:17: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). # define zfopen fopen data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unzpriv.h:1997:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1]; /* start of system-specific internal data */ data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unzpriv.h:2008:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1]; /* data/name/link buffer */ data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unzpriv.h:2347:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. zvoid *memcpy OF((register zvoid *, register ZCONST zvoid *, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unzpriv.h:3025:18: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. extern ZCONST char *fnames[2]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/win32/nt.c:261:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char TempRootPath[MAX_PATH + 1]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/win32/nt.c:403:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(VolumeCaps, &g_VolumeCaps, sizeof(VOLUMECAPS)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/win32/nt.h:26:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char RootPath[MAX_PATH+1]; /* path to network / filesystem */ data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/win32/w32cfg.h:302:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char lastRootPath[4];\ data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/win32/w32cfg.h:306:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *dirname, matchname[FILNAMSIZ];\ data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/win32/win32.c:95:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char reserved [21]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/win32/win32.c:100:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char d_name[MAX_PATH]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/win32/win32.c:123:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1]; /* buffer stub for directory SD and name */ data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/win32/win32.c:243:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(p+len, "/*"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/win32/win32.c:1208:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(d_entry->buf, ebSDptr, ebSDlen); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/win32/win32.c:1381:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char rootPathName[4]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/win32/win32.c:1412:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp1[MAX_PATH], tmp2[MAX_PATH]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/win32/win32.c:1663:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pathcomp[FILNAMSIZ]; /* path-component buffer */ data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/win32/win32.c:1787:21: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(pp, cp, CLEN(cp)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/win32/win32.c:1885:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(pathcomp+strlen(pathcomp), ",%03x", (int)(ft>>8) & 0xFFF); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/win32/win32.c:1901:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char drive[4]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/win32/win32.c:1912:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(drive + 1, ":\\"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/win32/win32.c:2356:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmpN[MAX_PATH], *tmpP; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/win32/win32.c:2497:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char df[2]; /* LOCALE_IDATE has a maximum value of 2 */ data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/win32/win32.c:2520:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char df[2]; /* use only if it is one character */ data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/win32/win32.c:2541:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[80]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/win32/win32.c:2543:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf2[80]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/win32/win32.c:2550:8: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. (sprintf(buf, "Microsoft C %d.%02d ", _MSC_VER/100, _MSC_VER%100), buf), data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/win32/win32.c:2558:8: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. (sprintf(buf2, "(Visual C++ %d.%d)", _MSC_VER/100 - 6, _MSC_VER%100/10), data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/win32/win32.c:2565:8: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. (sprintf(buf, "Watcom C/C++ %d.%02d", __WATCOMC__ / 100, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/win32/win32.c:2568:8: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. (sprintf(buf, "Watcom C/C++ %d.%d", __WATCOMC__ / 100, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/win32/win32.c:2607:8: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. (sprintf(buf, "rsxnt(djgpp v%d.%02d) / gcc ", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/win32/win32.c:2610:8: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. (sprintf(buf, "rsxnt(emx+djgpp v%d.%02d) / gcc ", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/win32/win32.c:2913:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buf[2]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/win32/win32.c:2959:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[9]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/win32/win32.c:3042:13: [2] (buffer) MultiByteToWideChar: Requires maximum length in CHARACTERS, not bytes (CWE-120). ulenw = MultiByteToWideChar( data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/win32/win32.c:3060:12: [2] (buffer) MultiByteToWideChar: Requires maximum length in CHARACTERS, not bytes (CWE-120). ulen = MultiByteToWideChar( data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/win32/win32.c:3087:13: [2] (buffer) MultiByteToWideChar: Requires maximum length in CHARACTERS, not bytes (CWE-120). ulenw = MultiByteToWideChar( data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/win32/win32.c:3105:12: [2] (buffer) MultiByteToWideChar: Requires maximum length in CHARACTERS, not bytes (CWE-120). ulen = MultiByteToWideChar( data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/win32/win32i64.c:116:11: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fTemp = fopen(filename, mode); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/zipinfo.c:355:15: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static ZCONST char Far *izVMScomp[4] = data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/zipinfo.c:400:15: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static ZCONST char Far *TandemFileformat[6] = data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/zipinfo.c:998:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char workspace[12], attribs[22]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/zipinfo.c:1000:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char unkn[16]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/zipinfo.c:1001:19: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static ZCONST char Far *os[NUM_HOSTS] = { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/zipinfo.c:1008:19: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static ZCONST char Far *method[NUM_METHODS] = { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/zipinfo.c:1013:19: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static ZCONST char Far *dtypelng[4] = { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/zipinfo.c:1100:26: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. Info(slide, 0, ((char *)slide, LoadFarString(CompressSubtype), data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/zipinfo.c:1528:25: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *p, q[8]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/zipinfo.c:1566:42: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. Info(slide, 0, ((char *)slide, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/zipinfo.c:1576:25: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char types[80]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/zipinfo.c:1615:46: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. Info(slide, 0, ((char *)slide, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/zipinfo.c:1620:46: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. Info(slide, 0, ((char *)slide, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/zipinfo.c:1626:46: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. Info(slide, 0, ((char *)slide, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/zipinfo.c:1693:42: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. Info(slide, 0, ((char *)slide, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/zipinfo.c:1704:25: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filenameBuf[32]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/zipinfo.c:1706:25: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(filenameBuf, &ef_ptr[33], 31); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/zipinfo.c:1719:25: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char type[100]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/zipinfo.c:1755:42: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. Info(slide, 0, ((char *)slide, LoadFarString(QDOSdata), data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/zipinfo.c:1763:42: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. Info(slide, 0, ((char *)slide, LoadFarString(AOSVSdata), data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/zipinfo.c:1783:42: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. Info(slide, 0, ((char *)slide, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/zipinfo.c:1793:25: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char md5[33]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/zipinfo.c:1797:29: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(&md5[i<<1], "%02x", ef_ptr[15-i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/zipinfo.c:1818:46: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. Info(slide, 0, ((char *)slide, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/zipinfo.c:1884:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *p, workspace[12], attribs[16]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/zipinfo.c:1885:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char methbuf[5]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/zipinfo.c:1886:19: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static ZCONST char dtype[5]="NXFS"; /* normal, maximum, fast, superfast */ data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/zipinfo.c:1887:19: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static ZCONST char Far os[NUM_HOSTS+1][4] = { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/zipinfo.c:1896:19: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static ZCONST char Far method[NUM_METHODS+1][5] = { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/zipinfo.c:1924:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(&methbuf[1], "%03u", G.crec.compression_method); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/zipinfo.c:1972:21: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(&attribs[12], "%u.%u", hostver/10, hostver%10); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/zipinfo.c:1990:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(&attribs[12], "%u.%u", hostver/10, hostver%10); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/zipinfo.c:2015:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(&attribs[12], "%u.%u", hostver/10, hostver%10); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/zipinfo.c:2042:17: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(&attribs[12], "%u.%u", hostver/10, hostver%10); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/zipinfo.c:2061:17: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(attribs, ".r.-... %u.%u", hostver/10, hostver%10); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/zipinfo.c:2117:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(&attribs[12], "%u.%u", hostver/10, hostver%10); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/zipinfo.c:2208:25: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. Info(slide, 0, ((char *)slide, LoadFarString(MacOSdata), data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/zipinfo.c:2214:25: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. Info(slide, 0, ((char *)slide, LoadFarString(MacOSdata1), data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/zipinfo.c:2241:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char monthbuf[4]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/zipinfo.c:2243:19: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static ZCONST char Far month[12][4] = { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/deflate.c:623:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char*)window, (char*)window+WSIZE, (unsigned)WSIZE); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/revision.h:45:15: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. extern ZCONST char *copyright[1]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/revision.h:46:15: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. extern ZCONST char * far swlicense[50]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/revision.h:47:15: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. extern ZCONST char * far versinfolines[7]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/revision.h:48:15: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. extern ZCONST char * far cryptnote[7]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/tailor.h:273:14: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. IZ_IMP char *memcpy(); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/tailor.h:281:13: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). IZ_IMP long atol(); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/tailor.h:556:19: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). # define zfopen fopen data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/tailor.h:576:19: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). # define zfopen fopen data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/tailor.h:606:21: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). # define zfopen fopen data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/tailor.h:626:21: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). # define zfopen fopen data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/tailor.h:653:21: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). # define zfopen fopen data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/tailor.h:680:21: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). # define zfopen fopen data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/tailor.h:712:17: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). # define zfopen fopen data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/trees.c:1450:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(out_buf, block, out_offset); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/trees.c:1466:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(out_buf + out_offset, block, len); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/unix/z_unix.c:76:23: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). #define opendir(path) fopen(path, "r") data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/unix/z_unix.c:473:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(extra, z->extra, z->ext); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/unix/z_unix.c:475:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(cextra, z->cextra, z->cext); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/unix/z_unix.c:556:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((z->cextra) + z->cext, (z->extra) + z->ext, 4 + ef_data_size); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/unix/z_unix.c:657:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(z->cextra, z->extra, EB_C_UT_SIZE); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/unix/z_unix.c:662:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(z->cextra+EB_C_UT_SIZE, z->extra+EB_L_UT_SIZE, EB_C_UX2_SIZE); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/unix/z_unix.c:734:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char compiler_name[80]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/unix/z_unix.c:738:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char compiler_name[33]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/unix/z_unix.c:741:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char compiler_name[33]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/unix/z_unix.c:744:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char compiler_name[33]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/unix/z_unix.c:748:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char compiler_name[40]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/unix/z_unix.c:758:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char os_name[40]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/unix/z_unix.c:762:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char os_name[40]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/unix/z_unix.c:767:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char os_name[40]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/unix/z_unix.c:774:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(compiler_name, "NeXT DevKit %d.%02d (gcc " __VERSION__ ")", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/unix/z_unix.c:782:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf( compiler_name, "Sun C version %x", __SUNPRO_C); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/unix/z_unix.c:788:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf( compiler_name, "HP C version A.%02d.%02d", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/unix/z_unix.c:793:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf( compiler_name, "HP C version A.%02d.%02d.%02d", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/unix/z_unix.c:799:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf( compiler_name, "DEC C version %c%d.%d-%03d", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/unix/z_unix.c:807:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(compiler_name, "cc version %d", _RELEASE); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/unix/z_unix.c:811:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf( compiler_name, "IBM C version %d.%d.%d", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/unix/z_unix.c:865:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(os_name, "Cray UNICOS release %d", _UNICOS); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/unix/z_unix.c:1049:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char no_msg[ 64]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/unix/z_unix.c:1057:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf( no_msg, "(no message, code = %d.)", err); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/unix/zipup.h:20:20: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). #define zopen(n,p) open(n,p) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/util.c:1110:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char fzofft_buf[ FZOFFT_NUM][ FZOFFT_LEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/util.c:1114:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char fmt[ 16] = "%"; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/util.c:1159:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char fuzofft_buf[ FZOFFT_NUM][ FZOFFT_LEN]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/util.c:1163:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char fmt[ 16] = "%"; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/util.c:1206:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tempstrg[100]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/util.c:1247:9: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). num = atoi(numstring); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/util.c:1296:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char digits[4]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/nt.h:67:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char RootPath[MAX_PATH+1]; /* path to network / filesystem */ data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32_boinc.c:76:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char root[4]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32_boinc.c:118:3: [2] (buffer) wchar_t: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. wchar_t root[4]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32_boinc.c:260:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char rootPathName[4]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32_boinc.c:261:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp1[MAX_PATH], tmp2[MAX_PATH]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32_boinc.c:297:5: [2] (buffer) wchar_t: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. wchar_t rootPathName[4]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32_boinc.c:298:5: [2] (buffer) wchar_t: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. wchar_t tmp1[MAX_PATH], tmp2[MAX_PATH]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32_boinc.c:689:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char rootpath[4]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32_boinc.c:690:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char vol[14]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32_boinc.c:696:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(rootpath, "x:\\"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32_boinc.c:1108:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buf[2]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32_boinc.c:1149:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[80]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32_boinc.c:1151:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf2[80]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32_boinc.c:1157:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "Microsoft C %d.%02d ", _MSC_VER/100, _MSC_VER%100); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32_boinc.c:1166:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf2, "(Visual C++ v%d.%d)", _MSC_VER/100 - 6, _MSC_VER%100/10); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32_boinc.c:1175:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "Watcom C/C++ %d.%02d", __WATCOMC__ / 100, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32_boinc.c:1178:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "Watcom C/C++ %d.%d", __WATCOMC__ / 100, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32_boinc.c:1218:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "rsxnt(djgpp v%d.%02d) / gcc ", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32_boinc.c:1222:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "rsxnt(emx+djgpp v%d.%02d) / gcc ", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32_boinc.c:1338:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[9]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32_boinc.c:1427:11: [2] (buffer) MultiByteToWideChar: Requires maximum length in CHARACTERS, not bytes (CWE-120). wsize = MultiByteToWideChar(CP_ACP, 0, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32_boinc.c:1438:11: [2] (buffer) MultiByteToWideChar: Requires maximum length in CHARACTERS, not bytes (CWE-120). wsize = MultiByteToWideChar(CP_ACP, 0, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32i64.c:103:11: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fTemp = fopen(filename,mode); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32zip.c:502:13: [2] (buffer) MultiByteToWideChar: Requires maximum length in CHARACTERS, not bytes (CWE-120). ulenw = MultiByteToWideChar( data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32zip.c:524:12: [2] (buffer) MultiByteToWideChar: Requires maximum length in CHARACTERS, not bytes (CWE-120). ulen = MultiByteToWideChar( data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32zip.c:634:13: [2] (buffer) MultiByteToWideChar: Requires maximum length in CHARACTERS, not bytes (CWE-120). ulenw = MultiByteToWideChar( data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32zip.c:652:12: [2] (buffer) MultiByteToWideChar: Requires maximum length in CHARACTERS, not bytes (CWE-120). ulen = MultiByteToWideChar( data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32zip.c:680:13: [2] (buffer) MultiByteToWideChar: Requires maximum length in CHARACTERS, not bytes (CWE-120). ulenw = MultiByteToWideChar( data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32zip.c:698:12: [2] (buffer) MultiByteToWideChar: Requires maximum length in CHARACTERS, not bytes (CWE-120). ulen = MultiByteToWideChar( data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32zip.c:1581:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((h = open(f, 0)) != -1) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32zip.c:1771:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char stackbuffer[NTSD_BUFFERSIZE]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32zip.c:1841:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(errbuf, "security info too large to store (%ld bytes), %d max", bytes, 0x7FFF); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32zip.c:1866:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(errbuf, " (%ld bytes security)", bytes); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32zip.c:1938:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(eb_c_ptr, eb_l_ptr, EB_C_UT_SIZE); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/z_nt.c:218:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char TempRootPath[MAX_PATH + 1]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/z_nt.c:352:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(VolumeCaps, &g_VolumeCaps, sizeof(VOLUMECAPS)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/zipup.h:33:22: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). # define zopen(n,p) open(n,p) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:110:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[GETNAM_MAX + 1]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:469:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tempbuf[FNMAX+4081]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:473:9: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(errbuf, " "); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:479:9: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(errbuf, " "); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:482:11: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(errbuf, "\n this may be a result of using -j"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:1362:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(t+1, tempath, l2); /* insert new hlq */ data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:1380:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cur_subvol [FILENAME_MAX]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:1381:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char temp_subvol [FILENAME_MAX]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:1486:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(p, "%08lx", (ulg)time(NULL)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:1490:3: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(t, "ziXXXXXX"); /* must use lowercase for Linux dos file system */ data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:1590:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sbuf[4]; /* buffer for sliding signature window for fix = 2 */ data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:1977:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dst,src,len) /* v2.0f */ data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:2043:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[SPLIT_MAXPATH + 100]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:2085:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(split_dir, "(current directory)"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:2185:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(buf, "(current directory)"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:2233:16: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((f = fopen(split_path, "r")) == NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:2248:16: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((f = fopen(split_path, "r")) == NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:2286:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[FNMAX + 40]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:2313:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(split_dir, "(current directory)"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:2351:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(buf, "(current directory)"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:2421:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ext[6]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:2446:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(ext, "z%02lu", num); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:2492:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ext[6]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:2508:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(ext, "z%02lu", num); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:2715:11: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(tempzip, "ziXXXXXX"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:2717:21: [2] (tmpfile) mkstemp: Potential for temporary file vulnerability in some circumstances. Some older Unix-like systems create temp files with permission to write by all by default, so be sure to set the umask to override this. Also, some older Unix systems might fail to use O_EXCL when opening the file, so make sure that O_EXCL is used by the library (CWE-377). if ((yd = mkstemp(tempzip)) == EOF) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:3001:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char mb[6]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:3156:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char e[7]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:3183:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(e, "%02x", b[i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:3284:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[9]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:3359:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[9]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:3714:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. local char Far optionerrbuf[OPTIONERR_BUF_SIZE + 1]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:3745:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char optname[50]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:4101:24: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. if ((*value = (char *)malloc(strlen(args[argnum + 1]) + 1)) == NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:4127:26: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. if ((*value = (char *)malloc(strlen(args[argnum + 1]) + 1)) == NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:4197:15: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. if ((arg = (char *)malloc(strlen(args[argnum]) + 1)) == NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:4302:24: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. if ((*value = (char *)malloc(strlen(args[argnum + 1]) + 1)) == NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:4705:24: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. if ((*value = (char *)malloc(strlen(args[argn]) + 1)) == NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:4759:22: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. if ((*value = (char *)malloc(strlen(args[argn]) + 1)) == NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_globals.c:25:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errbuf[FNMAX+4081]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:1052:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char bz_opt_ver[81]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:1053:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char bz_opt_ver2[81]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:1054:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char bz_opt_ver3[81]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:1203:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf( bz_opt_ver, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:1205:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf( bz_opt_ver2, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:1207:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf( bz_opt_ver3, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:1289:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cmd[4004]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:1291:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1001]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:1296:5: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(cmd, " -v"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:1317:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "Found UnZip version %4.2f", UnZip_Version); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:1407:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(path, zippath, len); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:1408:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(&path[len], "unzip.exe"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:1479:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(cmd, "unzip -t "); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:1481:5: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(cmd, "-Q4 "); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:1483:19: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. if (!verbose) strcat(cmd, "-qq "); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:1552:10: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen(pattern + 1, "r"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:1680:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tempstrg[100]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:3444:11: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(errbuf, "no such option ID: %ld", option); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:3554:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char mode[10]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:3573:7: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(p, ".log"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:3893:7: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(tempzip, "ziXXXXXX"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:3895:17: [2] (tmpfile) mkstemp: Potential for temporary file vulnerability in some circumstances. Some older Unix-like systems create temp files with permission to write by all by default, so be sure to set the umask to override this. Also, some older Unix systems might fail to use O_EXCL when opening the file, so make sure that O_EXCL is used by the library (CWE-377). if ((yd = mkstemp(tempzip)) == EOF) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:4562:13: [2] (buffer) wcscpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using a function version that stops copying at the end of the buffer. Risk is low because the source is a constant string. wcscpy(fnw, L"testdir/"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:4573:13: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(fn, "testdir/"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:4580:19: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen(fn, "w"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:4586:11: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(fn, "testdir/"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:4597:17: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen(fn, "w"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:4712:7: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(errbuf, "try: zip \""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:4714:9: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(strcat(errbuf, args[i]), "\" "); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:4715:7: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(strcat(errbuf, args[i]), " *.* -i"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:4717:7: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(errbuf, "try: zip"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:4721:7: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(errbuf, " \"\" -i"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:4723:7: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(errbuf, " . -i"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:4894:7: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(tempzip, "ziXXXXXX"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:4896:17: [2] (tmpfile) mkstemp: Potential for temporary file vulnerability in some circumstances. Some older Unix-like systems create temp files with permission to write by all by default, so be sure to set the umask to override this. Also, some older Unix systems might fail to use O_EXCL when opening the file, so make sure that O_EXCL is used by the library (CWE-377). if ((yd = mkstemp(tempzip)) == EOF) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:5658:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tempstrg[100]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:5671:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tempstrg[100]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:5816:16: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(strcat(strcpy(p, zcomment), "\r\n"), e); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.h:319:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. extern char errbuf[FNMAX+4081]; /* Handy place to build error messages */ data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.h:727:10: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. char *memcpy OF((char *, char *, unsigned int)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:423:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(r[-1] == '.' ? r - 1 : r, ".zip"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:428:11: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(q, ".zip"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:430:11: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(t, ".zip"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:435:5: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(t, " ZIP"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:437:5: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(t, ".zip"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:444:7: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(t, "_zip"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:737:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(returnExtra, newExtra, newExtraLen); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:755:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tempExtra + returnExtraLen, pTemp, blocksize + 4); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:762:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tempExtra + returnExtraLen, newExtra, newExtraLen); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:768:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(returnExtra, tempExtra, returnExtraLen); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:855:7: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(errbuf, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:857:7: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(errbuf, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:955:7: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(errbuf, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:957:7: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(errbuf, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:1191:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(pTemp, pZipListEntry->cextra, len); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:1192:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(pTemp + len, pExtraFieldPtr + oldefsize, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:1257:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( pTemp, pZEntry->extra, usTemp ); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:1262:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( pTemp, pOldTemp, usTemp); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:1302:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( pTemp, pZEntry->cextra, usTemp ); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:1307:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( pTemp, pOldTemp, usTemp); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:1387:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( pTemp, pZEntry->extra, usTemp ); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:1392:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( pTemp, pOldTemp, usTemp); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:1487:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( pTemp, pZEntry->extra, usTemp ); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:1492:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( pTemp, pOldTemp, usTemp); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:1619:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( pTemp, pZEntry->cextra, usTemp ); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:1624:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( pTemp, pOldTemp, usTemp); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:1698:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char waste[ 4]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:1771:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(errbuf, "made by version %d.%d on system type %d: ", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:1778:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(errbuf, "needs unzip %d.%d on system type %d: ", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:1793:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(errbuf, "local flags = 0x%04x, central = 0x%04x: ", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:1800:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(errbuf, "undefined bits used in flags = 0x%04x: ", z->flg); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:1804:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(errbuf, "unknown compression method %u: ", z->how); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:1809:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(errbuf, "starts on disk %lu: ", z->dsk); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:1814:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(errbuf, "unknown internal attributes = 0x%04x: ", z->att); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:1823:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(errbuf, "unknown external attributes = 0x%08lx: ", z->atx); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:1837:11: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(errbuf, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:1880:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char b[CENHEAD]; /* buffer for central headers */ data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:2002:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(errbuf, "%lu", (ulg)zcount + 1); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:2163:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[LOCHEAD + 1]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:2295:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(errbuf, "Local Version Needed (%d) does not match CD (%d): ", locz->ver, z->ver); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:2329:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char b[CENHEAD]; /* buffer for central headers */ data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:2339:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char bf[8]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:2647:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(errbuf, "%lu", (ulg)zcount + 1); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:2767:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf2[16]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:2808:15: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(errbuf, " offset %u--local = %02x, central = %02x", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:2909:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf2[16]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:2937:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. local char sigbuf[4]; /* signature found */ data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:3039:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sig[4]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:3085:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tsig1[4]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:3086:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tsig2[4]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:3134:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sig[4]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:3135:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char b[4]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:3204:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char scbuf[FIXSCAN_BUFSIZE]; /* buffer big enough for headers */ data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:3249:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(errbuf, "if archive to fix is split archive, need to provide\n"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:3250:5: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(errbuf, " path of the last split with .zip extension,\n"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:3251:5: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(errbuf, " even if it doesn't exist (zip will ask for splits)"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:3291:7: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(errbuf, "Missing end (EOCDR) signature - either this archive\n"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:3292:7: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(errbuf, " is not readable or the end is damaged"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:3392:11: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(errbuf, " Found end record (EOCDR) - says expect %lu splits", total_disks); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:3394:11: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(errbuf, " Found end record (EOCDR) - says expect single disk archive"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:3516:11: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(errbuf, "skipping disk %lu ...\n", current_in_disk); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:3745:11: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(errbuf, "%lu", (ulg)zcount + 1); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:3779:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(errbuf, "local (%lu) and cen (%lu) crc mismatch", z->crc, cz->crc); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:3923:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errbuftemp[40]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:3925:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(errbuf, "unexpected signature "); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:3927:11: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(errbuftemp, "%02x ", sigbuf[c]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:4022:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char scbuf[SCAN_BUFSIZE]; /* buffer just enough for all header types */ data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:4394:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(errbuf, "Zip entry offsets do not need adjusting"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:4584:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(errbuf, "This archive requires version %d.%d", major, minor); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:4652:11: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(errbuf, "skipping disk %lu ...\n", current_in_disk); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:4723:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errbuftemp[40]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:4725:11: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(errbuf, "bad archive - unexpected signature "); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:4727:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(errbuftemp, "%02x ", sigbuf[c]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:4821:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(errbuf, "%lu", (ulg)zcount + 1); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:6018:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[LOCHEAD + 1]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:6134:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(errbuf, "Illegal host system mapping in local header: %d", os); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:6147:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(errbuf, "Illegal PK version mapping in local header: %d", pkver); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:6156:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(errbuf, "Unrecognized compression method in local header: %d", localz->how); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:6701:7: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(r, ".DIR;1"); /* this assumes a little padding--see PAD */ data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipup.c:190:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. local char file_outbuf[1024]; /* output buffer for compression to file */ data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipup.c:360:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char typestr[4]; /* filetype hex string taken from a */ data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipup.c:367:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(typestr,"%.3X",(((unsigned*)a)[2] & 0x000FFF00) >> 8); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipup.c:488:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tempextra, z->extra, z->ext); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipup.c:495:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tempcextra, z->cextra, z->cext); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipup.c:1225:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf, b, size); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipup.c:1321:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(errbuf, "cannot initialize zlib deflate"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipup.c:1324:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(errbuf, "zlib deflateInit failure (%d)", err); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipup.c:1373:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(b, in_buf + in_offset, (unsigned)block_size); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipup.c:1487:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(errbuf, "unexpected zlib deflate error %d", err); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipup.c:1565:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(errbuf, "unexpected zlib deflate error %d", err); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipup.c:1688:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(errbuf, "cannot initialize bzlib compress"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipup.c:1691:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(errbuf, "bzlib bzCompressInit failure (%d)", err); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipup.c:1795:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(errbuf, "unexpected bzlib compress error %d", err); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipup.c:1902:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(errbuf, "unexpected bzlib compress error %d", err); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/boinc_api.cpp:741:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(buf)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/boinc_api.cpp:1091:31: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const size_t prefix_len = strlen(UPLOAD_FILE_STATUS_PREFIX); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/boinc_api.cpp:1149:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(buf, ""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/boinc_api.cpp:1160:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!strlen(buf)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/boinc_api.cpp:1515:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(p)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/boinc_api.cpp:1516:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). n = fwrite(p, strlen(p), 1, f); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/boinc_api_fortran.cpp:58:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (int i=strlen(p); i<len; i++) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/boinc_opencl.cpp:62:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!strlen(vendor)) return CL_INVALID_DEVICE_TYPE; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/boinc_opencl.cpp:97:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((!type) || (!strlen(type))) return CL_INVALID_DEVICE_TYPE; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/boinc_opencl.cpp:185:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(aid.gpu_type)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/boinc_opencl.cpp:201:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((!gpu_type) || !strlen(gpu_type)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/boinc_opencl.cpp:268:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!strlen(aid.gpu_type)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/graphics2_win.cpp:156:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!strlen(aid.app_name)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/gutil.cpp:729:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). glCallLists((GLsizei)strlen(string), GL_UNSIGNED_BYTE, string); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/gutil_text.cpp:322:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(text[i])) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/mac_icon.cpp:147:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). datalen = strlen(buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/mac_icon.cpp:187:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (i=strlen(pathBuf)-1; i>=0; --i) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/make_app_icon_h.cpp:62:9: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = getc(inFile); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/make_app_icon_h.cpp:72:17: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while ((c = getc(inFile)) != EOF) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/windows_opengl.cpp:141:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!strlen(aid.app_name)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/windows_opengl.cpp:235:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(graphics_msg.window_station) > 0 && data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/windows_opengl.cpp:236:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(graphics_msg.desktop) > 0 && data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/x_opengl.cpp:360:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!strlen(aid.app_name)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/api/x_opengl.cpp:490:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(m.display)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/apps/error.cpp:29:13: [1] (buffer) getchar: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = getchar(); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/apps/upper_case.cpp:220:13: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = fgetc(infile); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/acct_mgr.cpp:70:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!strlen(ami.master_url) && strlen(gstate.acct_mgr_info.master_url)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/acct_mgr.cpp:70:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!strlen(ami.master_url) && strlen(gstate.acct_mgr_info.master_url)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/acct_mgr.cpp:96:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(ami.authenticator)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/acct_mgr.cpp:121:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(gstate.acct_mgr_info.previous_host_cpid)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/acct_mgr.cpp:245:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(gstate.acct_mgr_info.opaque)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/acct_mgr.cpp:609:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!strlen(ami.signing_key)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/acct_mgr.cpp:618:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(gstate.acct_mgr_info.signing_key) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/acct_mgr.cpp:630:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(ami.project_name)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/acct_mgr.cpp:633:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(ami.signing_key)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/acct_mgr.cpp:636:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(ami.opaque)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/acct_mgr.cpp:794:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(host_venue) && strcmp(host_venue, gstate.main_host_venue)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/acct_mgr.cpp:846:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(master_url)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/acct_mgr.cpp:865:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(signing_key)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/acct_mgr.cpp:877:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(login_name) || strlen(authenticator)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/acct_mgr.cpp:877:31: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(login_name) || strlen(authenticator)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/acct_mgr.cpp:889:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(authenticator)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/acct_mgr.cpp:916:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(user_name)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/acct_mgr.cpp:920:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(team_name)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/acct_mgr.cpp:1090:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(user_name)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/acct_mgr.h:100:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!strlen(master_url)) return false; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/acct_mgr.h:101:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(authenticator)) return true; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/acct_mgr.h:102:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!strlen(login_name)) return false; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/acct_mgr.h:103:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!strlen(password_hash)) return false; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app.cpp:766:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(app_version->graphics_exec_path)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app.cpp:774:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(web_graphics_url)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app.cpp:780:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(remote_desktop_addr)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app.cpp:1064:31: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const size_t prefix_len = strlen(UPLOAD_FILE_REQ_PREFIX); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app_config.cpp:75:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const size_t cmdline_len = strlen(avc.cmdline); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app_control.cpp:640:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (p && strlen(buf)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app_control.cpp:647:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (p && strlen(buf)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app_control.cpp:665:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(buf, ""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app_graphics.cpp:62:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(m.window_station)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app_graphics.cpp:66:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(m.desktop)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app_graphics.cpp:70:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(m.display)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app_start.cpp:356:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(avp->file_prefix)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app_start.cpp:369:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (is_io_file && strlen(app_version->file_prefix)) return true; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app_start.cpp:391:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(fref.open_name)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app_start.cpp:665:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!strlen(exec_name)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app_start.cpp:893:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(result->cmdline)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app_start.cpp:1144:13: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask(2); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/app_start.cpp:1239:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(app_version->plan_class)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/boinc_cmd.cpp:304:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(passwd)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/boinc_log.cpp:167:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(datadir)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/check_security.cpp:620:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). datalen = strlen(buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_msgs.cpp:70:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). while (strlen(message) && message[strlen(message)-1] == '\n') { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_msgs.cpp:70:39: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). while (strlen(message) && message[strlen(message)-1] == '\n') { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_msgs.cpp:71:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). message[strlen(message)-1] = 0; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_state.cpp:285:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(host_info.virtualbox_version)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_state.cpp:779:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(project_init.url) && strlen(project_init.account_key)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_state.cpp:779:37: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(project_init.url) && strlen(project_init.account_key)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_state.cpp:1197:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!strlen(host_info.domain_name)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_types.cpp:138:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!strlen(user_friendly_name)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_types.cpp:305:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!strlen(name)) return ERR_BAD_FILENAME; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_types.cpp:450:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(md5_cksum)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_types.cpp:468:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(file_signature)) out.printf(" <file_signature>\n%s\n</file_signature>\n", file_signature); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_types.cpp:488:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(xml_signature)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_types.cpp:621:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(new_info.file_signature)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_types.cpp:624:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(new_info.xml_signature)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_types.cpp:933:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(plan_class)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_types.cpp:936:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(api_version)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_types.cpp:939:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(cmdline)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_types.cpp:942:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(file_prefix)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_types.cpp:961:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (missing_coproc && strlen(missing_coproc_name)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_types.cpp:1084:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(open_name)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/client_types.h:249:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(project_name)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_account.cpp:76:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(project_name)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_account.cpp:302:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(host_venue)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_account.cpp:313:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(p->host_venue)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_account.cpp:526:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!strlen(auth)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_cmdline.cpp:211:47: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). } else if (!strncmp(argv[i], "-psn_", strlen("-psn_"))) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_cmdline.cpp:280:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (p && strlen(p) > 0) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_cmdline.cpp:311:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (p && strlen(p)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_cmdline.cpp:346:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(detach_project_url)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_cmdline.cpp:360:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(reset_project_url)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_cmdline.cpp:372:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(update_prefs_url)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_cmdline.cpp:382:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(attach_project_url)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_files.cpp:249:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!strlen(file_signature) && !cert_sigs) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_files.cpp:282:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!strlen(cksum)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_files.cpp:315:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). } else if (strlen(md5_cksum)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_files.cpp:316:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!strlen(cksum)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_notice.cpp:335:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!strlen(n1.guid)) return false; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_notice.cpp:360:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). n2.seqno, strlen(n2.title)?n2.title:n2.description.c_str() data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_notice.cpp:371:31: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). n2.seqno, strlen(n2.title)?n2.title:n2.description.c_str() data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_notice.cpp:425:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(n.title)?n.title:n.description.c_str() data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_notice.cpp:443:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!strlen(n.feed_url)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_notice.cpp:520:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(n.feed_url)) continue; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_notice.cpp:645:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!poll_interval || !strlen(url)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_prefs.cpp:518:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(main_host_venue)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_prefs.cpp:547:42: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const size_t app_file_open_tag_len = strlen("<app_file>"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_prefs.cpp:548:43: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const size_t app_file_close_tag_len = strlen("</app_file>"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_prefs.cpp:605:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(main_host_venue)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_scheduler.cpp:158:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(p->code_sign_key)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_scheduler.cpp:177:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (pp && strlen(pp->email_hash)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_scheduler.cpp:315:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(rp->avp->plan_class)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_scheduler.cpp:382:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(client_brand)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_scheduler.cpp:601:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(sr.master_url)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_scheduler.cpp:786:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!strlen(project->code_sign_key)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_scheduler.cpp:876:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(avpp.platform) == 0) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_scheduler.cpp:975:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(rp->platform) == 0) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_statefile.cpp:281:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(avp->platform) == 0) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_statefile.cpp:375:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!strlen(rp->platform) || !is_supported_platform(rp->platform)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_statefile.cpp:798:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(language)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_statefile.cpp:813:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(main_host_venue)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_statefile.cpp:952:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(avp->platform) == 0) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_statefile.cpp:1046:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(main_host_venue)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_trickle.cpp:62:31: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const size_t prefix_len = strlen("trickle_up_"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_trickle.cpp:218:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t trickle_len = strlen(msg) + 4096; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/cs_trickle.cpp:290:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int n = (int)strlen(msg)+1; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/file_names.cpp:136:20: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). old_mask = umask(2); // Allow writing by group data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/file_names.cpp:141:9: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask(old_mask); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/file_names.cpp:150:20: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). old_mask = umask(2); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/file_names.cpp:158:9: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask(old_mask); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/file_names.cpp:189:20: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). old_mask = umask(2); // Allow writing by group data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/file_names.cpp:194:9: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask(old_mask); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/file_names.cpp:205:20: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). old_mask = umask(2); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/file_names.cpp:213:9: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask(old_mask); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/file_names.cpp:279:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). q = filename + strlen("account_"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/file_names.cpp:284:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). q = p + strlen(".xml"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/file_names.cpp:285:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(q)) return false; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/file_names.cpp:297:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). q = filename + strlen("statistics_"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/file_names.cpp:308:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). q = p + strlen(".xml"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/file_names.cpp:309:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(q)) return false; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gpu_opencl.cpp:958:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(buf) && ciErrNum == CL_SUCCESS) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gui_rpc_server.cpp:138:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!strlen(password)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gui_rpc_server.cpp:214:53: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!(buf[0] =='#' || buf[0] == ';') && strlen(buf) > 0 ) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gui_rpc_server.cpp:257:66: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). socklen_t len = offsetof(struct sockaddr_un, sun_path) + 1 + strlen(&addr.sun_path[1]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gui_rpc_server.cpp:265:55: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). socklen_t len = offsetof(sockaddr_un, sun_path) + strlen(GUI_RPC_FILE); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gui_rpc_server.cpp:500:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(password)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gui_rpc_server_ops.cpp:82:38: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const size_t HTTP_HEADER_DELIM_LEN = strlen(HTTP_HEADER_DELIM); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gui_rpc_server_ops.cpp:100:48: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). md5_block((const unsigned char*)buf2, (int)strlen(buf2), nonce_hash_correct); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gui_rpc_server_ops.cpp:411:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(hi.product_name)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gui_rpc_server_ops.cpp:417:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(hi.os_name)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gui_rpc_server_ops.cpp:424:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(hi.os_version)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gui_rpc_server_ops.cpp:433:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(hi.domain_name)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gui_rpc_server_ops.cpp:589:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!strlen(result_name)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gui_rpc_server_ops.cpp:669:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(gstate.acct_mgr_info.login_name) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gui_rpc_server_ops.cpp:670:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). || strlen(gstate.acct_mgr_info.authenticator) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gui_rpc_server_ops.cpp:770:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(gstate.project_init.account_key)?"<has_account_key/>":"", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gui_rpc_server_ops.cpp:881:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!strlen(gstate.project_init.url)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gui_rpc_server_ops.cpp:886:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!strlen(gstate.project_init.account_key)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gui_rpc_server_ops.cpp:1135:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(buf)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gui_rpc_server_ops.cpp:1209:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(buf)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gui_rpc_server_ops.cpp:1515:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!strlen(atp->app_version->graphics_exec_path)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gui_rpc_server_ops.cpp:1612:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int n = request?(int)strlen(request):0; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gui_rpc_server_ops.cpp:1614:51: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). md5_block((const unsigned char*)buf, (int)strlen(buf), my_hash, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gui_rpc_server_ops.cpp:1647:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int n = sscanf(p+strlen("Auth-ID: "), "%d", &auth_id); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gui_rpc_server_ops.cpp:1651:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). n = sscanf(p+strlen("Auth-Seqno: "), "%ld", &auth_seqno); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gui_rpc_server_ops.cpp:1655:9: [1] (buffer) sscanf: It's unclear if the %s limit in the format string is small enough (CWE-120). Check that the limit is sufficiently small, or use a different input function. n = sscanf(p+strlen("Auth-Hash: "), "%64s", auth_hash); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gui_rpc_server_ops.cpp:1655:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). n = sscanf(p+strlen("Auth-Hash: "), "%64s", auth_hash); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gui_rpc_server_ops.cpp:1705:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(d.device_name)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gui_rpc_server_ops.cpp:1901:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). p += strlen("Content-Length: "); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gui_rpc_server_ops.cpp:1906:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((int)strlen(p) < n) return false; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gui_rpc_server_ops.cpp:1925:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). send(sock, msg, (int)strlen(msg), 0); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gui_rpc_server_ops.cpp:1979:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). send(sock, buf, (int)strlen(buf), 0); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gui_rpc_server_ops.cpp:1993:9: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). n = read(sock, request_msg+request_nbytes, left); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gui_rpc_server_ops.cpp:2027:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). send(sock, buf, (int)strlen(buf), 0); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gui_rpc_server_ops.cpp:2115:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). n+(int)strlen(XML_HEADER) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/gui_rpc_server_ops.cpp:2117:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). send(sock, buf, (int)strlen(buf), 0); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_linux.cpp:73:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(dist_pretty, ""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_linux.cpp:74:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(dist_name, ""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_linux.cpp:75:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(dist_version, ""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_linux.cpp:76:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(dist_codename, ""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_linux.cpp:160:9: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(buf2, ""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_linux.cpp:161:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(dist_pretty)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_linux.cpp:165:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(dist_name)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_linux.cpp:167:17: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(buf2, " "); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_linux.cpp:169:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(dist_version)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_linux.cpp:171:17: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(buf2, " "); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_linux.cpp:173:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(dist_codename)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_linux.cpp:175:17: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(buf2, " "); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_linux.cpp:180:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(dist_name)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_network.cpp:67:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(domain_name) && strcmp(domain_name, "localhost")) return 0; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_network.cpp:123:48: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). md5_block((const unsigned char*) buf, (int)strlen(buf), out); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_network.cpp:165:48: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). md5_block((const unsigned char*) buf, (int)strlen(buf), host_cpid); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix.cpp:318:20: [1] (buffer) fscanf: It's unclear if the %s limit in the format string is small enough (CWE-120). Check that the limit is sufficiently small, or use a different input function. (void) fscanf(fapm, "%10s %d.%d %x %x", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix.cpp:517:45: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). sizeof(host.p_vendor) - strlen(host.p_vendor) - 1 data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix.cpp:529:49: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int t = sizeof(host.product_name) - strlen(host.product_name) - 2; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix.cpp:532:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(host.product_name)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix.cpp:575:76: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlcpy(buf2, strchr(buf, ':') + 1, sizeof(host.p_model) - strlen(host.p_model) - 1); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix.cpp:583:31: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). family = atoi(buf+strlen("cpu family\t: ")); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix.cpp:588:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). model = atoi(buf+strlen("model\t\t: ")); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix.cpp:592:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). model = atoi(buf+strlen("model : ")); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix.cpp:597:33: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). stepping = atoi(buf+strlen("stepping\t: ")); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix.cpp:600:47: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strstr(buf, "CPU implementer") && strlen(implementer) == 0) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix.cpp:604:48: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strstr(buf, "CPU architecture") && strlen(architecture) == 0) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix.cpp:608:43: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strstr(buf, "CPU variant") && strlen(variant) == 0) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix.cpp:612:40: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strstr(buf, "CPU part") && strlen(cpu_part) == 0) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix.cpp:616:44: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strstr(buf, "CPU revision") && strlen(revision) == 0) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix.cpp:659:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(features)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix.cpp:685:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(implementer)>0) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix.cpp:689:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(architecture)>0) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix.cpp:693:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(variant)>0) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix.cpp:697:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(cpu_part)>0) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix.cpp:701:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(revision)>0) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix.cpp:708:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(features)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix.cpp:1488:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(dist_name)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix.cpp:1551:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!strlen(host_cpid)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix_test.cpp:48:17: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). #define strlcpy strncpy data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix_test.cpp:49:17: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. #define strlcat strncat data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix_test.cpp:295:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(dist_pretty)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix_test.cpp:299:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(dist_name)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix_test.cpp:303:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(dist_version)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix_test.cpp:307:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(dist_codename)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix_test.cpp:314:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(dist_name)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix_test.cpp:419:72: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlcpy(buf2, strchr(buf, ':') + 2, sizeof(p_vendor) - strlen(p_vendor) - 1); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix_test.cpp:430:44: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int t = sizeof(product_name) - strlen(product_name) - 2; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix_test.cpp:433:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(product_name)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix_test.cpp:477:71: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlcpy(buf2, strchr(buf, ':') + 2, sizeof(p_model) - strlen(p_model) - 1); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix_test.cpp:486:31: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). family = atoi(buf+strlen("cpu family\t: ")); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix_test.cpp:491:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). model = atoi(buf+strlen("model\t\t: ")); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix_test.cpp:495:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). model = atoi(buf+strlen("model : ")); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix_test.cpp:500:33: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). stepping = atoi(buf+strlen("stepping\t: ")); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix_test.cpp:503:47: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strstr(buf, "CPU implementer") && strlen(implementer) == 0) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix_test.cpp:507:48: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strstr(buf, "CPU architecture") && strlen(architecture) == 0) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix_test.cpp:511:43: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strstr(buf, "CPU variant") && strlen(variant) == 0) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix_test.cpp:515:40: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strstr(buf, "CPU part") && strlen(cpu_part) == 0) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix_test.cpp:519:44: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strstr(buf, "CPU revision") && strlen(revision) == 0) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix_test.cpp:563:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(features)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix_test.cpp:589:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(implementer)>0) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix_test.cpp:593:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(architecture)>0) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix_test.cpp:597:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(variant)>0) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix_test.cpp:601:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(cpu_part)>0) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix_test.cpp:605:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(revision)>0) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix_test.cpp:612:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(features)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_unix_test.cpp:703:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(dist_name)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_win.cpp:912:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ( strlen(osvi.szCSDVersion) > 0 ) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_win.cpp:921:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ( strlen(osvi.szCSDVersion) > 0 ) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_win.cpp:1057:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (i = 0; i < strlen(name); i++) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_win.cpp:1507:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!strlen(host_cpid)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_wsl.cpp:171:18: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). DWORD avail, read, exitcode; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_wsl.cpp:180:56: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (!ReadFile(out_read, buf, bufsize - 1, &read, NULL) || read == 0) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/hostinfo_wsl.cpp:184:17: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). buf[read] = '\0'; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/http_curl.cpp:78:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(gstate.client_brand)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/http_curl.cpp:123:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (phop->lSeek < (long) strlen(phop->req1)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/http_curl.cpp:128:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). stRead = (int)strlen(phop->req1) - phop->lSeek; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/http_curl.cpp:145:39: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (phop->lSeek >= (long) strlen(phop->req1)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/http_curl.cpp:368:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). content_length += (int)strlen(req1); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/http_curl.cpp:495:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(m_curl_ca_bundle_location) == 0) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/http_curl.cpp:603:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(gstate.language)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/http_curl.cpp:618:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(outfile)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/http_curl.cpp:652:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (infile && strlen(infile)>0) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/http_curl.cpp:871:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(pi.socks5_user_passwd) || strlen(pi.socks5_user_name) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/http_curl.cpp:871:46: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(pi.socks5_user_passwd) || strlen(pi.socks5_user_name) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/http_curl.cpp:880:53: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). } else if (pi.have_autodetect_proxy_settings && strlen(pi.autodetect_server_name)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/log_flags.cpp:57:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int n = (int)strlen(buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/log_flags.cpp:64:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(buf) > 60) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/log_flags.cpp:110:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(buf)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/log_flags.cpp:181:53: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!(buf[0] =='#' || buf[0] == ';') && strlen(buf) > 0 ) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/mac_address.cpp:163:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(address, ""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/mac_address.cpp:245:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(address, ""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/main.cpp:204:9: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask (6); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/project.cpp:384:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). && strlen(gstate.acct_mgr_info.user_name) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/project.cpp:536:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(host_venue)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/project.cpp:547:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(code_sign_key)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/result.cpp:246:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(plan_class)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/result.cpp:399:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(schedule_backoff_reason)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/result.cpp:411:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!strlen(resources)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/result.cpp:448:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(resources)>1) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/sandbox.cpp:111:25: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ssize_t count = read(fds_out[0], buffer, sizeof(buffer)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/sandbox.cpp:128:25: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ssize_t count = read(fds_err[0], buffer, sizeof(buffer)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/scheduler_op.cpp:256:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(buf)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/scheduler_op.cpp:334:44: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const size_t scheduler_close_tag_len = strlen("</scheduler>"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/sim_util.cpp:90:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). while (strlen(message)&&message[strlen(message)-1] == '\n') { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/sim_util.cpp:90:37: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). while (strlen(message)&&message[strlen(message)-1] == '\n') { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/client/sim_util.cpp:91:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). message[strlen(message)-1] = 0; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/BOINCGUIApp.cpp:866:13: [1] (buffer) _tcsncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, or automatically resizing strings. Risk is low because the source is a constant string. _tcsncat(szPath, _T("\\boinc"), ((sizeof(szPath)/sizeof(TCHAR)) - _tcslen(szPath))); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/BOINCGUIApp.cpp:866:79: [1] (buffer) _tcslen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). _tcsncat(szPath, _T("\\boinc"), ((sizeof(szPath)/sizeof(TCHAR)) - _tcslen(szPath))); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/DlgItemProperties.cpp:290:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(project->venue)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/DlgItemProperties.cpp:392:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(result->resources)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/DlgItemProperties.cpp:498:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(app->user_friendly_name)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/DlgItemProperties.cpp:504:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(avp->plan_class)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/MainDocument.cpp:1743:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(rp->web_graphics_url)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/MainDocument.cpp:1748:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(rp->graphics_exec_path)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/MainDocument.cpp:1840:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(res->remote_desktop_addr)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/MainDocument.cpp:1909:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!strlen(state.host_info.domain_name)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/MainDocument.cpp:1942:91: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). wxString strDomainName = wxString(state.host_info.domain_name, wxConvUTF8, strlen(state.host_info.domain_name)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/MainDocument.cpp:1958:87: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). wxString strDomainName = wxString(state.host_info.domain_name, wxConvUTF8, strlen(state.host_info.domain_name)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/MainDocument.cpp:2562:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(result->scheduler_wait_reason)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/MainDocument.cpp:2622:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(result->resources)>1 && show_resources) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/ViewWork.cpp:919:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!strlen(result->remote_desktop_addr)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/ViewWork.cpp:925:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!strlen(result->web_graphics_url) && !strlen(result->graphics_exec_path)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/ViewWork.cpp:925:51: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!strlen(result->web_graphics_url) && !strlen(result->graphics_exec_path)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/ViewWork.cpp:1128:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(app->user_friendly_name)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/ViewWork.cpp:1134:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(avp->plan_class)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/msw/taskbarex.cpp:134:9: [1] (buffer) lstrcpyn: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). lstrcpyn(notifyData.szTip, message.c_str(), ARRAYSIZE(notifyData.szTip)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/msw/taskbarex.cpp:159:5: [1] (buffer) lstrcpyn: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). lstrcpyn(notifyData.szInfoTitle, title.c_str(), ARRAYSIZE(notifyData.szInfoTitle)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/msw/taskbarex.cpp:160:5: [1] (buffer) lstrcpyn: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). lstrcpyn(notifyData.szInfo, message.c_str(), ARRAYSIZE(notifyData.szInfo)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/msw/taskbarex.cpp:184:5: [1] (buffer) lstrcpyn: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). lstrcpyn(notifyData.szInfoTitle, title.c_str(), ARRAYSIZE(notifyData.szInfoTitle)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/msw/taskbarex.cpp:185:5: [1] (buffer) lstrcpyn: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). lstrcpyn(notifyData.szInfo, message.c_str(), ARRAYSIZE(notifyData.szInfo)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/sg_ProjectPanel.cpp:453:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(p) == 0) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/sg_TaskCommandPopup.cpp:137:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!strlen(result->web_graphics_url) && !strlen(result->graphics_exec_path)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/sg_TaskCommandPopup.cpp:137:47: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!strlen(result->web_graphics_url) && !strlen(result->graphics_exec_path)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/sg_TaskCommandPopup.cpp:273:68: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). wxString name = wxString(selData->result_name, wxConvUTF8, strlen(selData->result_name)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/sg_TaskPanel.cpp:806:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(app->user_friendly_name)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientgui/stdwx.h:217:9: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). #define read _read data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/mac_saver_module.cpp:550:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(passwd_buf)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/mac_saver_module.cpp:820:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(passwd_buf)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/mac_saver_module.cpp:920:17: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(m_MessageText, s, p - s); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/screensaver.cpp:124:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!strlen(res.results[i]->graphics_exec_path)) continue; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/screensaver.cpp:185:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!strlen(res.results[i]->graphics_exec_path)) continue; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/screensaver.cpp:204:32: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). char *buf = (char *)malloc(strlen(gfxAppPath)+1); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/screensaver.cpp:234:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(rp->graphics_exec_path)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/screensaver_win.cpp:515:13: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy( data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/screensaver_win.cpp:520:13: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy( data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/screensaver_win.cpp:702:17: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(pszError, m_szError, iErrorSize); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/screensaver_x11.cpp:497:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). con, 0, strlen("_NET_CLIENT_LIST"), "_NET_CLIENT_LIST" data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/clientscr/screensaver_x11.cpp:563:7: [1] (obsolete) usleep: This C routine is considered obsolete (as opposed to the shell command by the same name). The interaction of this function with SIGALRM and other timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead. usleep(500000); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:661:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(updates, ""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:692:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int n = strlen(updates); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:705:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(updates, ""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:891:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int n = strlen(updates); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1665:13: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(mod_clause, ""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1786:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(updates, ""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1818:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int n = strlen(updates); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1904:17: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(main_clause, ""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1907:13: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(mod_clause, ""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1910:31: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). sprintf(mod_clause+(strlen(mod_clause)), " and wu.id >= %lu", wu_id_min); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:1913:31: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). sprintf(mod_clause+(strlen(mod_clause)), " and wu.id <= %lu", wu_id_max); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2414:21: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. if (!first) strcat(query, ","); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/db/boinc_db.cpp:2419:5: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(query, ")"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/app_ipc.cpp:141:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(ai.app_name)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/app_ipc.cpp:144:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(ai.symstore)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/app_ipc.cpp:147:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(ai.acct_mgr_url)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/app_ipc.cpp:150:35: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (ai.project_preferences && strlen(ai.project_preferences)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/app_ipc.cpp:153:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(ai.team_name)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/app_ipc.cpp:157:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(ai.user_name)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/app_ipc.cpp:161:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(ai.project_dir)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/app_ipc.cpp:164:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(ai.boinc_dir)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/app_ipc.cpp:167:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(ai.authenticator)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/app_ipc.cpp:170:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(ai.wu_name)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/app_ipc.cpp:173:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(ai.result_name)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/app_ipc.cpp:177:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(ai.shmem_seg_name)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/app_ipc.cpp:539:35: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). return string(physical_name + strlen(buf)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/boinc_fcgi.cpp:65:5: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). int fgetc(FCGI_FILE *f) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/boinc_fcgi.cpp:80:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). buf[strlen(buf)-1]=0; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/boinc_fcgi.h:27:8: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). #undef fgetc data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/boinc_fcgi.h:77:5: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). int fgetc(FCGI_FILE *f); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/cert_sig.cpp:90:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(sig.subject) == 0) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/cert_sig.cpp:94:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(sig.signature) == 0) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/common_defs.h:360:9: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(device_name, ""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/coproc.cpp:65:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!strlen(type)) return ERR_XML_PARSE; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/coproc.cpp:146:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!strlen(type)) return ERR_XML_PARSE; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/coproc.cpp:218:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!strlen(cp.opencl_prop.name)) continue; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/coproc.cpp:737:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(version)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/crypt.cpp:108:19: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while(EOF!=(j=fgetc(f))) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/crypt.cpp:130:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). n = strlen(p)/2; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/crypt.cpp:205:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). n = (strlen(p)-1)/2; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/crypt.cpp:300:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). in_block.len = (unsigned int)strlen(md5_buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/crypt.cpp:313:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). in_block.len = (unsigned int)strlen(md5_buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/crypt.cpp:332:31: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). block.len = (unsigned int)strlen(text_to_sign); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/crypt.cpp:352:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). n = (int)strlen(md5_buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/crypt.cpp:404:57: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). retval = md5_block((const unsigned char*)text, (int)strlen(text), md5_buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/crypt.cpp:406:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). n = (int)strlen(md5_buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/crypt_prog.cpp:249:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). in.len = strlen((char*)in.data); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/diagnostics.cpp:629:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!strlen(symstore)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/diagnostics.cpp:795:49: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). (void) write(fileno(stderr),"Stack trace (",strlen("Stack trace (")); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/diagnostics.cpp:804:37: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). (void) write(fileno(stderr),p+1,strlen(p+1)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/diagnostics.cpp:805:45: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). (void) write(fileno(stderr)," frames):",strlen(" frames):")); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/diagnostics.cpp:877:40: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). write(fileno(stderr),line, strlen(line)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/diagnostics_win.cpp:1545:42: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const size_t boinc_install_dir_len = strlen(diagnostics_get_boinc_install_dir()); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/filesys.cpp:834:23: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t old_mask = umask(0); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/filesys.cpp:836:5: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask(old_mask); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/filesys.cpp:873:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(filepath) + strlen(dirpath) > MAXPATHLEN-1) return ERR_BUFFER_OVERFLOW; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/filesys.cpp:873:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(filepath) + strlen(dirpath) > MAXPATHLEN-1) return ERR_BUFFER_OVERFLOW; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/filesys.cpp:969:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(relname)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/filesys.cpp:970:9: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(path, "/"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/filesys.cpp:1032:9: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(dir, "."); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client.cpp:256:55: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). socklen_t len = offsetof(sockaddr_un, sun_path) + strlen(GUI_RPC_FILE); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client.cpp:294:47: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). md5_block((const unsigned char*)buf, (int)strlen(buf), nonce_hash); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client.cpp:445:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). p += strlen("data_dir="); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client.cpp:486:21: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(buf2, ""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client_ops.cpp:973:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(result->platform)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client_print.cpp:121:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(plan_class)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/gui_rpc_client_print.cpp:165:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). printf(" resources: %s\n", strlen(resources)?resources:"1 CPU"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/hostinfo.cpp:240:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(product_name)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/hostinfo.cpp:247:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(mac_address)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/hostinfo.cpp:253:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(virtualbox_version)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/mfile.cpp:80:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). n = (int)strlen(buf2); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/mfile.cpp:89:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(buf+len, buf2, n+1); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/mfile.cpp:135:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int n = (int)strlen(p); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/mfile.cpp:143:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(buf+len, p, n+1); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/miofile.cpp:86:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t cursize = strlen(wbuf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/miofile.cpp:142:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). n = (int)strlen(buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/miofile.h:69:20: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). return fgetc(f); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/opencl_boinc.cpp:270:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). n = (int)strlen(s1) - 1; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/opencl_boinc.cpp:331:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!strlen(platform_vendor)) return ERR_XML_PARSE; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/opencl_boinc.cpp:349:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). n = (int)strlen(s1) - 1; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/parse.cpp:123:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(dest, ""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/parse.cpp:151:37: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). char* new_p = (char*)realloc(p, strlen(p) + strlen(buf)+1); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/parse.cpp:151:49: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). char* new_p = (char*)realloc(p, strlen(p) + strlen(buf)+1); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/parse.cpp:202:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t end_tag_len = strlen(end_tag); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/parse.cpp:207:13: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = fgetc(in); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/parse.cpp:231:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). p += strlen(start); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/parse.cpp:244:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). q = strstr(p+strlen(start), end); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/parse.cpp:246:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strcpy_overlap(p, q+strlen(end)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/parse.cpp:257:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int n = (int)strlen(substr); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/parse.cpp:275:40: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const size_t venue_close_tag_len = strlen("</venue>"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/parse.cpp:281:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). p += strlen(buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/parse.cpp:289:9: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(out, ""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/parse.cpp:296:16: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(out, q, p-q); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/parse.cpp:330:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). p += strlen(buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/parse.cpp:361:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). p += strlen(buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/parse.cpp:369:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). p += strlen(buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/parse.cpp:439:55: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (unsigned int i = 0; i < 4 || i < strlen(in); i++) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/parse.cpp:501:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(parsed_tag, ""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/parse.cpp:517:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(buf) > 32) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/parse.cpp:546:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t n = strlen(parsed_tag); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/parse.cpp:582:13: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(buf, ""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/parse.cpp:604:9: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(buf, ""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/parse.cpp:658:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (end != buf+strlen(buf)) return false; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/parse.cpp:693:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (end != buf+strlen(buf)) return false; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/parse.cpp:728:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (end != buf+strlen(buf)) return false; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/parse.cpp:763:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (end != buf+strlen(buf)) return false; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/parse.cpp:798:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (end != buf+strlen(buf)) return false; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/parse.cpp:818:5: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(tag, "/"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/parse.cpp:832:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (end != buf+strlen(buf)) return false; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/parse.cpp:905:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t n = strlen(parsed_tag); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/parse.h:102:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(parsed_tag) > TAG_BUF_LEN-10) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/parse.h:300:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(buf, s, sizeof(buf)-1); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/parse.h:322:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int y = strtol(p+strlen(tag), 0, 0); // this parses 0xabcd correctly data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/parse.h:335:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). y = strtod(p+strlen(tag), NULL); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/procinfo_mac.cpp:108:13: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = fgetc(fd); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/proxy_info.cpp:30:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(http_server_name)) present = true; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/proxy_info.cpp:31:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(socks_server_name)) present = true; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/proxy_info.cpp:55:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(http_server_name)) use_http_proxy = true; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/proxy_info.cpp:56:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(socks_server_name)) use_socks_proxy = true; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/proxy_info.cpp:57:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(http_user_name)) use_http_auth = true; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/proxy_info.cpp:98:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(autodetect_server_name)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.cpp:56:9: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(error_msg, ""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.cpp:57:9: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(type, ""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.cpp:58:9: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(file, ""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/remote_submit.cpp:59:9: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(line, ""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/stackwalker_win.cpp:504:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for ( p = tt + strlen( tt ) - 1; p >= tt; -- p ) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/stackwalker_win.cpp:560:68: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!diagnostics_is_flag_set(BOINC_DIAG_BOINCAPPLICATION) || (0 < strlen(pszSymbolStore))) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/stackwalker_win.cpp:569:67: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (diagnostics_is_flag_set(BOINC_DIAG_BOINCAPPLICATION) && (0 < strlen(pszSymbolStore))) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/stackwalker_win.cpp:911:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(szMsgSymFromAddr) || strlen(szMsgSymGetLineFromAddr) || strlen(szMsgSymGetModuleInfo)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/stackwalker_win.cpp:911:41: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(szMsgSymFromAddr) || strlen(szMsgSymGetLineFromAddr) || strlen(szMsgSymGetModuleInfo)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/stackwalker_win.cpp:911:76: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(szMsgSymFromAddr) || strlen(szMsgSymGetLineFromAddr) || strlen(szMsgSymGetModuleInfo)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/str_util.cpp:56:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t ret = strlen(src); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/str_util.cpp:70:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t dst_len = strlen(dst); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/str_util.cpp:71:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t src_len = strlen(src); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/str_util.cpp:761:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int needle_len = (int)strlen(needle); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/str_util.cpp:762:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int target_len = (int)strlen(target); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/str_util.cpp:783:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t n = strlen(str); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/str_util.cpp:799:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int n = (int)strlen(p); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/str_util.cpp:810:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(boinc, ""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/str_util.cpp:811:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(vbox, ""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/str_util.cpp:812:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(coprocs, ""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/str_util.cpp:848:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t n = strlen(name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/str_util.h:56:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int m = (int)strlen(s), n = (int)strlen(suffix); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/str_util.h:56:38: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int m = (int)strlen(s), n = (int)strlen(suffix); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/str_util.h:66:32: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). return (strncmp(s, prefix, strlen(prefix)) == 0); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/unix_util.cpp:68:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). buf=(char *)malloc(strlen(name)+strlen(value)+2); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/unix_util.cpp:68:41: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). buf=(char *)malloc(strlen(name)+strlen(value)+2); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/unix_util.cpp:75:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(buf)<(strlen(name)+strlen(value)+1)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/unix_util.cpp:75:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(buf)<(strlen(name)+strlen(value)+1)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/unix_util.cpp:75:39: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(buf)<(strlen(name)+strlen(value)+1)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/unix_util.cpp:84:41: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). buf=(char *)realloc(buf,strlen(name)+strlen(value)+2); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/unix_util.cpp:84:54: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). buf=(char *)realloc(buf,strlen(name)+strlen(value)+2); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/unix_util.cpp:93:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). buf=(char *)malloc(strlen(name)+strlen(value)+2); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/unix_util.cpp:93:49: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). buf=(char *)malloc(strlen(name)+strlen(value)+2); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/url.cpp:186:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). in = temp + strlen("://"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/url.cpp:224:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). n = strlen(buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/url.cpp:245:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strcmp(url1+strlen("http://"), url2+strlen("https://"))) return false; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/url.cpp:245:45: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strcmp(url1+strlen("http://"), url2+strlen("https://"))) return false; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/url.cpp:275:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). q = p+strlen(bSSL ? "https://" : "http://"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/url.cpp:283:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). n = strlen(buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/url.cpp:290:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). char& last = out[strlen(out)-1]; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/lib/util.cpp:133:13: [1] (obsolete) usleep: This C routine is considered obsolete (as opposed to the shell command by the same name). The interaction of this function with SIGALRM and other timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead. usleep((int)fmod(seconds*1000000, 1000000)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/condor/boinc_gahp.cpp:132:9: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(ext, ""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/condor/boinc_gahp.cpp:760:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlcpy(response_prefix, p+strlen("RESPONSE_PREFIX "), sizeof(response_prefix)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/condor/boinc_gahp.cpp:845:18: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). char c = fgetc(stdin); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/condor/boinc_gahp.cpp:876:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!strlen(project_url)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/condor/boinc_gahp.cpp:880:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!strlen(authenticator)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/condor/boinc_gahp.cpp:894:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(response_prefix, ""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/example_app/uc2.cpp:248:13: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = fgetc(infile); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/example_app/uc2_graphics.cpp:249:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ttf_load_fonts(strlen(uc_aid.project_dir)?uc_aid.project_dir:"."); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/example_app/ucn.cpp:74:18: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). char c = fgetc(infile); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/browserctrl_win.cpp:221:13: [1] (buffer) wcslen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (wcslen(fileUrl)) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/browsermain_win.cpp:162:9: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(szDebuggingInfo, ""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:831:7: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(buf, inet_ntoa(sa.sin.sin_addr), len); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:837:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). snprintf(buf + strlen(buf), len - (strlen(buf) + 1), "%s%d", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:837:42: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). snprintf(buf + strlen(buf), len - (strlen(buf) + 1), "%s%d", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:1257:9: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). #define read(x, y, z) _read((x), (y), (z)) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:1570:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(buf, path, sizeof(buf)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:1574:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). p = buf + strlen(buf) - 1; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:1628:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). list = val->ptr + strlen(val->ptr); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:1952:41: [1] (buffer) wcslen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). WideCharToMultiByte(CP_UTF8, 0, buf2, wcslen(buf2) + 1, abs_path, len, 0, 0); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:1986:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (p = interp + strlen(interp) - 1; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:2049:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). send(1, buf, strlen(buf), 0); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:2147:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). (int) (strlen(ri->uri) - strlen(conn->path_info)), ri->uri); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:2147:37: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). (int) (strlen(ri->uri) - strlen(conn->path_info)), ri->uri); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:2299:35: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). char *copy = (char *) NS_MALLOC(strlen(str) + 1); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:2439:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). n = (int) strlen(ri->uri); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:2505:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = (int) strlen(str + j); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:2542:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((int) strlen(kw) == i - (pos + 2) && data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:2561:38: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). return mg_match_prefix(pw_pattern, strlen(pw_pattern), path) > 0 || data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:2562:50: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). (pattern != NULL && mg_match_prefix(pattern, strlen(pattern), path) > 0); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:2573:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const size_t cgi_pat_len = strlen(cgi_pat); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:2578:48: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int match_len, root_len = root == NULL ? 0 : strlen(root); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:2583:44: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int domain_len = colon == NULL ? (int) strlen(domain) : colon - domain; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:2612:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (p = buf + strlen(root) + 2; *p != '\0'; p++) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:2880:47: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). SHA1Update(&sha_ctx, (unsigned char *) buf, strlen(buf)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:2889:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). mg_write(conn, buf, strlen(buf)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:3050:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). path_len = strlen(path); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:3092:9: [1] (buffer) sscanf: It's unclear if the %s limit in the format string is small enough (CWE-120). Check that the limit is sufficiently small, or use a different input function. if (((sscanf(datetime, "%d/%3s/%d %d:%d:%d", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:3094:9: [1] (buffer) sscanf: It's unclear if the %s limit in the format string is small enough (CWE-120). Check that the limit is sufficiently small, or use a different input function. (sscanf(datetime, "%d %3s %d %d:%d:%d", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:3096:9: [1] (buffer) sscanf: It's unclear if the %s limit in the format string is small enough (CWE-120). Check that the limit is sufficiently small, or use a different input function. (sscanf(datetime, "%*3s, %d %3s %d %d:%d:%d", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:3098:9: [1] (buffer) sscanf: It's unclear if the %s limit in the format string is small enough (CWE-120). Check that the limit is sufficiently small, or use a different input function. (sscanf(datetime, "%d-%3s-%d %d:%d:%d", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:3119:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). path_len = strlen(path); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:3134:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). vec->len = strlen(vec->ptr); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:3165:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t n = strlen(path), found = 0; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:3184:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(path + n + 1, filename_vec.ptr, filename_vec.len); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:3469:32: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). mg_url_encode(de->file_name, strlen(de->file_name), href, sizeof(href)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:3594:38: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). mg_url_encode(de->file_name, strlen(de->file_name), buf, sizeof(buf)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:4009:59: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). MD5Update(&ctx, (const unsigned char *) p, (unsigned) strlen(p)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:4109:41: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int ch = ' ', ch1 = ',', len = 0, n = strlen(var_name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:4142:42: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). return parse_header(s, s == NULL ? 0 : strlen(s), var_name, buf, buf_size); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:4179:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). mg_snprintf(path + strlen(path), sizeof(path) - strlen(path), "%s", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:4179:53: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). mg_snprintf(path + strlen(path), sizeof(path) - strlen(path), "%s", data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:4191:44: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (mg_match_prefix(opts[SSI_PATTERN], strlen(opts[SSI_PATTERN]), data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:4228:16: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while ((ch = fgetc(fp)) != EOF) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:4430:32: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). conn->mg_conn.uri[strlen(conn->mg_conn.uri) - 1] != '/') { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:4445:39: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). } else if (mg_match_prefix(cgi_pat, strlen(cgi_pat), path) > 0) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:4453:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(conn->server->config_options[SSI_PATTERN]), data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:4829:7: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). n = read(conn->endpoint.fd, buf, conn->cl < (int64_t) sizeof(buf) ? data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:4883:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). name_len = strlen(name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/mongoose.cpp:4921:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(conn->query_string), name, dst, dst_len); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/gfx_html/webboincpng.cpp:120:40: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). image = r_base64_decode(boinc_png, strlen(boinc_png)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/nvcuda/cuda.cpp:96:9: [1] (buffer) getchar: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). getchar(); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/nvcuda/cuda.cpp:246:5: [1] (buffer) getchar: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). getchar(); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/nvcuda/cuda.cpp:334:15: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c=fgetc(infile); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/nvcuda/cuda.cpp:345:15: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c=fgetc(infile); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/openclapp/openclapp.cpp:82:9: [1] (buffer) getchar: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). getchar(); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/openclapp/openclapp.cpp:256:9: [1] (buffer) getchar: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). getchar(); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/openclapp/openclapp.cpp:340:15: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c=fgetc(infile); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/openclapp/openclapp.cpp:351:15: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c=fgetc(infile); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/openclapp/openclapp.cpp:437:12: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while (fgetc(infile)!=EOF) count++; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/openclapp/openclapp.cpp:440:15: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while ((c=fgetc(infile))!=EOF) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/openclapp/openclapp.cpp:518:32: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t sourceSize[] = { strlen(source) }; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/floppyio.cpp:310:16: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). this->fIO->read(dataToReceive, this->szInput); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/floppyio.cpp:345:20: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). this->fIO->read(&cStatusByte, 1); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vbox_common.cpp:995:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(cmdline, ""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vbox_common.cpp:999:13: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(cmdline, " "); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vbox_mscom_impl.cpp:2660:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(cmdline, ""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vbox_mscom_impl.cpp:2664:13: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(cmdline, " "); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vbox_vboxmanage.cpp:1754:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ga_start += strlen("Default Guest Additions ISO:"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/vboxwrapper/vbox_vboxmanage.cpp:1799:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if_start += strlen("Name:"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/wrapper/regerror.c:83:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(buffer, convbuf, bufsize-1); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/wrapper/regexp_int.h:56:17: [1] (buffer) wcslen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). #define cstrlen wcslen data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/wrapper/regexp_int.h:60:18: [1] (buffer) wcsncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). #define cstrncpy wcsncpy data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/wrapper/regexp_int.h:78:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). #define cstrlen strlen data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/wrapper/regexp_int.h:82:18: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). #define cstrncpy strncpy data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/wrapper/wrapper.cpp:226:13: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(p, it->c_str(), it->length()); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/wrapper/wrapper.cpp:227:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = (int)strlen(p); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/wrapper/wrapper.cpp:251:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const size_t s1_len = strlen(s1); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/wrapper/wrapper.cpp:279:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const char* pd = strlen(aid.project_dir)?aid.project_dir:"."; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/wrapper/wrapper.cpp:687:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). p += strlen("$PROJECT_DIR"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/wrapper/wrapper.cpp:709:45: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const size_t boinc_resolve_prefix_len = strlen("boinc_resolve("); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/wrapper/wrapper.cpp:715:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy (lbuf, command_line.c_str(), sizeof(lbuf)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/wrappture/wrappture.cpp:193:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). p += strlen("$PROJECT_DIR"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/samples/wrappture/wrappture.cpp:450:42: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). fraction_done = atof(buf+strlen(PROGRESS_MARKER))/100; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/antique_file_deleter.cpp:141:9: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(path, "/"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/antique_file_deleter.cpp:199:13: [1] (obsolete) usleep: This C routine is considered obsolete (as opposed to the shell command by the same name). The interaction of this function with SIGALRM and other timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead. usleep(antique_usleep); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/assimilator.cpp:94:9: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(mod_clause, ""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/assimilator.cpp:218:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(app.name, ""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/assimilator.cpp:282:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!strlen(app.name)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:152:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(filename, ""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:157:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!strlen(filename)) return ERR_XML_PARSE; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:189:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(output_dir, ""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:190:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(final_output_dir, ""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:191:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(archive_dir, ""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:194:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!strlen(output_dir)) return ERR_XML_PARSE; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:195:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!strlen(final_output_dir)) return ERR_XML_PARSE; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:497:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(boinc)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:503:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(vbox)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:509:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(coprocs)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:580:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). md5_block((unsigned char*)buf, strlen(buf), cpid); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:599:32: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (config.user_country && strlen(user.country)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:605:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (config.user_url && strlen(user.url)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:730:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(team.url)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:737:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(team.name_html)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:745:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(team.description)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:1176:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(spec_filename, ""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:1225:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!strlen(spec_filename)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_dump.cpp:1330:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(spec.archive_dir)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_purge.cpp:649:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(app_name)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/db_purge.cpp:899:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(app_name)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/delete_file.cpp:63:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(file_name, ""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/delete_file.cpp:95:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!strlen(file_name) || host_id == 0) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/feeder.cpp:779:13: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(mod_select_clause, ")"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/feeder.cpp:927:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (using_hr && strlen(order_clause)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_deleter.cpp:332:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(clause, ""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_deleter.cpp:396:9: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(clause, "'"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_upload_handler.cpp:318:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(name, ""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_upload_handler.cpp:319:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(xml_signature, ""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_upload_handler.cpp:350:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(name) == 0) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_upload_handler.cpp:357:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(xml_signature) == 0) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/file_upload_handler.cpp:407:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(name) == 0) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/get_file.cpp:66:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(file_name, ""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/get_file.cpp:102:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!strlen(file_name) || host_id == 0) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:95:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(req_host.domain_name) && strlen(req_host.last_ip_addr) && strlen(req_host.os_name) && strlen(req_host.p_model)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:95:41: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(req_host.domain_name) && strlen(req_host.last_ip_addr) && strlen(req_host.os_name) && strlen(req_host.p_model)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:95:74: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(req_host.domain_name) && strlen(req_host.last_ip_addr) && strlen(req_host.os_name) && strlen(req_host.p_model)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:95:102: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(req_host.domain_name) && strlen(req_host.last_ip_addr) && strlen(req_host.os_name) && strlen(req_host.p_model)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:187:42: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). md5_block((const unsigned char*)buf, strlen(buf), buf2); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:404:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(g_request->host.host_cpid)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:499:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(g_reply->user.email_addr), data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:505:40: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!g_request->using_weak_auth && strlen(g_request->cross_project_id)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:541:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(g_request->client_brand)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:542:9: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(buf, "|"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:545:5: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(buf, "]"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:549:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(g_request->host.virtualbox_version)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:592:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(g_request->host.host_cpid)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:615:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(host.host_cpid)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:617:46: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). md5_block((const unsigned char*)buf, strlen(buf), host.host_cpid); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:754:32: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). bool have_working_prefs = (strlen(g_request->working_global_prefs_xml)>0); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:755:31: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). bool have_master_prefs = (strlen(g_request->global_prefs_xml)>0); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:757:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). bool have_db_prefs = (strlen(g_reply->user.global_prefs)>0); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:882:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!strlen(g_request->code_sign_key)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:1286:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(config.sched_lockfile_dir)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/handle_request.cpp:1537:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(config.sched_lockfile_dir)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/make_work.cpp:103:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(file_name, ""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/plan_class_spec.cpp:66:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). p += strlen("(Android "); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/plan_class_spec.cpp:250:13: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(buf2, " "); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/plan_class_spec.cpp:422:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(sreq.host.virtualbox_version) == 0) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/plan_class_spec.cpp:501:37: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (have_project_prefs_regex && strlen(project_prefs_tag)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/plan_class_spec.cpp:530:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(gpu_utilization_tag)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/plan_class_spec.cpp:741:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). } else if (strlen(gpu_type)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/plan_class_spec.cpp:803:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(gpu_type)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/plan_class_spec.cpp:1165:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(name, ""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/plan_class_spec.cpp:1166:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(gpu_type, ""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/plan_class_spec.cpp:1185:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(project_prefs_tag, ""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/plan_class_spec.cpp:1208:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(gpu_utilization_tag, ""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/put_file.cpp:64:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(file_name, ""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/put_file.cpp:65:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(md5, ""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/put_file.cpp:94:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!strlen(file_name)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/put_file.cpp:128:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (nbytes == -1 || !strlen(md5)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sample_bitwise_validator.cpp:99:17: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(md5_buf, ""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_config.cpp:115:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!strlen(replica_db_host)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_config.cpp:118:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!strlen(replica_db_name)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_config.cpp:121:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!strlen(replica_db_user)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_config.cpp:124:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!strlen(replica_db_passwd)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_config.cpp:366:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (dir && strlen(dir)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_config.cpp:423:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!strlen(project_dir)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_config.cpp:432:13: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(project_dir, "."); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_config.cpp:443:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). vsnprintf(path + strlen(path), sizeof(path) - strlen(path), fmt, ap); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_config.cpp:443:51: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). vsnprintf(path + strlen(path), sizeof(path) - strlen(path), fmt, ap); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_customize.cpp:717:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const char *p=plan_class+strlen(plan_class); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_customize.cpp:849:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(sreq.host.virtualbox_version) == 0) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_files.cpp:51:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!strlen(buf)) continue; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_limit.cpp:89:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!strlen(jl.app_name)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_locality.cpp:1256:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ( strlen(fi.name) == 16 && data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_locality.cpp:1261:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ( strlen(fi.name) == 21 && data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_locality.cpp:1266:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ( strlen(fi.name) == 19 && data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_locality.cpp:1282:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ( strlen(fi.name) == 15 && data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_main.cpp:416:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). } else if (strlen(argv[i])){ data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_main.cpp:553:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(config.debug_req_reply_dir)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_result.cpp:413:17: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(srip->stderr_out, ""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:517:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(buffer) + strlen(text) >= BLOB_SIZE-1) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:517:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(buffer) + strlen(text) >= BLOB_SIZE-1) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:520:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). (int)strlen(buffer), data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:521:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). (int)strlen(text) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:532:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). p += strlen(after); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:587:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(config.replace_download_url_by_timezone)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:628:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(config.replace_download_url_by_timezone)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:685:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(where_clause, ""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:697:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(where_clause)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:703:37: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). retval = dbwu.update_field(buf, strlen(where_clause)?where_clause:NULL); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:842:9: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(buf, ""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:1170:9: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(buf, ""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:1173:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(buf)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_send.cpp:1511:17: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(buf, ""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_timezone.cpp:87:66: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). std::string sa = md5_string((const unsigned char *)longname, strlen((const char *)longname)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_timezone.cpp:89:66: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). std::string sb = md5_string((const unsigned char *)longname, strlen((const char *)longname)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_timezone.cpp:196:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(serverlist[i].name) && (config.max_download_urls_per_file ?(i < config.max_download_urls_per_file) :true); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_timezone.cpp:215:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int total_free = BLOB_SIZE - strlen(old_xml); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_timezone.cpp:238:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). r += strlen("</url>"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_timezone.cpp:260:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). s += strlen(config.replace_download_url_by_timezone); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_types.cpp:55:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int i, n=strlen(p); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_types.cpp:120:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!strlen(name)) return ERR_XML_PARSE; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_types.cpp:132:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(name, ""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_types.cpp:153:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(name, ""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_types.cpp:164:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(name, ""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_types.cpp:245:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(authenticator, ""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_types.cpp:246:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(cross_project_id, ""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_types.cpp:263:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(global_prefs_xml, ""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_types.cpp:264:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(working_global_prefs_xml, ""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_types.cpp:265:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(code_sign_key, ""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_types.cpp:267:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(client_brand, ""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_types.cpp:269:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(global_prefs_source_email_hash, ""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_types.cpp:289:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(authenticator, ""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_types.cpp:290:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(platform.name, ""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_types.cpp:291:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(cross_project_id, ""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_types.cpp:292:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(client_brand, ""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_types.cpp:306:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(global_prefs_xml, ""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_types.cpp:307:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(working_global_prefs_xml, ""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_types.cpp:308:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(code_sign_key, ""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_types.cpp:525:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!strlen(ir.name)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_types.cpp:717:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(variety, ""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_types.cpp:734:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(code_sign_key, ""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_types.cpp:735:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(code_sign_key_signature, ""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_types.cpp:742:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(email_hash, ""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_types.cpp:774:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(config.master_url)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_types.cpp:873:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(config.symstore)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_types.cpp:895:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(email_hash)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_types.cpp:901:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(user.cross_project_id)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_types.cpp:905:44: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). md5_block((unsigned char*)buf, strlen(buf), external_cpid); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_types.cpp:1008:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(code_sign_key)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_types.cpp:1014:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(code_sign_key_signature)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_types.cpp:1193:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(plan_class)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_types.cpp:1202:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(bavp->host_usage.cmdline)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_types.cpp:1231:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(bavp->host_usage.custom_coproc_type)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_types.cpp:1543:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(buf, ""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_types.cpp:1552:9: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(teamid, "0"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_types.cpp:1585:37: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). md5_block((unsigned char*)buf2, strlen(buf2), out); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_types.cpp:1592:37: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). md5_block((unsigned char*)buf2, strlen(buf2), out); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_types.h:91:9: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(cmdline, ""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_types.h:92:9: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(custom_coproc_type, ""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_types.h:103:9: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(cmdline, ""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_util_basic.cpp:133:13: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(dirpath, path, (int)(p-path)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_util_basic.cpp:135:13: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(dirpath, "."); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_util_basic.cpp:156:23: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t old_mask = umask(0); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_util_basic.cpp:160:5: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask(old_mask); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_util_basic.cpp:167:64: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). std::string s = md5_string((const unsigned char*)filename, strlen(filename)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_version.cpp:540:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(avp->plan_class)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/sched_version.cpp:764:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(av.plan_class)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/script_assimilator.cpp:105:21: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(cmd, " "); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/script_validator.cpp:127:17: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(cmd, " "); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/script_validator.cpp:173:17: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(cmd, " "); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/script_validator.cpp:178:17: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(cmd, " "); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/single_job_assimilator.cpp:93:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). safe_strcpy(job_dir, buf+strlen("<job_dir>")); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/trickle_deadline.cpp:92:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(task_name) == 0) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/validate_util.cpp:159:9: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(p_out, ""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/validate_util.cpp:167:9: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(file_name, ""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/sched/validate_util.cpp:168:9: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(open_name, ""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tests/unit-tests/lib/test_str_util.cpp:393:9: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(buf, ""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tests/unit-tests/lib/test_url.cpp:130:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). Risk is low because the source is a constant string. strncpy(url, "https://secure.example.com", sizeof (url)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tests/unit-tests/lib/test_url.cpp:135:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). Risk is low because the source is a constant string. strncpy(url, "https://money.example.com/Dollar$", sizeof (url)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tests/unit-tests/lib/test_url.cpp:140:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). Risk is low because the source is a constant string. strncpy(url, "nothing@ should %", sizeof (url)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tests/unit-tests/lib/test_url.cpp:176:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). Risk is low because the source is a constant string. strncpy(url, "http://www.example.com/", sizeof (url)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tests/unit-tests/lib/test_url.cpp:180:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). Risk is low because the source is a constant string. strncpy(url, "https://www.example.com/", sizeof (url)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tests/unit-tests/lib/test_url.cpp:184:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). Risk is low because the source is a constant string. strncpy(url, "hxxp://www.example.com/", sizeof (url)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tests/unit-tests/lib/test_url.cpp:188:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). Risk is low because the source is a constant string. strncpy(url, "http://www.example.com", sizeof (url)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tests/unit-tests/lib/test_url.cpp:192:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). Risk is low because the source is a constant string. strncpy(url, "http://example/", sizeof (url)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tests/unit-tests/lib/test_url.cpp:201:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). Risk is low because the source is a constant string. strncpy(url, "https://secure.example.com", sizeof (url)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tests/unit-tests/lib/test_url.cpp:206:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). Risk is low because the source is a constant string. strncpy(url, "https://secure.example.com/Dollar$", sizeof (url)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/backend_lib.cpp:102:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(result.xml_doc_out, ""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/backend_lib.cpp:103:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(result.stderr_out, ""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/backend_lib.cpp:190:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(result_template) > sizeof(result.xml_doc_in)-1) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/backend_lib.cpp:193:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). (int)strlen(result_template), (int)sizeof(result.xml_doc_in)-1 data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/backend_lib.cpp:315:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(result_template_filename) > sizeof(wu.result_template_file)-1) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/backend_lib.cpp:318:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). (int)strlen(result_template_filename), data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/create_work.cpp:140:9: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(wu_template_file, ""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/create_work.cpp:141:9: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(result_template_file, ""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/create_work.cpp:246:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(app.name, ""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/create_work.cpp:247:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(db_passwd, ""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/create_work.cpp:367:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!strlen(app.name)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/create_work.cpp:370:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!strlen(jd.wu.name)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/create_work.cpp:373:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!strlen(jd.wu_template_file)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/create_work.cpp:376:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!strlen(jd.result_template_file)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/create_work.cpp:431:9: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(jd.wu_template_file, ""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/create_work.cpp:444:17: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(jd2.wu.name, ""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/create_work.cpp:448:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!strlen(jd2.wu.name)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/create_work.cpp:451:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(jd2.wu_template_file)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/create_work.cpp:454:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!strlen(jd2.wu_template)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/create_work.cpp:469:17: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(jd2.wu.name, ""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/create_work.cpp:472:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!strlen(jd2.wu.name)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/create_work.cpp:485:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(jd2.wu_template_file)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/create_work.cpp:488:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!strlen(jd2.wu_template)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/create_work.cpp:519:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int n = strlen(value_buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/process_input_template.cpp:87:13: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). int c = fgetc(fp); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/process_input_template.cpp:183:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(physical_name, ""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/process_input_template.cpp:213:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!strlen(physical_name)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/process_input_template.cpp:224:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(physical_name)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/process_input_template.cpp:366:21: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(gzipped_url, ""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/process_input_template.cpp:386:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!strlen(physical_name)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/process_input_template.cpp:425:35: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (additional_xml && strlen(additional_xml)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/process_result_template.cpp:56:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). q1 += strlen("<file_info>\n"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/process_result_template.cpp:101:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). q += strlen("</xml_signature>\n"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/process_result_template.cpp:129:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). q = p+strlen(OUTFILE_MACRO); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/process_result_template.cpp:143:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strcpy(temp, p+strlen(UPLOAD_URL_MACRO)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/tools/process_result_template.cpp:159:43: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). safe_strcpy(temp, result_template+strlen("<output_template>")); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/sched_vda.cpp:58:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). char *p = buf + strlen("vda_"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/sched_vda.cpp:560:45: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). char* phys_file_name = r.name + strlen("upload_"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda.cpp:50:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). static int len = strlen(buf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda_lib.h:47:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int n = atoi(p + strlen("BOINC|")); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda_lib2.cpp:117:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(parent->name)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda_lib2.cpp:123:9: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(name, ""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda_lib2.cpp:367:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(parent->name)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/vda/vda_policy.cpp:27:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(description, ""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/boinc_zip.cpp:133:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(av[1])==0) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/boinc_zip.cpp:146:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(av[1])==0) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/boinc_zip.cpp:268:17: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(strPart[0], spattern.c_str(), iPos[iCtr]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/boinc_zip.cpp:270:17: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(strPart[iCtr], spattern.c_str()+lastPos, iPos[iCtr]-lastPos); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/boinc_zip.cpp:277:13: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(strPart[iCtr], spattern.c_str()+lastPos, spattern.length() - lastPos); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/api.c:137:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(version->zlib_version, ZLIB_VERSION, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/api.c:280:33: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). intern_zip = (char *)malloc(strlen(zip)+1); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/api.c:285:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). intern_file = (char *)malloc(strlen(file)+1); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/api.c:391:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((zip == NULL) || (strlen(zip) > ((WSIZE>>2) - 160))) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/api.c:393:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((file == NULL) || (strlen(file) > ((WSIZE>>2) - 160))) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/api.c:581:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). patternLen = strlen(pattern); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/api.c:590:9: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(sz, " "); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/api.c:592:9: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(sz, " "); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/api.c:597:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (i = 0; i < strlen(sz); i++) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/api.c:656:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(archive) >= FILNAMSIZ) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/apihelp.c:103:56: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). while (doc->compare && STRNICMP(doc->compare,slide,strlen(fname))) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/crypt.c:304:18: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if ((c = getc(source)) == EOF) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/crypt.c:356:19: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if ((c1 = getc(source)) == EOF) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/crypt.c:394:19: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if ((c1 = getc(source)) == EOF) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/crypt.c:479:51: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((GLOBAL(key) = (char *)malloc(strlen(passwrd)+1)) == data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/crypt.c:542:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((key_translated = malloc(strlen(GLOBAL(key)) + 1)) == (char *)NULL) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/crypt.c:555:38: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((key_translated = malloc(strlen(GLOBAL(key)) + 1)) == (char *)NULL) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/crypt.h:157:34: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). (encrypted? update_keys(__G__ getc(G.in)^decrypt_byte(__G)) : getc(G.in)) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/crypt.h:157:66: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). (encrypted? update_keys(__G__ getc(G.in)^decrypt_byte(__G)) : getc(G.in)) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/extract.c:615:9: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). read(G.zipfd, (char *)G.inbuf, INBUFSIZ); /* been here before... */ data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/extract.c:972:39: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((G.pInfo->cfilname = zfmalloc(strlen(G.filename) + 1)) == NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/extract.c:1113:28: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if ((G.incnt = read(G.zipfd, (char *)G.inbuf, INBUFSIZ)) <= 0) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/extract.c:1451:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int cndx = strlen(G.filename) - 1; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/extract.c:1505:37: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). fnlen = strlen(G.filename); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/extract.c:1538:33: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). fnlen = strlen(G.answerbuf); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/fileio.c:308:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). blen = strlen(BackupSuffix); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/fileio.c:309:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). flen = strlen(G.filename); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/fileio.c:405:37: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((tfilnam = (char *)malloc(2*strlen(G.filename)+1)) == (char *)NULL) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/fileio.c:455:28: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode_t umask_sav = umask(0077); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/fileio.c:466:9: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask(umask_sav); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/fileio.c:584:28: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if ((G.incnt = read(G.zipfd, (char *)G.inbuf, INBUFSIZ)) == 0) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/fileio.c:590:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). (ulg)strlen(LoadFarString(ReadError)), 0x401); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/fileio.c:627:24: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if ((G.incnt = read(G.zipfd, (char *)G.inbuf, INBUFSIZ)) == 0) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/fileio.c:633:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). (ulg)strlen(LoadFarString(ReadError)), 0x401); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/fileio.c:680:30: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). (G.incnt = read(G.zipfd, (char *)G.inbuf, INBUFSIZ)) <= 0) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/fileio.c:760:24: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if ((G.incnt = read(G.zipfd, (char *)G.inbuf, INBUFSIZ)) <= 0) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/fileio.c:2064:47: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). eol = G.autorun_command + strlen(G.autorun_command) - 1; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/fileio.c:2223:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(G.filename, G.filename_full, length); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/fileio.c:2310:43: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (G.unipath_filename && strlen(G.unipath_filename) == 0) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/fileio.c:2323:19: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(G.filename, G.unipath_filename, FILNAMSIZ - 1); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/fileio.c:2325:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(G.unipath_filename) >= FILNAMSIZ) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/fileio.c:2344:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(fn) >= FILNAMSIZ) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/fileio.c:2391:57: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!(G.filenotes[G.filenote_slot] = malloc(strlen(tmp_fnote)+1))) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/fileio.c:2511:9: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(fmt, "."); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/fileio.c:2522:9: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(fmt, "d"); /* Default radix = decimal. */ data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/inflate.c:304:20: [1] (buffer) getchar: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). # define NEXTBYTE getchar() data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/list.c:537:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). extent fn_len = strlen(G.filename); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/list.c:730:49: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). (*G.message)((zvoid *)&G, (uch *)name, (ulg)strlen(name), 0); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/match.c:132:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int j = strlen(pattern); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/match.c:238:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). srest = s + (strlen((ZCONST char *)s) - strlen((ZCONST char *)p)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/match.c:238:53: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). srest = s + (strlen((ZCONST char *)s) - strlen((ZCONST char *)p)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/process.c:347:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int len=strlen(G.argv0); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/process.c:457:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strcpy(lastzipfn + strlen(lastzipfn), ZSUFX); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/process.c:1099:19: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). siz = read(fh, waste, 1); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/process.c:1140:24: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if ((G.incnt = read(G.zipfd, (char *)G.inbuf, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/process.c:1176:24: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if ((G.incnt = read(G.zipfd,(char *)G.inbuf,INBUFSIZ)) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/process.c:1251:20: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if ((G.incnt = read(G.zipfd, (char *)byterecL, ECLOC64_SIZE+4)) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/process.c:1318:20: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if ((G.incnt = read(G.zipfd, (char *)byterec, ECREC64_SIZE+4)) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/process.c:1343:22: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if ((G.incnt = read(G.zipfd, (char *)byterec, ECREC64_SIZE+4)) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/process.c:1464:24: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if ((G.incnt = read(G.zipfd,(char *)G.inbuf,(unsigned int)G.ziplen)) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/process.c:2010:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(G.filename_full)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/process.c:2036:13: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(G.unipath_filename, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/process.c:2251:7: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(utf8buf + count, mb, c); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/process.c:2362:3: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(e, "#"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/process.c:2366:5: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(e, "U"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/process.c:2368:5: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(e, "L"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/process.c:2374:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((r = malloc(strlen(e) + 1)) == NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/process.c:2399:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(e); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/process.c:2477:9: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(buffer, buf, b); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/process.c:2486:7: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(buffer, buf, b); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/process.c:2495:38: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((local_string = (char *)malloc(strlen(buffer) + 1)) != NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/process.c:2515:40: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((display_string = (char *)malloc(strlen(local_string) + 1)) == NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/process.c:2525:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((ebc = malloc(strlen(display_string) + 1)) == NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/process.c:2559:40: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). wsize = mbstowcs(NULL, local_string, strlen(local_string) + 1); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/process.c:2569:45: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). wsize = mbstowcs(wc_string, local_string, strlen(local_string) + 1); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/ttyio.c:467:5: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). read(f, &c, 1); /* read our character */ data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/ttyio.c:501:5: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). read(f, &c, 1); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/ttyio.c:504:13: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). read(f, &c2, 1); /* throw away all other chars up thru newline */ data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/ttyio.c:635:13: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). read(f, &c, 1); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/ttyio.c:688:28: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if ((c = (char)getc(f)) == '\r') data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/ttyio.h:147:19: [1] (buffer) getchar: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). # define getch() getchar() /* not correct, but may not be on a console */ data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unix/unix.c:209:13: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(G.matchname, wildspec, FILNAMSIZ); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unix/unix.c:228:17: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(G.matchname, wildspec, FILNAMSIZ); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unix/unix.c:232:13: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(G.dirname, wildspec, G.dirnamelen); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unix/unix.c:265:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(G.matchname, wildspec, FILNAMSIZ); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unix/unix.c:459:32: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). extent fnlen = strlen(G.filename); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unix/unix.c:483:5: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask( (int)(tmp=umask(0)) ); /* apply mask to expanded r/w(/x) perms */ data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unix/unix.c:483:22: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask( (int)(tmp=umask(0)) ); /* apply mask to expanded r/w(/x) perms */ data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unix/unix.c:634:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (G.filename[strlen(G.filename) - 1] == '/') { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unix/unix.c:706:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). sprintf(pathcomp+strlen(pathcomp), ",%03x", (int)(ft>>8) & 0xFFF); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unix/unix.c:909:43: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((G.buildpath = (char *)malloc(strlen(G.filename)+G.rootlen+ data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unix/unix.c:912:43: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((G.buildpath = (char *)malloc(strlen(G.filename)+G.rootlen+1)) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unix/unix.c:944:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((G.rootlen = strlen(pathcomp)) > 0) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unix/unix.c:1137:42: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ucsize + strlen(G.filename); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unix/unix.c:1330:55: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). d_entry = (uxdirattr *)malloc(sizeof(uxdirattr) + strlen(G.filename)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unix/unix.c:1460:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). (strlen(__VERSION__) > 8)? "(gcc)" : data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unix/unix.c:1715:43: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). (*G.message)((zvoid *)&G, slide, (ulg)strlen((char *)slide), 0); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unix/unix.c:1818:49: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!strncmp(extra->longid, LONGID, strlen(LONGID))) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unix/unix.c:1835:49: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!strncmp(jbp->longid, JBLONGID, strlen(JBLONGID))) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unzip.c:938:32: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((sz[0] != 'F') || (strlen(sz) != 16)) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unzip.c:946:32: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((sz[0] != '8') || (strlen(sz) != 16)) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unzip.c:1034:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (p = argv[0] + strlen(argv[0]); p >= argv[0]; --p) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unzip.c:1079:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(argv[i]) > ((WSIZE>>2) - 160)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unzip.c:1359:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). s += strlen(s); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unzpriv.h:442:11: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). # define umask(n) /* don't have umask() on MTS */ data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unzpriv.h:537:32: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). extern int open(), close(), read(); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unzpriv.h:2686:11: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). # define read(fd,buf,n) fread((buf),1,(n),(FILE *)(fd)) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unzpriv.h:2712:46: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). (ulg)(sprintf sprf_arg, strlen((char *)(buf))), (flag)) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/unzpriv.h:2777:21: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). # define NEXTBYTE getc(G.in) /* redefined in crypt.h if full version */ data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/win32/win32.c:225:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). extent len = strlen(n); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/win32/win32.c:230:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). (p = malloc(strlen(n) + 5)) == NULL) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/win32/win32.c:1062:38: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). char *ansi_name = (char *)alloca(strlen(G.filename) + 1); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/win32/win32.c:1201:37: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). + strlen(G.filename)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/win32/win32.c:1243:32: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ansi_name = (char *)alloca(strlen(d->fn) + 1); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/win32/win32.c:1342:38: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). char *ansi_name = (char *)alloca(strlen(fname) + 1); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/win32/win32.c:1415:38: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). char *ansi_name = (char *)alloca(strlen(name) + 1); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/win32/win32.c:1440:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(G.lastRootPath, tmp0, 2); /* Build the root path name, */ data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/win32/win32.c:1510:13: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(G.matchname, wildspec, FILNAMSIZ); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/win32/win32.c:1530:17: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(G.matchname, wildspec, FILNAMSIZ); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/win32/win32.c:1534:13: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(G.dirname, wildspec, G.dirnamelen); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/win32/win32.c:1551:21: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(fnamestart, "."); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/win32/win32.c:1557:56: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). fnamestart = plastchar(fnamestart, strlen(fnamestart)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/win32/win32.c:1572:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(G.matchname, wildspec, FILNAMSIZ); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/win32/win32.c:1599:13: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(fnamestart, "."); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/win32/win32.c:1603:48: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). fnamestart = plastchar(fnamestart, strlen(fnamestart)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/win32/win32.c:1684:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). G.fnlen = strlen(G.filename); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/win32/win32.c:1814:42: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). char *ansi_name = (char *)alloca(strlen(G.filename) + 1); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/win32/win32.c:1885:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). sprintf(pathcomp+strlen(pathcomp), ",%03x", (int)(ft>>8) & 0xFFF); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/win32/win32.c:1903:42: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). char *ansi_name = (char *)alloca(strlen(G.filename) + 1); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/win32/win32.c:1976:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (i = strlen(pathcomp) + 1; i > 0; --i) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/win32/win32.c:2411:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((G.rootlen = strlen(pathcomp)) > 0) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/win32/win32.c:2726:42: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). char *ansi_path = (char *)alloca(strlen(path) + 1); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/win32/win32.c:2792:42: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). char *ansi_path = (char *)alloca(strlen(path) + 1); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/win32/win32.c:3003:9: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(buffer, buf, 1); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/win32/win32.c:3012:7: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(buffer, buf, bytes_char); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/win32/win32.c:3021:47: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((local_string = (char *)realloc(buffer, strlen(buffer) + 1)) == NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/zipinfo.c:1557:37: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(q+2, data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/zipinfo.c:1585:35: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(types); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/unzip/zipinfo.c:1594:35: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(types); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/crypt.h:157:34: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). (encrypted? update_keys(__G__ getc(G.in)^decrypt_byte(__G)) : getc(G.in)) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/crypt.h:157:66: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). (encrypted? update_keys(__G__ getc(G.in)^decrypt_byte(__G)) : getc(G.in)) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/tailor.h:360:55: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). # define lastchar(ptr) ((*(ptr)=='\0') ? '\0' : ptr[strlen(ptr)-1]) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/ttyio.h:149:19: [1] (buffer) getchar: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). # define getch() getchar() /* not correct, but may not be on a console */ data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/unix/z_unix.c:164:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((p = malloc(strlen(n)+2)) == NULL) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/unix/z_unix.c:170:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). a = p + strlen(p); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/unix/z_unix.c:172:9: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(a, "/"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/unix/z_unix.c:184:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((a = malloc(strlen(p) + strlen(e) + 1)) == NULL) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/unix/z_unix.c:184:39: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((a = malloc(strlen(p) + strlen(e) + 1)) == NULL) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/unix/z_unix.c:266:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((n = malloc(strlen(t) + 1)) == NULL) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/unix/z_unix.c:292:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((x = malloc(strlen(n) + 1 + PAD)) == NULL) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/unix/z_unix.c:347:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int len = strlen(f); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/unix/z_unix.c:573:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int len = strlen(z->name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/unix/z_unix.c:701:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(d); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/unix/zipup.h:21:22: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). #define zread(f,b,n) read(f,b,n) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/util.c:196:22: [1] (buffer) wcslen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). swrest = sw + (wcslen(sw) - wcslen(pw)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/util.c:196:35: [1] (buffer) wcslen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). swrest = sw + (wcslen(sw) - wcslen(pw)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/util.c:363:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). srest = s + (strlen(s) - strlen(p)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/util.c:363:32: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). srest = s + (strlen(s) - strlen(p)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/util.c:514:34: [1] (buffer) wcslen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ((sw1 = (wchar_t *)malloc((wcslen(sw) + 2) * sizeof(wchar_t))) != NULL)) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/util.c:517:5: [1] (buffer) wcscat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Risk is low because the source is a constant character. wcscat(sw1, L"."); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/util.c:545:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ((s1 = malloc(strlen(s) + 2)) != NULL)) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/util.c:548:5: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(s1, "."); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/util.c:832:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). bufptr = malloc(1 + strlen(envptr)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/util.c:1124:9: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat( fmt, "."); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/util.c:1135:9: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat( fmt, "d"); /* Default radix = decimal. */ data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/util.c:1173:9: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat( fmt, "."); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/util.c:1184:9: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat( fmt, "u"); /* Default radix = decimal. */ data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/util.c:1241:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(numstring) > 8) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32_boinc.c:86:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(root, dir, 3); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32_boinc.c:128:5: [1] (buffer) wcsncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). wcsncpy(root, dir, 3); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32_boinc.c:163:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). char *ansi_name = (char *)alloca(strlen(name) + 1); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32_boinc.c:191:44: [1] (buffer) wcslen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). wchar_t *ansi_namew = (wchar_t *)alloca((wcslen(namew) + 1) * sizeof(wchar_t)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32_boinc.c:235:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). char *ansi_name = (char *)alloca(strlen(name) + 1); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32_boinc.c:264:38: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). char *ansi_path = (char *)alloca(strlen(path) + 1); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32_boinc.c:277:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(rootPathName, tmp0, 3); /* Build the root path name, */ data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32_boinc.c:301:45: [1] (buffer) wcslen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). wchar_t *ansi_path = (wchar_t *)alloca((wcslen(path) + 1) * sizeof(wchar_t)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32_boinc.c:314:5: [1] (buffer) wcsncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). wcsncpy(rootPathName, tmp0, 3); /* Build the root path name, */ data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32_boinc.c:544:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). char *ansi_name = (char *)alloca(strlen(name) + 1); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32_boinc.c:668:38: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). char *ansi_name = (char *)alloca(strlen(x) + 1); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32_boinc.c:808:42: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). char *ansi_path = (char *)alloca(strlen(path) + 1); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32_boinc.c:869:42: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). char *ansi_path = (char *)alloca(strlen(path) + 1); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32_boinc.c:916:42: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). char *ansi_path = (char *)alloca(strlen(pathw) + 1); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32_boinc.c:977:42: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). char *ansi_path = (char *)alloca(strlen(pathw) + 1); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32_boinc.c:1385:9: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(buffer, buf, 1); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32_boinc.c:1394:7: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(buffer, buf, bytes_char); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32_boinc.c:1408:47: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((local_string = (char *)realloc(buffer, strlen(buffer) + 1)) == NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32zip.c:120:31: [1] (buffer) wcslen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((pw = (wchar_t *)malloc(wcslen(nw) * sizeof(wchar_t) + data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32zip.c:127:13: [1] (buffer) wcslen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). qw = pw + wcslen(pw); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32zip.c:133:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (i = 0; i < strlen(wild_match_all); i++) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32zip.c:162:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). (p = malloc(strlen(n) + (2 + sizeof(wild_match_all)))) == NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32zip.c:167:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). q = p + strlen(p); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32zip.c:348:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). c = fp + strlen(fp) - 1; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32zip.c:389:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (f = fp + strlen(fp); f != fp; f--) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32zip.c:398:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). nr = strlen(fp) - (f - fp); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32zip.c:409:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((q = malloc(strlen(f) + 2)) == NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32zip.c:413:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). *n = q + (strlen(q) - nr + 1); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32zip.c:415:5: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(q, "/"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32zip.c:593:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((r = realloc(r, strlen(r) + strlen(q) + 3)) == NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32zip.c:593:39: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((r = realloc(r, strlen(r) + strlen(q) + 3)) == NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32zip.c:598:7: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(r, "/"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32zip.c:607:5: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(r, "/"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32zip.c:788:27: [1] (buffer) wcslen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). name = wildtail + wcslen(wildtail) - 1; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32zip.c:807:18: [1] (buffer) wcslen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). newlen = wcslen(whole) + wcslen(subwild) + (ONENAMELEN + 2); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32zip.c:807:34: [1] (buffer) wcslen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). newlen = wcslen(whole) + wcslen(subwild) + (ONENAMELEN + 2); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32zip.c:809:18: [1] (buffer) wcslen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). newlen = wcslen(whole) + (ONENAMELEN + 1); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32zip.c:817:14: [1] (buffer) wcslen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). newlen = wcslen(newwhole); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32zip.c:830:35: [1] (buffer) wcslen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). name = newwhole + wcslen(newwhole); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32zip.c:878:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). name = wildtail + strlen(wildtail) - 1; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32zip.c:897:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). newlen = strlen(whole) + strlen(subwild) + (ONENAMELEN + 2); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32zip.c:897:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). newlen = strlen(whole) + strlen(subwild) + (ONENAMELEN + 2); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32zip.c:899:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). newlen = strlen(whole) + (ONENAMELEN + 1); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32zip.c:907:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). newlen = strlen(newwhole); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32zip.c:920:35: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). name = newwhole + strlen(newwhole); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32zip.c:1007:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((p = malloc(strlen(w) + 2)) == NULL) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32zip.c:1030:11: [1] (buffer) wcscpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using a function version that stops copying at the end of the buffer. Risk is low because the source is a constant character. wcscpy(qw, L"."); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32zip.c:1042:11: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(q, "."); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32zip.c:1055:9: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(q, "."); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32zip.c:1186:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((p = (char *) malloc(strlen(n)+2)) == NULL) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32zip.c:1192:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). a = p + strlen(p); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32zip.c:1194:9: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(a, "/"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32zip.c:1206:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((a = malloc(strlen(p) + strlen(e) + 1)) == NULL) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32zip.c:1206:39: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((a = malloc(strlen(p) + strlen(e) + 1)) == NULL) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32zip.c:1327:30: [1] (buffer) wcslen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). pw = (wchar_t *)malloc( (wcslen(nw)+2) * sizeof(wchar_t) ); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32zip.c:1334:17: [1] (buffer) wcslen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). aw = pw + wcslen(pw); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32zip.c:1335:14: [1] (buffer) wcslen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (pw[wcslen(pw) - 1] != (wchar_t)'/') data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32zip.c:1336:9: [1] (buffer) wcscpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using a function version that stops copying at the end of the buffer. Risk is low because the source is a constant character. wcscpy(aw, L"/"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32zip.c:1348:29: [1] (buffer) wcslen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((aw = malloc((wcslen(pw) + wcslen(ew) + 1) * sizeof(wchar_t))) == NULL) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32zip.c:1348:42: [1] (buffer) wcslen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((aw = malloc((wcslen(pw) + wcslen(ew) + 1) * sizeof(wchar_t))) == NULL) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32zip.c:1451:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((n = malloc(strlen(t) + 1)) == NULL) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32zip.c:1520:21: [1] (buffer) wcslen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((nw = malloc((wcslen(tw) + 1) * sizeof(wchar_t))) == NULL) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32zip.c:1545:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((x = malloc(strlen(n) + 1 + PAD)) == NULL) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32zip.c:1562:21: [1] (buffer) wcslen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((xw = malloc((wcslen(nw) + 1 + PAD) * sizeof(wchar_t))) == NULL) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32zip.c:1619:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). unsigned int len = strlen(f); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/win32zip.c:1701:22: [1] (buffer) wcslen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). unsigned int len = wcslen(fw); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/win32/zipup.h:45:22: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). #define zread(f,b,n) read(f,b,n) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:116:15: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while ((c = getc(fp)) == '\n' || c == '\r') data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:124:9: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = getc(fp); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:140:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((p = malloc(strlen(name) + 1)) == NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:685:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((z->name = malloc(strlen(name) + 1 + PAD)) == NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:714:40: [1] (buffer) wcslen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((z->namew = (wchar_t *)malloc((wcslen(namew) + 1) * sizeof(wchar_t))) == NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:780:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). (f->name = malloc(strlen(name) + 1 + PAD)) == NULL) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:804:40: [1] (buffer) wcslen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((f->namew = (wchar_t *)malloc((wcslen(namew) + 1) * sizeof(wchar_t))) == NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:936:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((oname = malloc(strlen(zname) + 1)) == NULL) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:954:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((z->name = malloc(strlen(name) + 1 + PAD)) == NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:1030:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). (f->name = malloc(strlen(name) + 1 + PAD)) == NULL) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:1335:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((t = malloc(strlen(tempath) + L_tmpnam + 2)) == NULL) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:1351:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int l1 = strlen(t); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:1358:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int l2 = strlen(tempath); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:1402:5: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(tptr, zip, _min(FILENAME_MAX, (zptr - zip)) ); /* temp subvol */ data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:1403:5: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(t, zip, _min(NAMELEN, ((zptr - zip) + 1)) ); /* temp stem */ data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:1406:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ptr = t + strlen(t); /* point to end of stem */ data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:1440:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((t = malloc(strlen(tempath) + 12)) == NULL) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:1449:9: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(t, "/"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:1457:9: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(t, "/"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:1462:7: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(t, "."); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:1467:7: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(t, "_"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:1470:7: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(t, "/"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:1485:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). char *p = t + strlen(t); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:1859:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((split_path = malloc(strlen(in_path) + 1)) == NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:1906:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((split_path = malloc(strlen(in_path) + 1)) == NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:2049:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((split_dir = malloc(strlen(in_path) + 40)) == NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:2055:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (i = strlen(split_dir) - 1; i >= 0; i--) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:2066:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((archive_name = malloc(strlen(in_path) + 1)) == NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:2069:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(in_path) == strlen(split_dir)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:2069:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(in_path) == strlen(split_dir)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:2072:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strcpy(archive_name, in_path + strlen(split_dir)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:2076:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((split_name = malloc(strlen(split_path) + 1)) == NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:2079:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(in_path) == strlen(split_dir)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:2079:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(in_path) == strlen(split_dir)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:2082:37: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strcpy(split_name, split_path + strlen(split_dir)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:2166:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(buf) > 0) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:2174:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (i = strlen(buf); i >= 0; i--) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:2189:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). i = strlen(archive_name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:2191:31: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((in_path = malloc(strlen(archive_name) + 40)) == NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:2198:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (i = strlen(buf); i >= 0; i--) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:2207:31: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((in_path = malloc(strlen(buf) + strlen(archive_name) + 40)) == NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:2207:45: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((in_path = malloc(strlen(buf) + strlen(archive_name) + 40)) == NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:2220:31: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((split_dir = malloc(strlen(in_path) + 40)) == NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:2225:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (i = strlen(split_dir); i >= 0; i--) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:2289:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((split_dir = malloc(strlen(out_path) + 40)) == NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:2295:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (i = strlen(split_dir); i >= 0; i--) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:2304:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((split_name = malloc(strlen(out_path) + 1)) == NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:2307:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(out_path) == strlen(split_dir)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:2307:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(out_path) == strlen(split_dir)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:2310:35: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strcpy(split_name, out_path + strlen(split_dir)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:2332:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(buf) > 0) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:2340:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (i = strlen(buf); i >= 0; i--) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:2355:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). i = strlen(split_name); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:2357:32: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((out_path = malloc(strlen(split_name) + 40)) == NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:2364:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (i = strlen(buf); i >= 0; i--) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:2373:32: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((out_path = malloc(strlen(buf) + strlen(split_name) + 40)) == NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:2373:46: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((out_path = malloc(strlen(buf) + strlen(split_name) + 40)) == NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:2382:31: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((split_dir = malloc(strlen(out_path) + 40)) == NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:2387:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (i = strlen(split_dir); i >= 0; i--) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:2393:32: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((split_name = malloc(strlen(out_path) + 1)) == NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:2396:37: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strcpy(split_name, out_path + strlen(split_dir)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:2436:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((split_path = malloc(strlen(base_path) + 1)) == NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:2450:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). base_len = strlen(base_path) - 3; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:2451:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). path_len = base_len + strlen(ext); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:2458:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). vers_len = strlen( vers_ptr); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:2511:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). base_len = strlen(base_path) - 3; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:2512:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). path_len = base_len + strlen(ext); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:2519:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). vers_len = strlen( vers_ptr); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:2695:35: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((tempzip = malloc(strlen(tempath) + 12)) == NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:2700:15: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(tempzip, "/"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:2705:35: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((tempzip = malloc(strlen(zipfile) + 12)) == NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:2709:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for(i = strlen(tempzip); i > 0; i--) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:3018:7: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(utf8buf + count, mb, c); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:3063:15: [1] (buffer) wcslen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). wchar_len = wcslen(wchar_string); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:3173:3: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(r, "#"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:3177:5: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(r, "U"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:3180:5: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(r, "L"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:3208:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(e); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:3318:9: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(buffer, buf, b); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:3327:7: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(buffer, buf, b); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:3341:38: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((local_string = (char *)malloc(strlen(buffer) + 1)) == NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:3384:39: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((escape_string = (char *)malloc(strlen(buffer) + 1)) == NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:3415:41: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((temp_string = (char *)malloc(2 * strlen(local_string) + 1)) == NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:3446:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((ebc = malloc(strlen(display_string) + 1)) == NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:3455:40: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((display_string = (char *)malloc(strlen(temp_string) + 1)) == NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:3505:45: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). wsize = mbstowcs(wc_string, local_string, strlen(local_string) + 1); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:3799:31: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((new_args[j] = malloc(strlen(args[j]) + 1)) == NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:3884:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((newarg = (char *) malloc(strlen(arg) + 1)) == NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:4076:7: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(*value, start, (int)(s - start)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:4092:40: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((*value = (char *)malloc(strlen(arg + (*optchar) + clen) + 1)) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:4101:38: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((*value = (char *)malloc(strlen(args[argnum + 1]) + 1)) == NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:4118:40: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((*value = (char *)malloc(strlen(arg + (*optchar) + clen) + 1)) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:4127:40: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((*value = (char *)malloc(strlen(args[argnum + 1]) + 1)) == NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:4197:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((arg = (char *)malloc(strlen(args[argnum]) + 1)) == NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:4234:70: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (options[op].longopt && strncmp(options[op].longopt, longopt, strlen(longopt)) == 0) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:4281:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((*value = (char *)malloc(strlen(valuestart) + 1)) == NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:4294:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((*value = (char *)malloc(strlen(valuestart) + 1)) == NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:4302:38: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((*value = (char *)malloc(strlen(args[argnum + 1]) + 1)) == NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:4632:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((*value = (char *)malloc(strlen(arg) + 1)) == NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:4705:38: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((*value = (char *)malloc(strlen(args[argn]) + 1)) == NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:4759:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((*value = (char *)malloc(strlen(args[argn]) + 1)) == NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:4785:40: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((*value = (char *)malloc(strlen(arg) + 1)) == NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:4827:44: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((*value = (char *)malloc(strlen(arg) + 1)) == NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/z_fileio.c:4883:38: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((*value = (char *)malloc(strlen(arg) + 1)) == NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:474:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (a && strlen(a)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:483:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). } else if (a && strlen(a)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:489:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (a && strlen(a)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:498:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). } else if (a && strlen(a)) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:1274:3: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(zipfile, "-"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:1295:5: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(cmd, unzippath, 4000); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:1336:32: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((zipnam = (char *)malloc(strlen(zipname) + 3)) == NULL) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:1341:3: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(zipnam, "\""); /* accept spaces in name and path */ data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:1343:3: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(zipnam, "\""); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:1357:31: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((cmd = (char *)malloc(strlen(unzip_path) + strlen(zipnam) + 3)) == NULL) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:1357:52: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((cmd = (char *)malloc(strlen(unzip_path) + strlen(zipnam) + 3)) == NULL) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:1365:7: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(cmd, " "); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:1367:7: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(cmd, " "); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:1372:7: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(cmd, " "); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:1440:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((cmd = malloc(strlen(unzip_path) + strlen(zipname) + 3)) == NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:1440:44: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((cmd = malloc(strlen(unzip_path) + strlen(zipname) + 3)) == NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:1449:7: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(cmd, " "); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:1451:7: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(cmd, "'"); /* accept space or $ in name */ data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:1453:7: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(cmd, "'"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:1457:7: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(cmd, " "); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:1462:7: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(cmd, " "); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:1464:7: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(cmd, "'"); /* accept space or $ in name */ data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:1466:7: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(cmd, "'"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:1475:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((cmd = malloc(20 + strlen(zipname))) == NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:1488:5: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(cmd, "'"); /* accept space or $ in name */ data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:1490:5: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(cmd, "'"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:1655:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((name = malloc(strlen(filearg) + 1)) == NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:3130:31: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). (argcnt == 2 && strlen(args[1]) == 2)) { /* -v only */ data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:3361:39: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((in_path = malloc(strlen(zipfile) + 1)) == NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:3369:40: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((out_path = malloc(strlen(zipfile) + 1)) == NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:3569:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((p = malloc(strlen(logfile_path) + 5)) == NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:3579:7: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. sprintf(mode, "a"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:3581:7: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. sprintf(mode, "w"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:3604:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (j = 0; j < strlen(args[i]); j++) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:3626:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int plen = strlen(out_path); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:3631:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). plen -= strlen( vms_file_version( out_path)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:3873:31: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((tempzip = malloc(strlen(tempath) + 12)) == NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:3878:11: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(tempzip, "/"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:3883:31: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((tempzip = malloc(strlen(zipfile) + 12)) == NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:3887:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for(i = strlen(tempzip); i > 0; i--) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:4080:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((n = malloc(strlen(filelist->name) + 1)) == NULL) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:4317:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (z->name && (z->name)[strlen(z->name) - 1] == '/') { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:4560:32: [1] (buffer) wcslen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((fnw = malloc((wcslen(z->znamew) + 120) * sizeof(wchar_t))) == NULL) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:4564:21: [1] (buffer) wcslen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (fnw[wcslen(fnw) - 1] == '/') data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:4571:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((fn = malloc(strlen(z->zname) + 120)) == NULL) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:4575:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (fn[strlen(fn) - 1] == '/') data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:4584:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((fn = malloc(strlen(z->zname) + 120)) == NULL) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:4592:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (fn[strlen(fn) - 1] == '/') data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:4719:16: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(strcat(errbuf, " "), args[i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:4727:16: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(strcat(errbuf, " "), args[i]); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:4820:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(tempzip, "-"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:4874:31: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((tempzip = malloc(strlen(tempath) + 12)) == NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:4879:11: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(tempzip, "/"); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:4884:31: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((tempzip = malloc(strlen(zipfile) + 12)) == NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:4888:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for(i = strlen(tempzip); i > 0; i--) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:5484:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((f->iname = malloc(strlen(f->uname) + 1)) == NULL) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:5718:39: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (z->comment = malloc(k = strlen(p)+1)) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:5736:42: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((p = malloc((extent)(k = strlen(e))+1)) == NULL) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:5797:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((p = malloc((k = strlen(e))+1)) == NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:5808:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (e[(r = strlen(e)) - 1] == '\n') data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:5810:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((p = malloc((*zcomment ? strlen(zcomment) + 3 : 1) + r)) == NULL) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:5826:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((p = malloc(strlen(szCommentBuf)+1)) == NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zip.c:5838:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). zcomlen = strlen(zcomment); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:376:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((t = malloc(strlen(s) + 5)) == NULL) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:497:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int ssize = strlen(strValue); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:829:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((iname = malloc(strlen(pZipListEntry->iname) + 1)) == NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:834:42: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). chksum = crc32(chksum, (uch *)(iname), strlen(iname)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:880:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(UPath, pTemp, ULen); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:934:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((iname = malloc(strlen(pZipListEntry->iname) + 1)) == NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:939:42: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). chksum = crc32(chksum, (uch *)(iname), strlen(iname)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:980:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(UPath, pTemp, ULen); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:1428:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ush ULen = strlen(pZEntry->uname); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:1511:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((inameLocal = malloc(strlen(pZEntry->iname) + 1)) == NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:1525:47: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). chksum = crc32(chksum, (uch *)(inameLocal), strlen(inameLocal)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:1560:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ush ULen = strlen(pZEntry->uname); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:1638:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((inameLocal = malloc(strlen(pZEntry->iname) + 1)) == NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:1652:47: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). chksum = crc32(chksum, (uch *)(inameLocal), strlen(inameLocal)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:1915:19: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while ((m = getc(f)) != EOF && m != 0x50) /* 0x50 == 'P' */ data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:2050:25: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while ((m = getc(f)) != EOF && m != 0x50) ; /* 0x50 == 'P' */ data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:2101:23: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while ((m = getc(f)) != EOF && m != 0x50) p++; /* 0x50 == 'P' */ data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:2844:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((z->zname = malloc(strlen(z->name) + 1)) == NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:2852:35: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((z->name = malloc(strlen(z->iname) + 1)) == NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:2856:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((z->zname = malloc(strlen(z->iname) + 1)) == NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:2881:32: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((z->oname = malloc(strlen(z->zname) + 1)) == NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:2965:7: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). m = getc(f); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:2977:16: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if ((m = getc(f)) == EOF) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:2986:18: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if ((m = getc(f)) == EOF) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:2998:18: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if ((m = getc(f)) == EOF) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:3014:9: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). m = getc(f); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:3234:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). plen = strlen(in_path); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:3238:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). plen -= strlen(vms_file_version(in_path)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:3806:38: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((z->uname = malloc(strlen(z->iname) + 1)) == NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:4200:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int plen = strlen(in_path); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:4210:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). plen -= strlen(vms_file_version(in_path)); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:4628:32: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((split_path = malloc(strlen(in_path) + 1)) == NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:4660:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((split_path = malloc(strlen(in_path) + 1)) == NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:4851:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((z->uname = malloc(strlen(z->iname) + 1)) == NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:4924:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((z->name = malloc(strlen(z->zname) + 1)) == NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:4951:32: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((name = malloc(strlen(z->iname) + 1)) == NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:4962:35: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((z->zuname = malloc(strlen(name) + 1)) == NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:4975:39: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((z->ouname = malloc(strlen(name) + 1)) == NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:4982:37: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((z->ouname = malloc(strlen(name) + 1)) == NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:5004:35: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((z->wuname = malloc(strlen(z->ouname) + 1)) == NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:5044:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((z->oname = malloc(strlen(z->zname) + 1)) == NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:5409:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). nam = strlen(z->uname); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:5460:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((oem = malloc(strlen(z->iname) + 1)) == NULL) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:5650:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). nam = strlen(z->uname); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:5761:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((oem = malloc(strlen(z->iname) + 1)) == NULL) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:5783:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((oem = malloc(strlen(z->comment) + 1)) == NULL) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:6202:39: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((localz->iname = malloc(strlen(localz->uname) + 1)) == NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:6275:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). z->nam = strlen(z->iname); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:6299:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). localz->nam = z->nam = strlen(z->iname); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:6302:33: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((localz->iname = malloc(strlen(z->iname) + 1)) == NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:6348:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((z->oname = malloc(strlen(localz->iname) + 1)) == NULL) { data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:6767:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). z->nam = strlen(z->iname); data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:6804:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (p[strlen(p) - 1] == '/') { /* keep VMS [x.y]z.dir;1 intact */ data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipfile.c:6805:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). p[strlen(p) - 1] = '\0'; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipup.c:322:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). q = a + strlen(a) - 1; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipup.c:324:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). q = a + strlen(a) - 1; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipup.c:326:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (p = s + strlen(s) - 1; p >= s; p--) data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipup.c:338:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). q = a + strlen(a) - 1; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipup.c:340:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). q = a + strlen(a) - 1; data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipup.c:369:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (p=s;p<=s+strlen(s)-3;p+=3) { /* p+=3 to skip 3 hex type */ data/boinc-7.16.15+dfsg.is.7.16.11+dfsg/zip/zip/zipup.c:427:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). z->nam = strlen(z->iname); ANALYSIS SUMMARY: Hits = 7308 Lines analyzed = 298538 in approximately 12.91 seconds (23133 lines/second) Physical Source Lines of Code (SLOC) = 214830 Hits@level = [0] 3114 [1] 1285 [2] 3523 [3] 133 [4] 2322 [5] 45 Hits@level+ = [0+] 10422 [1+] 7308 [2+] 6023 [3+] 2500 [4+] 2367 [5+] 45 Hits/KSLOC@level+ = [0+] 48.5128 [1+] 34.0176 [2+] 28.0361 [3+] 11.6371 [4+] 11.018 [5+] 0.209468 Symlinks skipped = 2 (--allowlink overrides but see doc for security issue) Dot directories skipped = 5 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.