Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/bsdgames-2.17/quiz/quiz.c
Examining data/bsdgames-2.17/quiz/rxp.c
Examining data/bsdgames-2.17/quiz/quiz.h
Examining data/bsdgames-2.17/bcd/bcd.c
Examining data/bsdgames-2.17/fish/fish.c
Examining data/bsdgames-2.17/caesar/caesar.c
Examining data/bsdgames-2.17/backgammon/backgammon/backlocal.h
Examining data/bsdgames-2.17/backgammon/backgammon/extra.c
Examining data/bsdgames-2.17/backgammon/backgammon/main.c
Examining data/bsdgames-2.17/backgammon/backgammon/text.c
Examining data/bsdgames-2.17/backgammon/backgammon/version.c
Examining data/bsdgames-2.17/backgammon/backgammon/move.c
Examining data/bsdgames-2.17/backgammon/teachgammon/tutor.h
Examining data/bsdgames-2.17/backgammon/teachgammon/teach.c
Examining data/bsdgames-2.17/backgammon/teachgammon/data.c
Examining data/bsdgames-2.17/backgammon/teachgammon/tutor.c
Examining data/bsdgames-2.17/backgammon/teachgammon/ttext1.c
Examining data/bsdgames-2.17/backgammon/teachgammon/ttext2.c
Examining data/bsdgames-2.17/backgammon/common_source/save.c
Examining data/bsdgames-2.17/backgammon/common_source/fancy.c
Examining data/bsdgames-2.17/backgammon/common_source/one.c
Examining data/bsdgames-2.17/backgammon/common_source/board.c
Examining data/bsdgames-2.17/backgammon/common_source/init.c
Examining data/bsdgames-2.17/backgammon/common_source/back.h
Examining data/bsdgames-2.17/backgammon/common_source/table.c
Examining data/bsdgames-2.17/backgammon/common_source/odds.c
Examining data/bsdgames-2.17/backgammon/common_source/subs.c
Examining data/bsdgames-2.17/backgammon/common_source/check.c
Examining data/bsdgames-2.17/backgammon/common_source/allow.c
Examining data/bsdgames-2.17/boggle/boggle/timer.c
Examining data/bsdgames-2.17/boggle/boggle/prtable.c
Examining data/bsdgames-2.17/boggle/boggle/help.c
Examining data/bsdgames-2.17/boggle/boggle/word.c
Examining data/bsdgames-2.17/boggle/boggle/bog.c
Examining data/bsdgames-2.17/boggle/boggle/extern.h
Examining data/bsdgames-2.17/boggle/boggle/mach.c
Examining data/bsdgames-2.17/boggle/mkindex/mkindex.c
Examining data/bsdgames-2.17/boggle/mkdict/mkdict.c
Examining data/bsdgames-2.17/banner/banner.c
Examining data/bsdgames-2.17/include/sys/endian.h
Examining data/bsdgames-2.17/include/sys/poll.h
Examining data/bsdgames-2.17/include/sys/ttydefaults.h
Examining data/bsdgames-2.17/include/sys/cdefs.h
Examining data/bsdgames-2.17/include/termios.h
Examining data/bsdgames-2.17/include/signal.h
Examining data/bsdgames-2.17/include/stdlib.h
Examining data/bsdgames-2.17/include/string.h
Examining data/bsdgames-2.17/include/stdio.h
Examining data/bsdgames-2.17/morse/morse.c
Examining data/bsdgames-2.17/sail/parties.c
Examining data/bsdgames-2.17/sail/display.h
Examining data/bsdgames-2.17/sail/extern.h
Examining data/bsdgames-2.17/sail/lo_main.c
Examining data/bsdgames-2.17/sail/dr_1.c
Examining data/bsdgames-2.17/sail/dr_2.c
Examining data/bsdgames-2.17/sail/dr_3.c
Examining data/bsdgames-2.17/sail/dr_4.c
Examining data/bsdgames-2.17/sail/dr_5.c
Examining data/bsdgames-2.17/sail/pl_1.c
Examining data/bsdgames-2.17/sail/pl_2.c
Examining data/bsdgames-2.17/sail/pl_3.c
Examining data/bsdgames-2.17/sail/pl_4.c
Examining data/bsdgames-2.17/sail/pl_5.c
Examining data/bsdgames-2.17/sail/pl_6.c
Examining data/bsdgames-2.17/sail/driver.h
Examining data/bsdgames-2.17/sail/player.h
Examining data/bsdgames-2.17/sail/pl_7.c
Examining data/bsdgames-2.17/sail/machdep.h
Examining data/bsdgames-2.17/sail/dr_main.c
Examining data/bsdgames-2.17/sail/game.c
Examining data/bsdgames-2.17/sail/sync.c
Examining data/bsdgames-2.17/sail/globals.c
Examining data/bsdgames-2.17/sail/main.c
Examining data/bsdgames-2.17/sail/version.c
Examining data/bsdgames-2.17/sail/restart.h
Examining data/bsdgames-2.17/sail/misc.c
Examining data/bsdgames-2.17/sail/pl_main.c
Examining data/bsdgames-2.17/sail/assorted.c
Examining data/bsdgames-2.17/pom/pom.c
Examining data/bsdgames-2.17/monop/trade.c
Examining data/bsdgames-2.17/monop/execute.c
Examining data/bsdgames-2.17/monop/morg.c
Examining data/bsdgames-2.17/monop/houses.c
Examining data/bsdgames-2.17/monop/malloc.c
Examining data/bsdgames-2.17/monop/rent.c
Examining data/bsdgames-2.17/monop/roll.c
Examining data/bsdgames-2.17/monop/deck.h
Examining data/bsdgames-2.17/monop/jail.c
Examining data/bsdgames-2.17/monop/prop.c
Examining data/bsdgames-2.17/monop/getinp.c
Examining data/bsdgames-2.17/monop/monop.c
Examining data/bsdgames-2.17/monop/initdeck.c
Examining data/bsdgames-2.17/monop/cards.c
Examining data/bsdgames-2.17/monop/spec.c
Examining data/bsdgames-2.17/monop/print.c
Examining data/bsdgames-2.17/monop/monop.h
Examining data/bsdgames-2.17/monop/misc.c
Examining data/bsdgames-2.17/arithmetic/arithmetic.c
Examining data/bsdgames-2.17/battlestar/command1.c
Examining data/bsdgames-2.17/battlestar/words.c
Examining data/bsdgames-2.17/battlestar/save.c
Examining data/bsdgames-2.17/battlestar/command2.c
Examining data/bsdgames-2.17/battlestar/command3.c
Examining data/bsdgames-2.17/battlestar/command4.c
Examining data/bsdgames-2.17/battlestar/command5.c
Examining data/bsdgames-2.17/battlestar/command6.c
Examining data/bsdgames-2.17/battlestar/init.c
Examining data/bsdgames-2.17/battlestar/battlestar.c
Examining data/bsdgames-2.17/battlestar/command7.c
Examining data/bsdgames-2.17/battlestar/nightfile.c
Examining data/bsdgames-2.17/battlestar/extern.h
Examining data/bsdgames-2.17/battlestar/parse.c
Examining data/bsdgames-2.17/battlestar/dayfile.c
Examining data/bsdgames-2.17/battlestar/getcom.c
Examining data/bsdgames-2.17/battlestar/globals.c
Examining data/bsdgames-2.17/battlestar/nightobjs.c
Examining data/bsdgames-2.17/battlestar/fly.c
Examining data/bsdgames-2.17/battlestar/cypher.c
Examining data/bsdgames-2.17/battlestar/dayobjs.c
Examining data/bsdgames-2.17/battlestar/misc.c
Examining data/bsdgames-2.17/battlestar/room.c
Examining data/bsdgames-2.17/hack/def.objclass.h
Examining data/bsdgames-2.17/hack/def.monst.h
Examining data/bsdgames-2.17/hack/hack.pri.c
Examining data/bsdgames-2.17/hack/alloc.c
Examining data/bsdgames-2.17/hack/hack.termcap.c
Examining data/bsdgames-2.17/hack/rnd.c
Examining data/bsdgames-2.17/hack/hack.wizard.c
Examining data/bsdgames-2.17/hack/def.mkroom.h
Examining data/bsdgames-2.17/hack/def.trap.h
Examining data/bsdgames-2.17/hack/extern.h
Examining data/bsdgames-2.17/hack/hack.objnam.c
Examining data/bsdgames-2.17/hack/hack.bones.c
Examining data/bsdgames-2.17/hack/makedefs.c
Examining data/bsdgames-2.17/hack/hack.read.c
Examining data/bsdgames-2.17/hack/def.edog.h
Examining data/bsdgames-2.17/hack/def.rm.h
Examining data/bsdgames-2.17/hack/hack.mklev.c
Examining data/bsdgames-2.17/hack/hack.topl.c
Examining data/bsdgames-2.17/hack/hack.unix.c
Examining data/bsdgames-2.17/hack/hack.version.c
Examining data/bsdgames-2.17/hack/hack.mhitu.c
Examining data/bsdgames-2.17/hack/hack.mon.c
Examining data/bsdgames-2.17/hack/hack.fight.c
Examining data/bsdgames-2.17/hack/hack.do.c
Examining data/bsdgames-2.17/hack/def.wseg.h
Examining data/bsdgames-2.17/hack/hack.track.c
Examining data/bsdgames-2.17/hack/hack.search.c
Examining data/bsdgames-2.17/hack/hack.steal.c
Examining data/bsdgames-2.17/hack/hack.ioctl.c
Examining data/bsdgames-2.17/hack/date.h
Examining data/bsdgames-2.17/hack/def.func_tab.h
Examining data/bsdgames-2.17/hack/hack.do_wear.c
Examining data/bsdgames-2.17/hack/hack.shknam.c
Examining data/bsdgames-2.17/hack/hack.shk.c
Examining data/bsdgames-2.17/hack/hack.worn.c
Examining data/bsdgames-2.17/hack/hack.u_init.c
Examining data/bsdgames-2.17/hack/hack.vault.c
Examining data/bsdgames-2.17/hack/hack.mkshop.c
Examining data/bsdgames-2.17/hack/hack.do_name.c
Examining data/bsdgames-2.17/hack/hack.cmd.c
Examining data/bsdgames-2.17/hack/hack.h
Examining data/bsdgames-2.17/hack/def.obj.h
Examining data/bsdgames-2.17/hack/hack.dog.c
Examining data/bsdgames-2.17/hack/hack.mfndpos.h
Examining data/bsdgames-2.17/hack/hack.tty.c
Examining data/bsdgames-2.17/hack/hack.mkmaze.c
Examining data/bsdgames-2.17/hack/hack.lev.c
Examining data/bsdgames-2.17/hack/def.objects.h
Examining data/bsdgames-2.17/hack/hack.engrave.c
Examining data/bsdgames-2.17/hack/hack.rip.c
Examining data/bsdgames-2.17/hack/hack.zap.c
Examining data/bsdgames-2.17/hack/hack.save.c
Examining data/bsdgames-2.17/hack/hack.monst.c
Examining data/bsdgames-2.17/hack/hack.mkobj.c
Examining data/bsdgames-2.17/hack/def.permonst.h
Examining data/bsdgames-2.17/hack/hack.wield.c
Examining data/bsdgames-2.17/hack/def.flag.h
Examining data/bsdgames-2.17/hack/def.gen.h
Examining data/bsdgames-2.17/hack/hack.trap.c
Examining data/bsdgames-2.17/hack/hack.Decl.c
Examining data/bsdgames-2.17/hack/def.gold.h
Examining data/bsdgames-2.17/hack/hack.worm.c
Examining data/bsdgames-2.17/hack/hack.makemon.c
Examining data/bsdgames-2.17/hack/def.eshk.h
Examining data/bsdgames-2.17/hack/config.h
Examining data/bsdgames-2.17/hack/hack.c
Examining data/bsdgames-2.17/hack/hack.apply.c
Examining data/bsdgames-2.17/hack/hack.eat.c
Examining data/bsdgames-2.17/hack/hack.end.c
Examining data/bsdgames-2.17/hack/hack.invent.c
Examining data/bsdgames-2.17/hack/hack.main.c
Examining data/bsdgames-2.17/hack/hack.options.c
Examining data/bsdgames-2.17/hack/hack.pager.c
Examining data/bsdgames-2.17/hack/hack.potion.c
Examining data/bsdgames-2.17/hack/hack.rumors.c
Examining data/bsdgames-2.17/hack/hack.timeout.c
Examining data/bsdgames-2.17/hack/hack.o_init.c
Examining data/bsdgames-2.17/tetris/input.c
Examining data/bsdgames-2.17/tetris/screen.c
Examining data/bsdgames-2.17/tetris/tetris.h
Examining data/bsdgames-2.17/tetris/scores.h
Examining data/bsdgames-2.17/tetris/shapes.c
Examining data/bsdgames-2.17/tetris/input.h
Examining data/bsdgames-2.17/tetris/screen.h
Examining data/bsdgames-2.17/tetris/tetris.c
Examining data/bsdgames-2.17/tetris/scores.c
Examining data/bsdgames-2.17/hunt/huntd/ctl_transact.c
Examining data/bsdgames-2.17/hunt/huntd/get_names.c
Examining data/bsdgames-2.17/hunt/huntd/answer.c
Examining data/bsdgames-2.17/hunt/huntd/shots.c
Examining data/bsdgames-2.17/hunt/huntd/execute.c
Examining data/bsdgames-2.17/hunt/huntd/talk_ctl.h
Examining data/bsdgames-2.17/hunt/huntd/extern.c
Examining data/bsdgames-2.17/hunt/huntd/expl.c
Examining data/bsdgames-2.17/hunt/huntd/terminal.c
Examining data/bsdgames-2.17/hunt/huntd/bsd.h
Examining data/bsdgames-2.17/hunt/huntd/faketalk.c
Examining data/bsdgames-2.17/hunt/huntd/ctl.c
Examining data/bsdgames-2.17/hunt/huntd/hunt.h
Examining data/bsdgames-2.17/hunt/huntd/makemaze.c
Examining data/bsdgames-2.17/hunt/huntd/driver.c
Examining data/bsdgames-2.17/hunt/huntd/draw.c
Examining data/bsdgames-2.17/hunt/huntd/pathname.c
Examining data/bsdgames-2.17/hunt/hunt/otto.c
Examining data/bsdgames-2.17/hunt/hunt/connect.c
Examining data/bsdgames-2.17/hunt/hunt/playit.c
Examining data/bsdgames-2.17/hunt/hunt/hunt.c
Examining data/bsdgames-2.17/factor/factor.c
Examining data/bsdgames-2.17/dab/gamescreen.cc
Examining data/bsdgames-2.17/dab/player.cc
Examining data/bsdgames-2.17/dab/player.h
Examining data/bsdgames-2.17/dab/algor.cc
Examining data/bsdgames-2.17/dab/algor.h
Examining data/bsdgames-2.17/dab/ttyscrn.cc
Examining data/bsdgames-2.17/dab/human.cc
Examining data/bsdgames-2.17/dab/ttyscrn.h
Examining data/bsdgames-2.17/dab/human.h
Examining data/bsdgames-2.17/dab/test.cc
Examining data/bsdgames-2.17/dab/random.cc
Examining data/bsdgames-2.17/dab/random.h
Examining data/bsdgames-2.17/dab/defs.h
Examining data/bsdgames-2.17/dab/main.cc
Examining data/bsdgames-2.17/dab/board.cc
Examining data/bsdgames-2.17/dab/box.cc
Examining data/bsdgames-2.17/dab/board.h
Examining data/bsdgames-2.17/dab/box.h
Examining data/bsdgames-2.17/dab/gamescreen.h
Examining data/bsdgames-2.17/wump/wump.c
Examining data/bsdgames-2.17/number/number.c
Examining data/bsdgames-2.17/rain/rain.c
Examining data/bsdgames-2.17/cribbage/cribcur.h
Examining data/bsdgames-2.17/cribbage/instr.c
Examining data/bsdgames-2.17/cribbage/extern.c
Examining data/bsdgames-2.17/cribbage/support.c
Examining data/bsdgames-2.17/cribbage/score.c
Examining data/bsdgames-2.17/cribbage/deck.h
Examining data/bsdgames-2.17/cribbage/cards.c
Examining data/bsdgames-2.17/cribbage/crib.c
Examining data/bsdgames-2.17/cribbage/cribbage.h
Examining data/bsdgames-2.17/cribbage/io.c
Examining data/bsdgames-2.17/primes/spsp.c
Examining data/bsdgames-2.17/primes/pattern.c
Examining data/bsdgames-2.17/primes/pr_tbl.c
Examining data/bsdgames-2.17/primes/primes.c
Examining data/bsdgames-2.17/primes/primes.h
Examining data/bsdgames-2.17/dm/utmpentry.c
Examining data/bsdgames-2.17/dm/utmpentry.h
Examining data/bsdgames-2.17/dm/dm.c
Examining data/bsdgames-2.17/ppt/ppt.c
Examining data/bsdgames-2.17/trek/autover.c
Examining data/bsdgames-2.17/trek/computer.c
Examining data/bsdgames-2.17/trek/dumpgame.c
Examining data/bsdgames-2.17/trek/abandon.c
Examining data/bsdgames-2.17/trek/nova.c
Examining data/bsdgames-2.17/trek/attack.c
Examining data/bsdgames-2.17/trek/out.c
Examining data/bsdgames-2.17/trek/shield.c
Examining data/bsdgames-2.17/trek/score.c
Examining data/bsdgames-2.17/trek/dcrept.c
Examining data/bsdgames-2.17/trek/dock.c
Examining data/bsdgames-2.17/trek/systemname.c
Examining data/bsdgames-2.17/trek/getpar.c
Examining data/bsdgames-2.17/trek/lrscan.c
Examining data/bsdgames-2.17/trek/phaser.c
Examining data/bsdgames-2.17/trek/setwarp.c
Examining data/bsdgames-2.17/trek/getpar.h
Examining data/bsdgames-2.17/trek/dumpme.c
Examining data/bsdgames-2.17/trek/kill.c
Examining data/bsdgames-2.17/trek/klmove.c
Examining data/bsdgames-2.17/trek/lose.c
Examining data/bsdgames-2.17/trek/check_out.c
Examining data/bsdgames-2.17/trek/capture.c
Examining data/bsdgames-2.17/trek/visual.c
Examining data/bsdgames-2.17/trek/events.c
Examining data/bsdgames-2.17/trek/initquad.c
Examining data/bsdgames-2.17/trek/play.c
Examining data/bsdgames-2.17/trek/move.c
Examining data/bsdgames-2.17/trek/warp.c
Examining data/bsdgames-2.17/trek/trek.h
Examining data/bsdgames-2.17/trek/rest.c
Examining data/bsdgames-2.17/trek/checkcond.c
Examining data/bsdgames-2.17/trek/impulse.c
Examining data/bsdgames-2.17/trek/getcodi.c
Examining data/bsdgames-2.17/trek/damage.c
Examining data/bsdgames-2.17/trek/ram.c
Examining data/bsdgames-2.17/trek/dumpssradio.c
Examining data/bsdgames-2.17/trek/damaged.c
Examining data/bsdgames-2.17/trek/main.c
Examining data/bsdgames-2.17/trek/cgetc.c
Examining data/bsdgames-2.17/trek/compkl.c
Examining data/bsdgames-2.17/trek/ranf.c
Examining data/bsdgames-2.17/trek/snova.c
Examining data/bsdgames-2.17/trek/help.c
Examining data/bsdgames-2.17/trek/externs.c
Examining data/bsdgames-2.17/trek/srscan.c
Examining data/bsdgames-2.17/trek/schedule.c
Examining data/bsdgames-2.17/trek/destruct.c
Examining data/bsdgames-2.17/trek/torped.c
Examining data/bsdgames-2.17/trek/win.c
Examining data/bsdgames-2.17/trek/setup.c
Examining data/bsdgames-2.17/lib/getprogname.c
Examining data/bsdgames-2.17/lib/strlcpy.c
Examining data/bsdgames-2.17/lib/fgetln.c
Examining data/bsdgames-2.17/lib/getloadavg.c
Examining data/bsdgames-2.17/robots/rnd_pos.c
Examining data/bsdgames-2.17/robots/make_level.c
Examining data/bsdgames-2.17/robots/query.c
Examining data/bsdgames-2.17/robots/extern.c
Examining data/bsdgames-2.17/robots/init_field.c
Examining data/bsdgames-2.17/robots/flush_in.c
Examining data/bsdgames-2.17/robots/auto.c
Examining data/bsdgames-2.17/robots/score.c
Examining data/bsdgames-2.17/robots/robots.h
Examining data/bsdgames-2.17/robots/main.c
Examining data/bsdgames-2.17/robots/move_robs.c
Examining data/bsdgames-2.17/robots/play_level.c
Examining data/bsdgames-2.17/robots/move.c
Examining data/bsdgames-2.17/pig/pig.c
Examining data/bsdgames-2.17/random/random.c
Examining data/bsdgames-2.17/fortune/fortune/fortune.c
Examining data/bsdgames-2.17/fortune/strfile/strfile.c
Examining data/bsdgames-2.17/fortune/strfile/strfile.h
Examining data/bsdgames-2.17/fortune/unstr/unstr.c
Examining data/bsdgames-2.17/worm/worm.c
Examining data/bsdgames-2.17/adventure/wizard.c
Examining data/bsdgames-2.17/adventure/save.c
Examining data/bsdgames-2.17/adventure/setup.c
Examining data/bsdgames-2.17/adventure/init.c
Examining data/bsdgames-2.17/adventure/extern.h
Examining data/bsdgames-2.17/adventure/io.c
Examining data/bsdgames-2.17/adventure/subr.c
Examining data/bsdgames-2.17/adventure/vocab.c
Examining data/bsdgames-2.17/adventure/hdr.h
Examining data/bsdgames-2.17/adventure/main.c
Examining data/bsdgames-2.17/adventure/done.c
Examining data/bsdgames-2.17/adventure/crc.c
Examining data/bsdgames-2.17/snake/snake/snake.c
Examining data/bsdgames-2.17/snake/snscore/snscore.c
Examining data/bsdgames-2.17/gomoku/makemove.c
Examining data/bsdgames-2.17/gomoku/stoc.c
Examining data/bsdgames-2.17/gomoku/bdinit.c
Examining data/bsdgames-2.17/gomoku/pickmove.c
Examining data/bsdgames-2.17/gomoku/bdisp.c
Examining data/bsdgames-2.17/gomoku/gomoku.h
Examining data/bsdgames-2.17/gomoku/main.c
Examining data/bsdgames-2.17/mille/mille.c
Examining data/bsdgames-2.17/mille/save.c
Examining data/bsdgames-2.17/mille/comp.c
Examining data/bsdgames-2.17/mille/varpush.c
Examining data/bsdgames-2.17/mille/init.c
Examining data/bsdgames-2.17/mille/types.c
Examining data/bsdgames-2.17/mille/extern.c
Examining data/bsdgames-2.17/mille/move.c
Examining data/bsdgames-2.17/mille/end.c
Examining data/bsdgames-2.17/mille/mille.h
Examining data/bsdgames-2.17/mille/roll.c
Examining data/bsdgames-2.17/mille/table.c
Examining data/bsdgames-2.17/mille/print.c
Examining data/bsdgames-2.17/mille/misc.c
Examining data/bsdgames-2.17/canfield/canfield/canfield.c
Examining data/bsdgames-2.17/canfield/cfscores/cfscores.c
Examining data/bsdgames-2.17/atc/tunable.h
Examining data/bsdgames-2.17/atc/input.c
Examining data/bsdgames-2.17/atc/graphics.c
Examining data/bsdgames-2.17/atc/def.h
Examining data/bsdgames-2.17/atc/extern.c
Examining data/bsdgames-2.17/atc/extern.h
Examining data/bsdgames-2.17/atc/list.c
Examining data/bsdgames-2.17/atc/log.c
Examining data/bsdgames-2.17/atc/main.c
Examining data/bsdgames-2.17/atc/include.h
Examining data/bsdgames-2.17/atc/struct.h
Examining data/bsdgames-2.17/atc/tunable.c
Examining data/bsdgames-2.17/atc/update.c
Examining data/bsdgames-2.17/worms/worms.c
Examining data/bsdgames-2.17/phantasia/io.c
Examining data/bsdgames-2.17/phantasia/interplayer.c
Examining data/bsdgames-2.17/phantasia/phantglobs.c
Examining data/bsdgames-2.17/phantasia/setup.c
Examining data/bsdgames-2.17/phantasia/fight.c
Examining data/bsdgames-2.17/phantasia/gamesupport.c
Examining data/bsdgames-2.17/phantasia/phantglobs.h
Examining data/bsdgames-2.17/phantasia/phantdefs.h
Examining data/bsdgames-2.17/phantasia/map.c
Examining data/bsdgames-2.17/phantasia/main.c
Examining data/bsdgames-2.17/phantasia/phantstruct.h
Examining data/bsdgames-2.17/phantasia/include.h
Examining data/bsdgames-2.17/phantasia/macros.h
Examining data/bsdgames-2.17/phantasia/misc.c
Examining data/bsdgames-2.17/hangman/hangman.h
Examining data/bsdgames-2.17/hangman/playgame.c
Examining data/bsdgames-2.17/hangman/endgame.c
Examining data/bsdgames-2.17/hangman/setup.c
Examining data/bsdgames-2.17/hangman/main.c
Examining data/bsdgames-2.17/hangman/extern.c
Examining data/bsdgames-2.17/hangman/getguess.c
Examining data/bsdgames-2.17/hangman/prdata.c
Examining data/bsdgames-2.17/hangman/prman.c
Examining data/bsdgames-2.17/hangman/prword.c
Examining data/bsdgames-2.17/hangman/getword.c
FINAL RESULTS:
data/bsdgames-2.17/fortune/fortune/fortune.c:266:10: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
(void) chmod(Fortfile->path, 0666);
data/bsdgames-2.17/mille/varpush.c:93:4: [5] (buffer) gets:
Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead.
gets(buf);
data/bsdgames-2.17/adventure/extern.h:118:28: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
#define copystr(src, dest) strcpy((dest), (src))
data/bsdgames-2.17/adventure/setup.c:83:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, USAGE);
data/bsdgames-2.17/adventure/wizard.c:80:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(magic, DECR('d', 'w', 'a', 'r', 'f'));
data/bsdgames-2.17/atc/input.c:211:8: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
(void)sprintf(T_STR, st[T_STATE].rule[ruleno].str, tval);
data/bsdgames-2.17/atc/input.c:325:6: [4] (shell) execl:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execl(shell, base, (char *) 0);
data/bsdgames-2.17/atc/input.c:328:6: [4] (shell) execl:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execl(_PATH_BSHELL, "sh", (char *) 0);
data/bsdgames-2.17/atc/log.c:164:10: [4] (buffer) fscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
good = fscanf(score_fp, SCORE_SCANF_FMT,
data/bsdgames-2.17/atc/log.c:181:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(thisscore.name, pw->pw_name);
data/bsdgames-2.17/atc/log.c:191:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(thisscore.game, cp);
data/bsdgames-2.17/atc/main.c:125:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, _PATH_GAMES);
data/bsdgames-2.17/atc/main.c:238:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(games, _PATH_GAMES);
data/bsdgames-2.17/atc/main.c:239:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(games, GAMES);
data/bsdgames-2.17/atc/main.c:251:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(file, _PATH_GAMES);
data/bsdgames-2.17/atc/main.c:252:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(file, line);
data/bsdgames-2.17/atc/main.c:265:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(games, _PATH_GAMES);
data/bsdgames-2.17/atc/main.c:266:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(games, GAMES);
data/bsdgames-2.17/atc/main.c:275:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(file, _PATH_GAMES);
data/bsdgames-2.17/atc/main.c:276:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(file, line);
data/bsdgames-2.17/atc/main.c:299:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(games, _PATH_GAMES);
data/bsdgames-2.17/atc/main.c:300:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(games, GAMES);
data/bsdgames-2.17/backgammon/backgammon/main.c:155:5: [4] (shell) execl:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execl(TEACH, "teachgammon", args[1]?args:0,
data/bsdgames-2.17/backgammon/common_source/board.c:64:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ln, bl);
data/bsdgames-2.17/backgammon/common_source/board.c:74:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ln, sv);
data/bsdgames-2.17/backgammon/common_source/board.c:104:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ln, bl);
data/bsdgames-2.17/backgammon/common_source/board.c:109:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ln, sv);
data/bsdgames-2.17/backgammon/common_source/board.c:140:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ln, bl);
data/bsdgames-2.17/backgammon/teachgammon/teach.c:155:2: [4] (shell) execl:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execl(EXEC, "backgammon", "-n", args[1]?args:0, (char *) 0);
data/bsdgames-2.17/banner/banner.c:1069:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(message, *argv);
data/bsdgames-2.17/banner/banner.c:1072:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(message, *argv);
data/bsdgames-2.17/battlestar/command4.c:217:58: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
deposit = location[position].up * (location[position].access || position == FINAL);
data/bsdgames-2.17/battlestar/cypher.c:72:27: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (location[position].access || wiz || tempwiz) {
data/bsdgames-2.17/battlestar/cypher.c:73:29: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (!location[position].access)
data/bsdgames-2.17/battlestar/extern.h:248:9: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
#define access link[5]
data/bsdgames-2.17/battlestar/parse.c:126:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(words[i - 1], words[i]);
data/bsdgames-2.17/battlestar/parse.c:146:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(words[i - 1], words[i]);
data/bsdgames-2.17/battlestar/parse.c:167:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tmpword, words[n - 1]);
data/bsdgames-2.17/battlestar/parse.c:168:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(words[n - 1], words[n + 1]);
data/bsdgames-2.17/battlestar/parse.c:169:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(words[n + 1], tmpword);
data/bsdgames-2.17/battlestar/parse.c:180:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(words[i - 1], words[i + 1]);
data/bsdgames-2.17/boggle/boggle/bog.c:398:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void) strcpy(pwordsp, buf);
data/bsdgames-2.17/cribbage/crib.c:153:7: [4] (misc) getlogin:
It's often easy to fool getlogin. Sometimes it does not work at all,
because some program messed up the utmp file. Often, it gives only the
first 8 characters of the login name. The user currently logged in on the
controlling tty of our program need not be the user who started it. Avoid
getlogin() for security-related purposes (CWE-807). Use getpwuid(geteuid())
and extract the desired information instead.
getlogin(), cgames, pgames);
data/bsdgames-2.17/cribbage/instr.c:88:3: [4] (shell) execl:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execl("/bin/sh", "sh", "-c", path, (char *) NULL);
data/bsdgames-2.17/cribbage/io.c:391:8: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
(void)vsprintf(&Msgbuf[Newpos], fmt, ap);
data/bsdgames-2.17/cribbage/io.c:407:8: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
(void)vsprintf(&Msgbuf[Newpos], fmt, ap);
data/bsdgames-2.17/cribbage/score.c:161:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(explan, buf);
data/bsdgames-2.17/cribbage/score.c:171:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(explan, buf);
data/bsdgames-2.17/cribbage/support.c:136:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(prompt, "Your %s scores ", s);
data/bsdgames-2.17/dab/board.cc:256:5: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, s, ap);
data/bsdgames-2.17/dm/dm.c:118:2: [4] (shell) execv:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execv(pbuf, args);
data/bsdgames-2.17/factor/factor.c:270:2: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, buf);
data/bsdgames-2.17/fish/fish.c:475:9: [4] (shell) execl:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
(void)execl("/bin/sh", "sh", "-c", pager, (char *) NULL);
data/bsdgames-2.17/fortune/fortune/fortune.c:79:39: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
# define DPRINTF(l,x) if (Debug >= l) fprintf x; else
data/bsdgames-2.17/fortune/fortune/fortune.c:526:10: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
(void) strcat(strcat(strcpy(tpath, dir), "/"), file);
data/bsdgames-2.17/fortune/fortune/fortune.c:526:24: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void) strcat(strcat(strcpy(tpath, dir), "/"), file);
data/bsdgames-2.17/fortune/fortune/fortune.c:623:22: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
fp->was_pos_file = (access(fp->posfile, W_OK) >= 0);
data/bsdgames-2.17/fortune/fortune/fortune.c:731:27: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
obscene->was_pos_file = (access(obscene->posfile, W_OK) >= 0);
data/bsdgames-2.17/fortune/fortune/fortune.c:847:6: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(datfile, R_OK) < 0) {
data/bsdgames-2.17/fortune/strfile/strfile.c:329:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void) strcpy(Outfile, *argv);
data/bsdgames-2.17/fortune/strfile/strfile.c:336:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void) strcpy(Outfile, Infile);
data/bsdgames-2.17/fortune/strfile/strfile.c:363:2: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, fmt, file);
data/bsdgames-2.17/fortune/unstr/unstr.c:125:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void) strcpy(Datafile, Infile);
data/bsdgames-2.17/gomoku/main.c:181:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fmtbuf,
data/bsdgames-2.17/gomoku/main.c:283:4: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(fmtbuf, fmt[color], movenum, stoc(curmove));
data/bsdgames-2.17/gomoku/main.c:393:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fmtbuf, "suggest %c %s", i == BLACK ? 'B' : 'W',
data/bsdgames-2.17/gomoku/main.c:441:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "overlap %s%c,", stoc(s1), pdir[d1]);
data/bsdgames-2.17/gomoku/main.c:443:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "%s%c = %x", stoc(s2), pdir[d2], overlap[n]);
data/bsdgames-2.17/gomoku/main.c:448:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fmtbuf, "V %s %x/%d %d %x/%d %d %d %x", stoc(i),
data/bsdgames-2.17/gomoku/main.c:454:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fmtbuf, "FB %s %x %x %x %x", stoc(i),
data/bsdgames-2.17/gomoku/main.c:458:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fmtbuf, "FW %s %x %x %x %x", stoc(i),
data/bsdgames-2.17/gomoku/pickmove.c:104:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fmtbuf, "- %s %x/%d %d %x/%d %d %d", stoc(sp - board),
data/bsdgames-2.17/gomoku/pickmove.c:121:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fmtbuf, "B %s %x/%d %d %x/%d %d %d",
data/bsdgames-2.17/gomoku/pickmove.c:128:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fmtbuf, "W %s %x/%d %d %x/%d %d %d",
data/bsdgames-2.17/gomoku/pickmove.c:682:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fmtbuf, "loop: %c %s", "BW"[curcolor],
data/bsdgames-2.17/gomoku/pickmove.c:935:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fmtbuf, "e %s o%d i%d c%d m%x %x",
data/bsdgames-2.17/gomoku/pickmove.c:1237:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fmtbuf, "sortc: %s%c l%d", stoc(fcbp->c_vertex),
data/bsdgames-2.17/gomoku/pickmove.c:1242:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, " %s%c", stoc((*cpp)->c_vertex),
data/bsdgames-2.17/gomoku/pickmove.c:1300:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, " %s%c", stoc((*cpp)->c_vertex),
data/bsdgames-2.17/gomoku/pickmove.c:1310:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, " %s%c", stoc((*cpp)->c_vertex),
data/bsdgames-2.17/gomoku/pickmove.c:1347:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, " %s%c%x", stoc(tcbp->c_vertex), pdir[tcbp->c_dir],
data/bsdgames-2.17/gomoku/pickmove.c:1351:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, " %s%c", stoc(cbp->c_vertex), pdir[cbp->c_dir]);
data/bsdgames-2.17/hack/hack.bones.c:117:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void) strcpy((char *) mtmp->mextra, plname);
data/bsdgames-2.17/hack/hack.do_name.c:158:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void) strcpy(NAME(mtmp2), buf);
data/bsdgames-2.17/hack/hack.do_name.c:188:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void) strcpy(ONAME(otmp2), buf);
data/bsdgames-2.17/hack/hack.do_name.c:255:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void) strcpy(str, buf);
data/bsdgames-2.17/hack/hack.do_name.c:276:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void) strcpy(buf, NAME(mtmp));
data/bsdgames-2.17/hack/hack.do_name.c:287:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((char *) mtmp->mextra, !rn2(5) ? plname : gn);
data/bsdgames-2.17/hack/hack.do_name.c:289:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(buf, "%s's ghost", gn);
data/bsdgames-2.17/hack/hack.do_name.c:294:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void) strcpy(buf, shkname(mtmp));
data/bsdgames-2.17/hack/hack.do_name.c:299:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(buf, "the %s%s",
data/bsdgames-2.17/hack/hack.do_name.c:305:10: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
(void) strcat(buf, NAME(mtmp));
data/bsdgames-2.17/hack/hack.do_name.c:344:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(buf, "the %s %s", adj, bp);
data/bsdgames-2.17/hack/hack.dog.c:521:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void) strcpy(NAME(mtmp2), NAME(mtmp));
data/bsdgames-2.17/hack/hack.eat.c:333:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(msgbuf, "You finished eating the %s.",
data/bsdgames-2.17/hack/hack.end.c:74:24: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
#define Sprintf (void) sprintf
data/bsdgames-2.17/hack/hack.end.c:363:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void) strcpy(t0->date, getdate());
data/bsdgames-2.17/hack/hack.end.c:556:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void) strcpy(bp, hpbuf);
data/bsdgames-2.17/hack/hack.engrave.c:199:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void) strcpy(ep->engr_txt, s);
data/bsdgames-2.17/hack/hack.engrave.c:331:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void) strcpy(sp, oep->engr_txt);
data/bsdgames-2.17/hack/hack.engrave.c:332:10: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
(void) strcat(sp, buf);
data/bsdgames-2.17/hack/hack.engrave.c:335:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void) strcpy(sp, buf);
data/bsdgames-2.17/hack/hack.fight.c:104:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(buf, "%s %s", Monnam(magr),
data/bsdgames-2.17/hack/hack.invent.c:449:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void) strcpy(lets, bp);/* necessary since we destroy buf */
data/bsdgames-2.17/hack/hack.invent.c:730:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(li, "%c - %s.",
data/bsdgames-2.17/hack/hack.invent.c:894:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(gbuf, "%ld gold piece%s",
data/bsdgames-2.17/hack/hack.main.c:162:24: [4] (misc) getlogin:
It's often easy to fool getlogin. Sometimes it does not work at all,
because some program messed up the utmp file. Often, it gives only the
first 8 characters of the login name. The user currently logged in on the
controlling tty of our program need not be the user who started it. Avoid
getlogin() for security-related purposes (CWE-807). Use getpwuid(geteuid())
and extract the desired information instead.
if (!*plname && (s = getlogin()))
data/bsdgames-2.17/hack/hack.main.c:279:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void) strcpy(lock, plname);
data/bsdgames-2.17/hack/hack.main.c:284:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void) strcpy(lock, plname);
data/bsdgames-2.17/hack/hack.main.c:305:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void) strcpy(genocided, sfoo);
data/bsdgames-2.17/hack/hack.main.c:306:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void) strcpy(fut_geno, genocided);
data/bsdgames-2.17/hack/hack.main.c:311:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(SAVEF, "save/%d%s", getuid(), plname);
data/bsdgames-2.17/hack/hack.objnam.c:72:24: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
#define Sprintf (void) sprintf
data/bsdgames-2.17/hack/hack.objnam.c:73:24: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
#define Strcat (void) strcat
data/bsdgames-2.17/hack/hack.objnam.c:74:23: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
#define Strcpy (void) strcpy
data/bsdgames-2.17/hack/hack.options.c:248:10: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
(void) strcat(buf, flags.female ? "female," : "male,");
data/bsdgames-2.17/hack/hack.pager.c:291:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void) strcpy(tl->line_text, text);
data/bsdgames-2.17/hack/hack.pager.c:393:5: [4] (shell) execl:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execl(catmore, "page", (char *) 0);
data/bsdgames-2.17/hack/hack.pager.c:429:4: [4] (shell) execl:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execl(str, str, (char *) 0);
data/bsdgames-2.17/hack/hack.pager.c:431:4: [4] (shell) execl:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execl("/bin/sh", "sh", (char *) 0);
data/bsdgames-2.17/hack/hack.pri.c:110:2: [4] (format) vprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vprintf(fmt, ap);
data/bsdgames-2.17/hack/hack.pri.c:758:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
(void) strcat(newbot, hu_stat[u.uhs]);
data/bsdgames-2.17/hack/hack.pri.c:780:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void) strcpy(oldbot, newbot);
data/bsdgames-2.17/hack/hack.rip.c:94:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void) strcpy(buf, plname);
data/bsdgames-2.17/hack/hack.rip.c:99:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(buf, "killed by%s",
data/bsdgames-2.17/hack/hack.rip.c:104:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void) strcpy(buf, killer);
data/bsdgames-2.17/hack/hack.rip.c:133:2: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(ripmid, 8 + n, text, 8 - n, "");
data/bsdgames-2.17/hack/hack.shk.c:841:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(buf, "x - %s", doname(obj));
data/bsdgames-2.17/hack/hack.topl.c:90:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void) strcpy(toplines, last_redone_topl->topl_text);
data/bsdgames-2.17/hack/hack.topl.c:127:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void) strcpy(tl->topl_text, toplines);
data/bsdgames-2.17/hack/hack.topl.c:224:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void) strcpy(pbuf, line);
data/bsdgames-2.17/hack/hack.topl.c:226:10: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
(void) vsprintf(pbuf, line, ap);
data/bsdgames-2.17/hack/hack.topl.c:239:10: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
(void) strcat(toplines, bp);
data/bsdgames-2.17/hack/hack.tty.c:209:2: [4] (format) vprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vprintf(fmt, ap);
data/bsdgames-2.17/hack/hack.u_init.c:75:23: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
#define Strcpy (void) strcpy
data/bsdgames-2.17/hack/hack.u_init.c:76:23: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
#define Strcat (void) strcat
data/bsdgames-2.17/hack/hack.unix.c:196:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void) strcpy(filename, name);
data/bsdgames-2.17/hack/hack.unix.c:200:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void) strcpy(filename + (np - path) + 1, name);
data/bsdgames-2.17/hack/hack.unix.c:510:3: [4] (shell) execl:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execl(mr, mr, (char *) 0);
data/bsdgames-2.17/hunt/hunt/connect.c:58:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void) strcpy(Buf, ttyname(fileno(stderr)));
data/bsdgames-2.17/hunt/hunt/hunt.c:344:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void) strcpy(Daemon.sun_path, Sock_name);
data/bsdgames-2.17/hunt/hunt/hunt.c:723:4: [4] (shell) execl:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execl(Driver, "HUNT", (char *) NULL);
data/bsdgames-2.17/hunt/hunt/hunt.c:726:4: [4] (shell) execl:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execl(Driver, "HUNT", "-p", use_port, (char *) NULL);
data/bsdgames-2.17/hunt/huntd/answer.c:129:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(buf, "%s: ", name);
data/bsdgames-2.17/hunt/huntd/answer.c:131:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(buf, "%s[%c]: ", name, team);
data/bsdgames-2.17/hunt/huntd/driver.c:307:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void) strcpy(Daemon.sun_path, Stat_name);
data/bsdgames-2.17/hunt/huntd/driver.c:347:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void) strcpy(Daemon.sun_path, Sock_name);
data/bsdgames-2.17/hunt/huntd/driver.c:553:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(ouch->p_death, "| %s by %s |", cp,
data/bsdgames-2.17/hunt/huntd/driver.c:559:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(ouch->p_death, "| %s by %s |", cp, credit->i_name);
data/bsdgames-2.17/hunt/huntd/driver.c:683:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(Buf, "%s detonated.",
data/bsdgames-2.17/hunt/huntd/faketalk.c:168:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(buf, "HELO HuntGame@%s\r\n", my_machine_name);
data/bsdgames-2.17/hunt/huntd/faketalk.c:171:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(buf, "EXPN %s@%s\r\n", RENDEZVOUS, my_machine_name);
data/bsdgames-2.17/mille/save.c:73:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, Fromfile);
data/bsdgames-2.17/mille/save.c:127:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, ctime(tp));
data/bsdgames-2.17/mille/save.c:163:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, ctime(&sbuf.st_mtime));
data/bsdgames-2.17/mille/save.c:170:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void)sprintf(Initstr, "%s [%s]\n", file, buf);
data/bsdgames-2.17/monop/execute.c:205:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, ctime(&t));
data/bsdgames-2.17/monop/execute.c:266:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, ctime(&sbuf.st_mtime));
data/bsdgames-2.17/monop/houses.c:136:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void)sprintf(cur_prop, "%s (%d): ",
data/bsdgames-2.17/monop/houses.c:239:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void)sprintf(cur_prop,"%s (%d): ",
data/bsdgames-2.17/monop/houses.c:242:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void)sprintf(cur_prop,"%s (H): ",mp->sq[i]->name);
data/bsdgames-2.17/monop/monop.c:133:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(play[i].name, buf);
data/bsdgames-2.17/monop/prop.c:181:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void)sprintf(buf, "%s: ", name_list[i]);
data/bsdgames-2.17/phantasia/fight.c:882:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Curmonster.m_name, Othermonster.m_name);
data/bsdgames-2.17/phantasia/gamesupport.c:189:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(playerp->p_name, Databuf);
data/bsdgames-2.17/phantasia/gamesupport.c:542:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(sbuf.sb_login, Player.p_login);
data/bsdgames-2.17/phantasia/gamesupport.c:543:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(sbuf.sb_name, Player.p_name);
data/bsdgames-2.17/phantasia/gamesupport.c:545:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(sbuf.sb_type, descrtype(&Player, TRUE));
data/bsdgames-2.17/phantasia/main.c:167:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Player.p_login, Login);
data/bsdgames-2.17/phantasia/main.c:289:15: [4] (misc) getlogin:
It's often easy to fool getlogin. Sometimes it does not work at all,
because some program messed up the utmp file. Often, it gives only the
first 8 characters of the login name. The user currently logged in on the
controlling tty of our program need not be the user who started it. Avoid
getlogin() for security-related purposes (CWE-807). Use getpwuid(geteuid())
and extract the desired information instead.
if ((Login = getlogin()) == NULL)
data/bsdgames-2.17/phantasia/main.c:653:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Databuf, "The present ruler is %s Level:%.0f",
data/bsdgames-2.17/phantasia/main.c:668:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Databuf, "The Valar is %s Login: %s", Other.p_name, Other.p_login);
data/bsdgames-2.17/phantasia/main.c:684:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Databuf, "%s Login: %s", Other.p_name, Other.p_login);
data/bsdgames-2.17/phantasia/main.c:701:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(nxtname, hiname);
data/bsdgames-2.17/phantasia/main.c:702:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(hiname, Other.p_name);
data/bsdgames-2.17/phantasia/main.c:711:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(nxtname, Other.p_name);
data/bsdgames-2.17/phantasia/main.c:714:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Databuf, "%s Level:%.0f and %s Level:%.0f",
data/bsdgames-2.17/phantasia/misc.c:140:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Databuf, " is in %s (%.0f,%.0f)", label, playerp->p_x, playerp->p_y);
data/bsdgames-2.17/phantasia/misc.c:504:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Databuf, results[type]);
data/bsdgames-2.17/phantasia/misc.c:645:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Curmonster.m_name, Player.p_name);
data/bsdgames-2.17/phantasia/misc.c:675:3: [4] (shell) execl:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execl(_PATH_GAMEPROG, "phantasia", "-s",
data/bsdgames-2.17/phantasia/misc.c:948:11: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
funcp = printf;
data/bsdgames-2.17/phantasia/setup.c:146:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Curmonster.m_name, Databuf);
data/bsdgames-2.17/phantasia/setup.c:227:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, str, file);
data/bsdgames-2.17/primes/primes.c:252:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(hflag ? "%" PRIx64 : "%" PRIu64, factor);
data/bsdgames-2.17/primes/primes.c:324:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(hflag ? "%" PRIx64 : "%" PRIu64, start);
data/bsdgames-2.17/quiz/quiz.c:176:12: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if ((pf = popen(pager, "w")) == NULL)
data/bsdgames-2.17/quiz/quiz.c:271:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void)strcpy(question, t);
data/bsdgames-2.17/robots/auto.c:235:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void)strcpy(ok_moves, find_moves());
data/bsdgames-2.17/sail/dr_1.c:193:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(message, "killed in melee: %d. %s: %d",
data/bsdgames-2.17/sail/dr_1.c:225:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(message, "captured by the %s!", to->shipname);
data/bsdgames-2.17/sail/dr_1.c:227:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(message, "killed in melee: %d. %s: %d",
data/bsdgames-2.17/sail/dr_2.c:239:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(temp, st);
data/bsdgames-2.17/sail/dr_2.c:243:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(command, temp);
data/bsdgames-2.17/sail/dr_2.c:254:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(command, temp);
data/bsdgames-2.17/sail/dr_2.c:264:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(command, temp);
data/bsdgames-2.17/sail/lo_main.c:86:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(sbuf, "%10.10s (%s)", log.l_name, pass->pw_name);
data/bsdgames-2.17/sail/misc.c:231:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(log[NLOG-1].l_name, s->file->captain);
data/bsdgames-2.17/sail/pl_5.c:148:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(movebuf, buf);
data/bsdgames-2.17/sail/sync.c:103:2: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
vsprintf(message, format, ap);
data/bsdgames-2.17/sail/sync.c:116:2: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
vsprintf(message, fmt, ap);
data/bsdgames-2.17/sail/sync.c:128:2: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(buf, SF, game);
data/bsdgames-2.17/sail/sync.c:137:3: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(buf, LF, game);
data/bsdgames-2.17/sail/sync.c:153:2: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(sync_lock, LF, game);
data/bsdgames-2.17/sail/sync.c:154:2: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(sync_file, SF, game);
data/bsdgames-2.17/sail/sync.c:198:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(sync_bp, "%d %d 1 %s\n", type, ship->file->index, a);
data/bsdgames-2.17/snake/snake/snake.c:1003:7: [4] (misc) getlogin:
It's often easy to fool getlogin. Sometimes it does not work at all,
because some program messed up the utmp file. Often, it gives only the
first 8 characters of the login name. The user currently logged in on the
controlling tty of our program need not be the user who started it. Avoid
getlogin() for security-related purposes (CWE-807). Use getpwuid(geteuid())
and extract the desired information instead.
getlogin(), cashvalue, lcnt, ccnt, msg, ctime(&t));
data/bsdgames-2.17/tetris/scores.c:188:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(sp->hs_name, me);
data/bsdgames-2.17/tetris/scores.c:225:6: [4] (misc) getlogin:
It's often easy to fool getlogin. Sometimes it does not work at all,
because some program messed up the utmp file. Often, it gives only the
first 8 characters of the login name. The user currently logged in on the
controlling tty of our program need not be the user who started it. Avoid
getlogin() for security-related purposes (CWE-807). Use getpwuid(geteuid())
and extract the desired information instead.
p = getlogin();
data/bsdgames-2.17/tetris/tetris.c:196:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(key_msg,
data/bsdgames-2.17/trek/getpar.c:156:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(input, r->abrev);
data/bsdgames-2.17/trek/getpar.c:157:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(input, r->full);
data/bsdgames-2.17/trek/getpar.c:215:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void)sprintf(format, "%%%d[^%s]", l, t);
data/bsdgames-2.17/trek/getpar.c:223:7: [4] (buffer) scanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
i = scanf(format, r);
data/bsdgames-2.17/trek/shield.c:123:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void)sprintf(s, "%s %s up. Do you want %s down", device, dev2, dev3);
data/bsdgames-2.17/trek/shield.c:125:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void)sprintf(s, "%s %s down. Do you want %s up", device, dev2, dev3);
data/bsdgames-2.17/wump/wump.c:760:6: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(_PATH_WUMPINFO, R_OK)) {
data/bsdgames-2.17/wump/wump.c:779:9: [4] (shell) execl:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
(void)execl("/bin/sh", "sh", "-c", pager, (char *) NULL);
data/bsdgames-2.17/adventure/init.c:291:2: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand((int) (time((time_t *) NULL))); /* random seed */
data/bsdgames-2.17/adventure/init.c:293:2: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(371); /* non-random seed */
data/bsdgames-2.17/adventure/io.c:172:17: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
ch = (*inptr ^ random()) & 0xFF; /* Decrypt input data */
data/bsdgames-2.17/adventure/io.c:191:2: [3] (random) srandom:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srandom(SEED); /* which is lightly encrypted. */
data/bsdgames-2.17/adventure/save.c:138:2: [3] (random) srandom:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srandom((int) sum);
data/bsdgames-2.17/adventure/save.c:149:15: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
*s = (*s ^ random()) & 0xFF; /* Lightly encrypt */
data/bsdgames-2.17/adventure/save.c:176:2: [3] (random) srandom:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srandom((int) sum);
data/bsdgames-2.17/adventure/save.c:180:15: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
*s = (*s ^ random()) & 0xFF; /* Lightly decrypt */
data/bsdgames-2.17/adventure/setup.c:97:2: [3] (random) srandom:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srandom(SEED);
data/bsdgames-2.17/adventure/setup.c:103:44: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
printf("0x%02x,", (unsigned int)('\t' ^ random()) & 0xFF);
data/bsdgames-2.17/adventure/setup.c:119:40: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
printf("0x%02x,", (unsigned int)(c ^ random()) & 0xFF);
data/bsdgames-2.17/arithmetic/arithmetic.c:122:15: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((ch = getopt(argc, argv, "r:o:")) != -1)
data/bsdgames-2.17/arithmetic/arithmetic.c:145:2: [3] (random) srandom:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srandom((int)time((time_t *)NULL));
data/bsdgames-2.17/arithmetic/arithmetic.c:204:12: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
op = keys[random() % nkeys];
data/bsdgames-2.17/arithmetic/arithmetic.c:225:27: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
left = right * result + random() % right;
data/bsdgames-2.17/arithmetic/arithmetic.c:337:10: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
value = random() % (maxval + penalty[op][operand]);
data/bsdgames-2.17/atc/input.c:318:18: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((shell = getenv("SHELL")) != NULL)
data/bsdgames-2.17/atc/main.c:84:15: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((ch = getopt(ac, av, "ulstpg:f:r:")) != -1) {
data/bsdgames-2.17/atc/main.c:112:2: [3] (random) srandom:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srandom(seed);
data/bsdgames-2.17/atc/update.c:312:17: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
p.plane_type = random() % 2;
data/bsdgames-2.17/atc/update.c:315:8: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
rnd = random() % num_starts;
data/bsdgames-2.17/atc/update.c:328:18: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
while ((rnd2 = random() % num_starts) == rnd)
data/bsdgames-2.17/backgammon/backgammon/main.c:117:18: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
tflag = getcaps(getenv("TERM"));
data/bsdgames-2.17/backgammon/backgammon/main.c:122:2: [3] (random) srandom:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srandom(t); /* 'random' seed */
data/bsdgames-2.17/backgammon/common_source/back.h:46:18: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
#define rnum(r) (random()%r)
data/bsdgames-2.17/backgammon/teachgammon/teach.c:80:18: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
tflag = getcaps(getenv("TERM"));
data/bsdgames-2.17/banner/banner.c:1041:15: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((ch = getopt(argc, argv, "w:td")) != -1)
data/bsdgames-2.17/battlestar/command6.c:110:26: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (score_fp == NULL && getenv("BATTLESTAR_QUIET") == NULL)
data/bsdgames-2.17/battlestar/init.c:58:2: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(getpid());
data/bsdgames-2.17/battlestar/save.c:176:10: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
home = getenv("HOME");
data/bsdgames-2.17/boggle/boggle/bog.c:142:15: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((ch = getopt(argc, argv, "bds:t:w:")) != -1)
data/bsdgames-2.17/boggle/boggle/bog.c:652:15: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
p = (int) (random() % 16);
data/bsdgames-2.17/boggle/boggle/bog.c:653:15: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
q = (int) (random() % 16);
data/bsdgames-2.17/boggle/boggle/bog.c:664:24: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
board[i] = cubes[i][random() % 6];
data/bsdgames-2.17/boggle/boggle/mach.c:99:2: [3] (random) srandom:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srandom(seed);
data/bsdgames-2.17/canfield/canfield/canfield.c:554:7: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
j = random() % decksize;
data/bsdgames-2.17/canfield/canfield/canfield.c:1676:2: [3] (random) srandom:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srandom(getpid());
data/bsdgames-2.17/cribbage/cards.c:61:2: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(i);
data/bsdgames-2.17/cribbage/crib.c:92:15: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((ch = getopt(argc, argv, "eqr")) != -1)
data/bsdgames-2.17/cribbage/instr.c:77:17: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (!(path = getenv("PAGER")) || (*path == 0))
data/bsdgames-2.17/dab/main.cc:113:17: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "awp:n:")) != -1)
data/bsdgames-2.17/dab/random.cc:78:15: [3] (random) lrand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
size_t r = ::lrand48();
data/bsdgames-2.17/factor/factor.c:151:15: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((ch = getopt(argc, argv, "")) != -1)
data/bsdgames-2.17/fish/fish.c:108:15: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((ch = getopt(argc, argv, "p")) != -1)
data/bsdgames-2.17/fish/fish.c:118:2: [3] (random) srandom:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srandom(time((time_t *)NULL));
data/bsdgames-2.17/fish/fish.c:445:14: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
return((int)random() % n);
data/bsdgames-2.17/fish/fish.c:468:18: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (!(pager = getenv("PAGER")) || (*pager == 0))
data/bsdgames-2.17/fortune/fortune/fortune.c:242:2: [3] (random) srandom:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srandom(((unsigned long)tv.tv_sec) *
data/bsdgames-2.17/fortune/fortune/fortune.c:354:15: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((ch = getopt(argc, argv, "aDefilm:osw")) != -1)
data/bsdgames-2.17/fortune/fortune/fortune.c:356:15: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((ch = getopt(argc, argv, "aefilm:osw")) != -1)
data/bsdgames-2.17/fortune/fortune/fortune.c:988:12: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
choice = random() % 100;
data/bsdgames-2.17/fortune/fortune/fortune.c:1008:13: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
choice = random() % Noprob_tbl.str_numstr;
data/bsdgames-2.17/fortune/fortune/fortune.c:1050:12: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
choice = random() % parent->num_children;
data/bsdgames-2.17/fortune/fortune/fortune.c:1060:12: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
choice = random() % parent->tbl.str_numstr;
data/bsdgames-2.17/fortune/fortune/fortune.c:1145:14: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
fp->pos = random() % fp->tbl.str_numstr;
data/bsdgames-2.17/fortune/fortune/fortune.c:1151:13: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
fp->pos = random() % fp->tbl.str_numstr;
data/bsdgames-2.17/fortune/strfile/strfile.c:296:15: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((ch = getopt(argc, argv, "c:iorsx")) != -1)
data/bsdgames-2.17/fortune/strfile/strfile.c:475:2: [3] (random) srandom:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srandom((int)(time((time_t *) NULL) + getpid()));
data/bsdgames-2.17/fortune/strfile/strfile.c:485:7: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
i = random() % cnt;
data/bsdgames-2.17/gomoku/main.c:108:15: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((ch = getopt(argc, argv, "bcdD:u")) != -1) {
data/bsdgames-2.17/gomoku/main.c:137:3: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(0));
data/bsdgames-2.17/gomoku/main.c:139:3: [3] (random) srandom:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srandom(time(0));
data/bsdgames-2.17/gomoku/pickmove.c:217:10: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
return (random() & 1);
data/bsdgames-2.17/hack/hack.main.c:126:8: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
dir = getenv("HACKDIR");
data/bsdgames-2.17/hack/hack.main.c:158:24: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (!*plname && (s = getenv("USER")))
data/bsdgames-2.17/hack/hack.main.c:160:24: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (!*plname && (s = getenv("LOGNAME")))
data/bsdgames-2.17/hack/hack.main.c:250:18: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (((catmore = getenv("HACKPAGER")) == NULL &&
data/bsdgames-2.17/hack/hack.main.c:251:17: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
(catmore = getenv("PAGER")) == NULL) ||
data/bsdgames-2.17/hack/hack.main.c:285:15: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((sfoo = getenv("MAGIC")) != NULL)
data/bsdgames-2.17/hack/hack.main.c:289:13: [3] (random) srandom:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
(void) srandom(*sfoo++);
data/bsdgames-2.17/hack/hack.main.c:293:15: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((sfoo = getenv("GENOCIDED")) != NULL) {
data/bsdgames-2.17/hack/hack.mklev.c:74:19: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
#define somex() ((random()%(croom->hx-croom->lx+1))+croom->lx)
data/bsdgames-2.17/hack/hack.mklev.c:75:19: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
#define somey() ((random()%(croom->hy-croom->ly+1))+croom->ly)
data/bsdgames-2.17/hack/hack.mklev.c:195:16: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (wizard && getenv("SHOPTYPE"))
data/bsdgames-2.17/hack/hack.mkshop.c:89:24: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char *ep = getenv("SHOPTYPE");
data/bsdgames-2.17/hack/hack.mkshop.c:128:18: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
(wizard && getenv("SHOPTYPE") && sroom->doorct != 0) ||
data/bsdgames-2.17/hack/hack.options.c:87:14: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((opts = getenv("HACKOPTIONS")) != NULL)
data/bsdgames-2.17/hack/hack.pager.c:428:14: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((str = getenv("SHELL")) != NULL)
data/bsdgames-2.17/hack/hack.pager.c:470:16: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
(void) chdir(getenv("HOME"));
data/bsdgames-2.17/hack/hack.termcap.c:97:15: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (!(term = getenv("TERM")))
data/bsdgames-2.17/hack/hack.u_init.c:395:14: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char *ep = getenv("INVENT");
data/bsdgames-2.17/hack/hack.unix.c:102:9: [3] (random) srandom:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
(void) srandom((int) time((time_t *) 0));
data/bsdgames-2.17/hack/hack.unix.c:189:43: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (strchr(name, '/') != NULL || (path = getenv("PATH")) == NULL)
data/bsdgames-2.17/hack/hack.unix.c:379:18: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (!(mailbox = getenv("MAIL")))
data/bsdgames-2.17/hack/hack.unix.c:507:13: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (!(mr = getenv("MAILREADER")))
data/bsdgames-2.17/hack/rnd.c:73:18: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
#define RND(x) ((random()>>3) % x)
data/bsdgames-2.17/hangman/main.c:62:15: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((ch = getopt(argc, argv, "d:m:")) != -1) {
data/bsdgames-2.17/hangman/setup.c:70:2: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(NULL) + getpid());
data/bsdgames-2.17/hunt/hunt/hunt.c:144:14: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(ac, av, "Sbcfh:l:mn:op:qst:w:")) != -1) {
data/bsdgames-2.17/hunt/hunt/hunt.c:266:28: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (!isatty(0) || (term = getenv("TERM")) == NULL)
data/bsdgames-2.17/hunt/hunt/hunt.c:1007:14: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((envp = getenv("HUNT")) != NULL) {
data/bsdgames-2.17/hunt/hunt/otto.c:70:10: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
# define random rand
data/bsdgames-2.17/hunt/hunt/otto.c:590:23: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
&& num_turns > 4 + (random() %
data/bsdgames-2.17/hunt/hunt/otto.c:602:8: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
duck(random() % NUMDIRECTIONS);
data/bsdgames-2.17/hunt/hunt/otto.c:612:8: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if (random() % 5 == 0)
data/bsdgames-2.17/hunt/huntd/driver.c:109:14: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(ac, av, "sp:")) != -1) {
data/bsdgames-2.17/mille/mille.c:95:2: [3] (random) srandom:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srandom(getpid());
data/bsdgames-2.17/mille/mille.c:97:2: [3] (random) srandom:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srandom(0);
data/bsdgames-2.17/mille/mille.h:165:10: [3] (random) srandom:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
# define srandom(x) srand(x)
data/bsdgames-2.17/mille/mille.h:165:21: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
# define srandom(x) srand(x)
data/bsdgames-2.17/mille/mille.h:166:10: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
# define random() rand()
data/bsdgames-2.17/mille/roll.c:59:10: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
tot += random() % nsides + 1;
data/bsdgames-2.17/monop/monop.c:70:2: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(getpid());
data/bsdgames-2.17/morse/morse.c:132:15: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((ch = getopt(argc, argv, "ds")) != -1)
data/bsdgames-2.17/number/number.c:100:15: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((ch = getopt(argc, argv, "l")) != -1)
data/bsdgames-2.17/phantasia/main.c:321:2: [3] (random) srandom:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srandom((unsigned) time(NULL)); /* prime random numbers */
data/bsdgames-2.17/phantasia/misc.c:1020:21: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
return ((double) (random() & 0x7fff) / 32768.0);
data/bsdgames-2.17/phantasia/misc.c:1022:20: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
return ((double) random() / 32768.0);
data/bsdgames-2.17/phantasia/setup.c:73:15: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((ch = getopt(argc, argv, "m:")) != -1)
data/bsdgames-2.17/phantasia/setup.c:85:5: [3] (random) srandom:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srandom((unsigned) time(NULL)); /* prime random numbers */
data/bsdgames-2.17/phantasia/setup.c:259:19: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
return((double) (random() & 0x7fff) / 32768.0);
data/bsdgames-2.17/phantasia/setup.c:261:18: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
return((double) random() / 32768.0);
data/bsdgames-2.17/pig/pig.c:71:15: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((ch = getopt(argc, argv, "")) != -1)
data/bsdgames-2.17/ppt/ppt.c:79:14: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "dh")) != -1)
data/bsdgames-2.17/primes/primes.c:105:15: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((ch = getopt(argc, argv, "dh")) != -1)
data/bsdgames-2.17/quiz/quiz.c:91:15: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((ch = getopt(argc, argv, "i:t")) != -1)
data/bsdgames-2.17/quiz/quiz.c:173:17: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (!(pager = getenv("PAGER")) || (*pager == 0))
data/bsdgames-2.17/quiz/quiz.c:239:2: [3] (random) srandom:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srandom(time(NULL));
data/bsdgames-2.17/quiz/quiz.c:244:10: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
next = random() % qsize;
data/bsdgames-2.17/quiz/quiz.c:254:16: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if (tflag && random() % 100 > 20) {
data/bsdgames-2.17/rain/rain.c:82:15: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((ch = getopt(argc, argv, "d:")) != -1)
data/bsdgames-2.17/rain/rain.c:110:13: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
xpos[j] = random() % cols + 2;
data/bsdgames-2.17/rain/rain.c:111:13: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
ypos[j] = random() % lines + 2;
data/bsdgames-2.17/rain/rain.c:118:7: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
x = random() % cols + 2;
data/bsdgames-2.17/rain/rain.c:119:7: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
y = random() % lines + 2;
data/bsdgames-2.17/random/random.c:80:15: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((ch = getopt(argc, argv, "er")) != -1)
data/bsdgames-2.17/random/random.c:115:2: [3] (random) srandom:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srandom((u_int)(tp.tv_usec + tp.tv_sec + getpid()));
data/bsdgames-2.17/random/random.c:119:20: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
return ((denom * random()) / MAXRANDOM);
data/bsdgames-2.17/random/random.c:134:27: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
selected = (int)(denom * random() / MAXRANDOM) == 0;
data/bsdgames-2.17/random/random.c:144:29: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
selected = (int)(denom * random() / MAXRANDOM) == 0;
data/bsdgames-2.17/robots/main.c:165:2: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(getpid());
data/bsdgames-2.17/sail/dr_1.c:423:15: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char *tp = getenv("WOTD");
data/bsdgames-2.17/sail/extern.h:53:22: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
#define dieroll() ((random()) % 6 + 1)
data/bsdgames-2.17/sail/main.c:72:2: [3] (random) srandom:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srandom((u_long)time(NULL));
data/bsdgames-2.17/sail/main.c:86:14: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((a = getopt(argc, argv, "dsxlb")) != -1)
data/bsdgames-2.17/sail/pl_main.c:203:26: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((nameptr = (char *) getenv("SAILNAME")) && *nameptr)
data/bsdgames-2.17/snake/snake/snake.c:166:15: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((ch = getopt(argc, argv, "l:w:t")) != -1)
data/bsdgames-2.17/snake/snake/snake.c:192:2: [3] (random) srandom:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srandom((int) tv);
data/bsdgames-2.17/snake/snake/snake.c:490:11: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
p.col = random() % ccnt;
data/bsdgames-2.17/snake/snake/snake.c:491:12: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
p.line = random() % lcnt;
data/bsdgames-2.17/snake/snake/snake.c:642:9: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
vp = ((random() >> 6) & 01777) % w;
data/bsdgames-2.17/snake/snake/snake.c:894:14: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
bonus = ((random() >> 8) & 0377) % 10;
data/bsdgames-2.17/tetris/screen.c:175:14: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((term = getenv("TERM")) == NULL)
data/bsdgames-2.17/tetris/tetris.c:150:15: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((ch = getopt(argc, argv, "k:l:ps")) != -1)
data/bsdgames-2.17/tetris/tetris.c:205:2: [3] (random) srandom:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srandom(getpid());
data/bsdgames-2.17/tetris/tetris.h:131:30: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
#define randshape() (&shapes[random() % 7])
data/bsdgames-2.17/trek/main.c:183:2: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(vect);
data/bsdgames-2.17/trek/setup.c:116:3: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(d);
data/bsdgames-2.17/worm/worm.c:105:2: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(getpid());
data/bsdgames-2.17/worms/worms.c:209:15: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((ch = getopt(argc, argv, "d:fl:n:t")) != -1)
data/bsdgames-2.17/worms/worms.c:334:23: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
op->opts[(int)random() % op->nopts];
data/bsdgames-2.17/wump/wump.c:151:14: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "a:b:hp:r:t:d")) != -1)
data/bsdgames-2.17/wump/wump.c:153:14: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "a:b:hp:r:t:")) != -1)
data/bsdgames-2.17/wump/wump.c:207:16: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
bat_num += ((random() % (room_num / 2)) + 1);
data/bsdgames-2.17/wump/wump.c:208:16: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
pit_num += ((random() % (room_num / 2)) + 1);
data/bsdgames-2.17/wump/wump.c:308:6: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if (random() % 15 == 1)
data/bsdgames-2.17/wump/wump.c:362:7: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if (random() % 6 == 1) {
data/bsdgames-2.17/wump/wump.c:375:21: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
jump(next_room = (random() % room_num) + 1);
data/bsdgames-2.17/wump/wump.c:384:8: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if (random() % 12 < 2) {
data/bsdgames-2.17/wump/wump.c:397:30: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
next_room = player_loc = (random() % room_num) + 1;
data/bsdgames-2.17/wump/wump.c:449:23: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
arrow_location = (random() % room_num) + 1;
data/bsdgames-2.17/wump/wump.c:453:12: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
link = (random() % link_num);
data/bsdgames-2.17/wump/wump.c:473:12: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
chance = random() % 10;
data/bsdgames-2.17/wump/wump.c:509:7: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if (random() % level == EASY ? 12 : 9 < (lastchance += 2)) {
data/bsdgames-2.17/wump/wump.c:513:17: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
lastchance = random() % 3;
data/bsdgames-2.17/wump/wump.c:547:2: [3] (random) srandom:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srandom((int)time((time_t *)0));
data/bsdgames-2.17/wump/wump.c:560:12: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
delta = (random() % (room_num - 1)) + 1;
data/bsdgames-2.17/wump/wump.c:573:21: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
try_again: link = (random() % room_num) + 1;
data/bsdgames-2.17/wump/wump.c:579:8: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if (random() % 2 == 1)
data/bsdgames-2.17/wump/wump.c:633:11: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
loc = (random() % room_num) + 1;
data/bsdgames-2.17/wump/wump.c:644:11: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
loc = (random() % room_num) + 1;
data/bsdgames-2.17/wump/wump.c:653:16: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
wumpus_loc = (random() % room_num) + 1;
data/bsdgames-2.17/wump/wump.c:660:17: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
player_loc = (random() % room_num) + 1;
data/bsdgames-2.17/wump/wump.c:735:39: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
wumpus_loc = cave[wumpus_loc].tunnel[random() % link_num];
data/bsdgames-2.17/wump/wump.c:770:17: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (!(pager = getenv("PAGER")) || (*pager == 0))
data/bsdgames-2.17/adventure/init.c:140:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[6];
data/bsdgames-2.17/adventure/io.c:61:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char wd1buf[MAXSTR], wd2buf[MAXSTR];
data/bsdgames-2.17/adventure/io.c:258:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nbf[12];
data/bsdgames-2.17/adventure/io.c:273:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
return (atoi(nbf)); /* convert it to integer */
data/bsdgames-2.17/adventure/io.c:346:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[12];
data/bsdgames-2.17/adventure/io.c:373:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
n = atoi(buf); /* newloc mod 1000 = newloc */
data/bsdgames-2.17/adventure/io.c:375:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
n = atoi(buf + len - 3);
data/bsdgames-2.17/adventure/io.c:377:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
m = atoi(buf);
data/bsdgames-2.17/adventure/io.c:421:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[6];
data/bsdgames-2.17/adventure/io.c:559:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tbuf, msg->seekadr, msg->txtlen + 1); /* Room to null */
data/bsdgames-2.17/adventure/io.c:570:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(numst) != 100 * skip && skip >= 0) {
data/bsdgames-2.17/adventure/save.c:140:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((out = fopen(outfile, "wb")) == NULL) {
data/bsdgames-2.17/adventure/save.c:169:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((in = fopen(infile, "rb")) == NULL) {
data/bsdgames-2.17/adventure/setup.c:87:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((infile = fopen(argv[1], "r")) == NULL) {
data/bsdgames-2.17/adventure/wizard.c:75:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char magic[6];
data/bsdgames-2.17/adventure/wizard.c:132:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[80];
data/bsdgames-2.17/arithmetic/arithmetic.c:134:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ((rangemax = atoi(optarg)) <= 0)
data/bsdgames-2.17/arithmetic/arithmetic.c:201:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[80];
data/bsdgames-2.17/arithmetic/arithmetic.c:254:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(p) == result) {
data/bsdgames-2.17/atc/graphics.c:116:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buffer[BUFSIZ];
data/bsdgames-2.17/atc/graphics.c:131:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[3];
data/bsdgames-2.17/atc/input.c:79:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[20];
data/bsdgames-2.17/atc/log.c:86:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char s[80];
data/bsdgames-2.17/atc/log.c:89:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void)sprintf(s, "%dd+%02dhrs", DAY(t), HOUR(t));
data/bsdgames-2.17/atc/log.c:91:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void)sprintf(s, "%d:%02d:%02d", HOUR(t), MIN(t), SEC(t));
data/bsdgames-2.17/atc/log.c:93:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void)sprintf(s, "%d:%02d", MIN(t), SEC(t));
data/bsdgames-2.17/atc/log.c:95:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void)sprintf(s, ":%02d", SEC(t));
data/bsdgames-2.17/atc/log.c:110:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
score_fd = open(_PATH_SCORE, O_CREAT|O_RDWR, 0664);
data/bsdgames-2.17/atc/log.c:217:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&score[num_scores - 1],
data/bsdgames-2.17/atc/main.c:102:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
seed = atoi(optarg);
data/bsdgames-2.17/atc/main.c:123:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/bsdgames-2.17/atc/main.c:217:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
yyin = fopen(s, "r");
data/bsdgames-2.17/atc/main.c:235:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char file[256];
data/bsdgames-2.17/atc/main.c:236:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[256], games[256];
data/bsdgames-2.17/atc/main.c:241:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(games, "r")) == NULL) {
data/bsdgames-2.17/atc/main.c:261:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char file[256];
data/bsdgames-2.17/atc/main.c:263:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[256], games[256];
data/bsdgames-2.17/atc/main.c:268:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(games, "r")) == NULL) {
data/bsdgames-2.17/atc/main.c:296:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[256], games[256];
data/bsdgames-2.17/atc/main.c:302:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(games, "r")) == NULL) {
data/bsdgames-2.17/atc/struct.h:98:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[10];
data/bsdgames-2.17/atc/struct.h:99:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char host[256];
data/bsdgames-2.17/atc/struct.h:100:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char game[256];
data/bsdgames-2.17/atc/update.c:202:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[80];
data/bsdgames-2.17/atc/update.c:204:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void)sprintf(buf, "collided with plane '%c'.",
data/bsdgames-2.17/atc/update.c:225:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[50], *bp, *comm_start;
data/bsdgames-2.17/atc/update.c:229:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void)sprintf(bp, "%c%d%c%c%d: ", name(pp), pp->altitude,
data/bsdgames-2.17/atc/update.c:235:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void)sprintf(bp, "Holding @ A%d", pp->orig_no);
data/bsdgames-2.17/atc/update.c:237:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(bp, "Circle");
data/bsdgames-2.17/atc/update.c:239:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void)sprintf(bp, "%d", dir_deg(pp->new_dir));
data/bsdgames-2.17/atc/update.c:243:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void)sprintf(bp, " @ B%d", pp->delayd_no);
data/bsdgames-2.17/atc/update.c:248:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(bp, "---------");
data/bsdgames-2.17/atc/update.c:366:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pp, &p, sizeof (p));
data/bsdgames-2.17/backgammon/backgammon/extra.c:125:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
trace = fopen("bgtrace", "w");
data/bsdgames-2.17/backgammon/backgammon/main.c:90:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char pbuf[10];
data/bsdgames-2.17/backgammon/backgammon/move.c:46:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char tests[20];
data/bsdgames-2.17/backgammon/backgammon/move.c:381:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
trace = fopen("bgtrace", "w");
data/bsdgames-2.17/backgammon/backgammon/move.c:421:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
trace = fopen("bgtrace", "w");
data/bsdgames-2.17/backgammon/common_source/back.h:72:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char args[100]; /* args passed to teachgammon and back */
data/bsdgames-2.17/backgammon/common_source/back.h:115:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char cin[100]; /* input line of current move
data/bsdgames-2.17/backgammon/common_source/board.c:44:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char ln[60];
data/bsdgames-2.17/backgammon/common_source/fancy.c:71:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tbuf[1024]; /* buffer for decoded termcap entries */
data/bsdgames-2.17/backgammon/common_source/fancy.c:695:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tentry[1024]; /* temporary uncoded caps buffer */
data/bsdgames-2.17/backgammon/common_source/init.c:54:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char args[100] = "-";
data/bsdgames-2.17/backgammon/common_source/init.c:75:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char args[100];
data/bsdgames-2.17/backgammon/common_source/init.c:79:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cin[100];
data/bsdgames-2.17/backgammon/common_source/save.c:62:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[50];
data/bsdgames-2.17/backgammon/common_source/save.c:93:16: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fdesc = open(fname, O_RDWR)) == -1 && errno == ENOENT) {
data/bsdgames-2.17/backgammon/common_source/save.c:153:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fdesc = open(s, O_RDONLY)) == -1)
data/bsdgames-2.17/backgammon/common_source/subs.c:44:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outbuff[BUFSIZ];
data/bsdgames-2.17/backgammon/common_source/subs.c:142:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
trace = fopen("bgtrace", "w");
data/bsdgames-2.17/backgammon/teachgammon/tutor.h:42:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *const (*com[8]);
data/bsdgames-2.17/banner/banner.c:90:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char data_table[NBYTES] = {
data/bsdgames-2.17/banner/banner.c:1022:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[DWIDTH];
data/bsdgames-2.17/banner/banner.c:1023:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char message[MAXMSG];
data/bsdgames-2.17/banner/banner.c:1024:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char print[DWIDTH];
data/bsdgames-2.17/banner/banner.c:1050:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
width = atoi(optarg);
data/bsdgames-2.17/battlestar/battlestar.c:62:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mainbuf[LINELENGTH];
data/bsdgames-2.17/battlestar/command6.c:109:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
score_fp = fopen(_PATH_SCORE, "a");
data/bsdgames-2.17/battlestar/command7.c:49:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char auxbuf[LINELENGTH];
data/bsdgames-2.17/battlestar/cypher.c:49:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[10];
data/bsdgames-2.17/battlestar/extern.h:259:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char *const objdes[NUMOFOBJECTS];
data/bsdgames-2.17/battlestar/extern.h:260:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char *const objsht[NUMOFOBJECTS];
data/bsdgames-2.17/battlestar/extern.h:261:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char *const ouch[NUMOFINJURIES];
data/bsdgames-2.17/battlestar/extern.h:278:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char words[NWORD][WORDLEN];
data/bsdgames-2.17/battlestar/extern.h:309:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char beenthere[NUMOFROOMS + 1];
data/bsdgames-2.17/battlestar/extern.h:310:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char injuries[NUMOFINJURIES];
data/bsdgames-2.17/battlestar/globals.c:46:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *const objdes[NUMOFOBJECTS] = {
data/bsdgames-2.17/battlestar/globals.c:114:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *const objsht[NUMOFOBJECTS] = {
data/bsdgames-2.17/battlestar/globals.c:181:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *const ouch[NUMOFINJURIES] = {
data/bsdgames-2.17/battlestar/globals.c:246:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char words[NWORD][WORDLEN];
data/bsdgames-2.17/battlestar/globals.c:272:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char beenthere[NUMOFROOMS + 1];
data/bsdgames-2.17/battlestar/globals.c:273:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char injuries[NUMOFINJURIES];
data/bsdgames-2.17/battlestar/parse.c:162:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpword[WORDLEN];
data/bsdgames-2.17/battlestar/save.c:53:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(filename, "r")) == 0) {
data/bsdgames-2.17/battlestar/save.c:106:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(filename, "w")) == NULL) {
data/bsdgames-2.17/battlestar/save.c:173:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newname, filename, len);
data/bsdgames-2.17/battlestar/save.c:184:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newname, home, tmpl);
data/bsdgames-2.17/battlestar/save.c:186:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newname + tmpl + 1, filename, len);
data/bsdgames-2.17/battlestar/save.c:194:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newname, filename, len);
data/bsdgames-2.17/bcd/bcd.c:135:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cardline[80];
data/bsdgames-2.17/boggle/boggle/bog.c:95:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char board[17];
data/bsdgames-2.17/boggle/boggle/bog.c:100:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *pword[MAXPWORDS];
data/bsdgames-2.17/boggle/boggle/bog.c:101:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pwords[MAXPSPACE], *pwordsp;
data/bsdgames-2.17/boggle/boggle/bog.c:104:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *mword[MAXMWORDS];
data/bsdgames-2.17/boggle/boggle/bog.c:105:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mwords[MAXMSPACE], *mwordsp;
data/bsdgames-2.17/boggle/boggle/bog.c:152:11: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
seed = atol(optarg);
data/bsdgames-2.17/boggle/boggle/bog.c:155:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ((tlimit = atoi(optarg)) < 1)
data/bsdgames-2.17/boggle/boggle/bog.c:159:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ((minlength = atoi(optarg)) < 3)
data/bsdgames-2.17/boggle/boggle/bog.c:317:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAXWORDLEN + 1];
data/bsdgames-2.17/boggle/boggle/bog.c:455:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char subword[MAXWORDLEN + 1];
data/bsdgames-2.17/boggle/boggle/bog.c:639:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *cubes[16] = {
data/bsdgames-2.17/boggle/boggle/help.c:57:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZ];
data/bsdgames-2.17/boggle/boggle/help.c:59:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(HELPFILE, "r")) == NULL)
data/bsdgames-2.17/boggle/boggle/mach.c:406:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAXWORDLEN + 1];
data/bsdgames-2.17/boggle/boggle/word.c:73:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[MAXWORDLEN + 1];
data/bsdgames-2.17/boggle/boggle/word.c:132:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(dict, "r")) == NULL)
data/bsdgames-2.17/boggle/boggle/word.c:192:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZ];
data/bsdgames-2.17/boggle/boggle/word.c:195:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(indexfile, "r")) == NULL) {
data/bsdgames-2.17/boggle/boggle/word.c:210:24: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dictindex[j].start = atol(buf + 1);
data/bsdgames-2.17/boggle/boggle/word.c:211:25: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dictindex[j].length = atol(buf + 9) - dictindex[j].start;
data/bsdgames-2.17/boggle/mkdict/mkdict.c:72:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[2][MAXWORDLEN + 1];
data/bsdgames-2.17/boggle/mkdict/mkdict.c:106:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (argc == 2 && nwords % atoi(argv[1]))
data/bsdgames-2.17/boggle/mkindex/mkindex.c:60:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAXWORDLEN + 1];
data/bsdgames-2.17/boggle/mkindex/mkindex.c:106:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[MAXWORDLEN + 1];
data/bsdgames-2.17/caesar/caesar.c:156:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ((rot = atoi(arg)) < 0)
data/bsdgames-2.17/canfield/canfield/canfield.c:158:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char suitmap[4] = {spades, clubs, hearts, diamonds};
data/bsdgames-2.17/canfield/canfield/canfield.c:159:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char colormap[4] = {black, black, red, red};
data/bsdgames-2.17/canfield/canfield/canfield.c:160:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pilemap[4] = {atabcol, btabcol, ctabcol, dtabcol};
data/bsdgames-2.17/canfield/canfield/canfield.c:1370:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[2] = { '\0', '\0'}, ch;
data/bsdgames-2.17/canfield/canfield/canfield.c:1682:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
dbfd = open(_PATH_SCORE, O_RDWR);
data/bsdgames-2.17/canfield/cfscores/cfscores.c:87:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
dbfd = open(_PATH_SCORE, O_RDONLY);
data/bsdgames-2.17/cribbage/crib.c:72:6: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(_PATH_LOG, "a");
data/bsdgames-2.17/cribbage/extern.c:51:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char explan[128]; /* explanation */
data/bsdgames-2.17/cribbage/instr.c:66:16: [2] (race) vfork:
On some old systems, vfork() permits race conditions, and it's very
difficult to use correctly (CWE-362). Use fork() instead.
switch (pid = vfork()) {
data/bsdgames-2.17/cribbage/instr.c:80:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(_PATH_INSTR, O_RDONLY)) == -1) {
data/bsdgames-2.17/cribbage/io.c:61:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char linebuf[LINESIZE];
data/bsdgames-2.17/cribbage/io.c:63:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *const rankname[RANKS] = {
data/bsdgames-2.17/cribbage/io.c:68:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *const rankchar[RANKS] = {
data/bsdgames-2.17/cribbage/io.c:72:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *const suitname[SUITS] = {"SPADES", "HEARTS", "DIAMONDS", "CLUBS"};
data/bsdgames-2.17/cribbage/io.c:74:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *const suitchar[SUITS] = {"S", "H", "D", "C"};
data/bsdgames-2.17/cribbage/io.c:381:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Msgbuf[BUFSIZ] = {'\0'};
data/bsdgames-2.17/cribbage/score.c:119:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[32];
data/bsdgames-2.17/cribbage/score.c:131:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(explan, "His Nobs");
data/bsdgames-2.17/cribbage/score.c:138:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(explan, ", ");
data/bsdgames-2.17/cribbage/score.c:142:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(explan, "Five-flush");
data/bsdgames-2.17/cribbage/score.c:147:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(explan, ", Four-flush");
data/bsdgames-2.17/cribbage/score.c:149:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(explan, "Four-flush");
data/bsdgames-2.17/cribbage/score.c:153:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(explan, ", ");
data/bsdgames-2.17/cribbage/score.c:160:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(buf, "%d points in fifteens", i);
data/bsdgames-2.17/cribbage/score.c:163:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(explan, "No fifteens");
data/bsdgames-2.17/cribbage/score.c:169:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(buf, ", %d points in pairs, %d in runs",
data/bsdgames-2.17/cribbage/score.c:173:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(explan, ", No pairs/runs");
data/bsdgames-2.17/cribbage/support.c:131:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char prompt[BUFSIZ];
data/bsdgames-2.17/dab/board.cc:80:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy(_b[y], b._b[y], _tx * sizeof(int));
data/bsdgames-2.17/dab/main.cc:127:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
nn = atoi(optarg);
data/bsdgames-2.17/dab/main.cc:142:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ny = nx = atoi(argv[optind]);
data/bsdgames-2.17/dab/main.cc:146:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
nx = atoi(argv[optind]);
data/bsdgames-2.17/dab/main.cc:147:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ny = atoi(argv[optind+1]);
data/bsdgames-2.17/dm/dm.c:113:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pbuf[MAXPATHLEN];
data/bsdgames-2.17/dm/dm.c:130:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lbuf[BUFSIZ], f1[40], f2[40], f3[40], f4[40], f5[40];
data/bsdgames-2.17/dm/dm.c:132:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(cfp = fopen(_PATH_CONFIG, "r")))
data/bsdgames-2.17/dm/dm.c:178:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
start = atoi(s_start);
data/bsdgames-2.17/dm/dm.c:179:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
stop = atoi(s_stop);
data/bsdgames-2.17/dm/dm.c:224:41: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (isdigit((unsigned char)*s_load) && atoi(s_load) < load())
data/bsdgames-2.17/dm/dm.c:226:42: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (isdigit((unsigned char)*s_users) && atoi(s_users) <= users())
data/bsdgames-2.17/dm/dm.c:229:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
priority = atoi(s_priority);
data/bsdgames-2.17/dm/dm.c:271:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZ];
data/bsdgames-2.17/dm/dm.c:273:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(_PATH_NOGAMES, O_RDONLY, 0)) >= 0) {
data/bsdgames-2.17/dm/dm.c:314:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (lp = fopen(_PATH_LOG, "a")) {
data/bsdgames-2.17/dm/utmpentry.h:40:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[65];
data/bsdgames-2.17/dm/utmpentry.h:41:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[65];
data/bsdgames-2.17/dm/utmpentry.h:42:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char host[257];
data/bsdgames-2.17/factor/factor.c:139:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *p, buf[LINE_MAX]; /* > max number of digits. */
data/bsdgames-2.17/fish/fish.c:157:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/bsdgames-2.17/fish/fish.c:471:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(_PATH_INSTR, O_RDONLY)) == -1)
data/bsdgames-2.17/fortune/fortune/fortune.c:197:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Re_error[1024];
data/bsdgames-2.17/fortune/fortune/fortune.c:300:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[BUFSIZ];
data/bsdgames-2.17/fortune/fortune/fortune.c:321:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[BUFSIZ];
data/bsdgames-2.17/fortune/fortune/fortune.c:550:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(path, O_RDONLY)) < 0) {
data/bsdgames-2.17/fortune/fortune/fortune.c:665:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
return strcat(new, "-o");
data/bsdgames-2.17/fortune/fortune/fortune.c:703:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(offensive, O_RDONLY)) < 0)
data/bsdgames-2.17/fortune/fortune/fortune.c:846:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(datfile, ".dat");
data/bsdgames-2.17/fortune/fortune/fortune.c:859:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
(void) strcat(*posp, ".pos");
data/bsdgames-2.17/fortune/fortune/fortune.c:1123:36: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (fp->datfd < 0 && (fp->datfd = open(fp->datfile, O_RDONLY)) < 0)
data/bsdgames-2.17/fortune/fortune/fortune.c:1143:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(fp->posfile, O_RDONLY)) < 0 ||
data/bsdgames-2.17/fortune/fortune/fortune.c:1174:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(fp->datfile, O_RDONLY)) < 0)
data/bsdgames-2.17/fortune/strfile/strfile.c:72:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char c[4];
data/bsdgames-2.17/fortune/strfile/strfile.c:79:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&rv, c, sizeof rv);
data/bsdgames-2.17/fortune/strfile/strfile.c:184:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char string[257];
data/bsdgames-2.17/fortune/strfile/strfile.c:192:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((inf = fopen(Infile, "r")) == NULL)
data/bsdgames-2.17/fortune/strfile/strfile.c:195:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((outf = fopen(Outfile, "w")) == NULL)
data/bsdgames-2.17/fortune/strfile/strfile.c:337:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
(void) strcat(Outfile, ".dat");
data/bsdgames-2.17/fortune/strfile/strfile.c:399:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
Sort_1 = fopen(Infile, "r");
data/bsdgames-2.17/fortune/strfile/strfile.c:400:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
Sort_2 = fopen(Infile, "r");
data/bsdgames-2.17/fortune/strfile/strfile.c:503:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char c[8];
data/bsdgames-2.17/fortune/strfile/strfile.h:52:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char stuff[4]; /* long aligned space */
data/bsdgames-2.17/fortune/unstr/unstr.c:95:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((Inf = fopen(Infile, "r")) == NULL)
data/bsdgames-2.17/fortune/unstr/unstr.c:97:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((Dataf = fopen(Datafile, "r")) == NULL)
data/bsdgames-2.17/fortune/unstr/unstr.c:126:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
(void) strcat(Datafile, ".dat");
data/bsdgames-2.17/fortune/unstr/unstr.c:136:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZ];
data/bsdgames-2.17/gomoku/main.c:70:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char pdir[4] = "-\\|/";
data/bsdgames-2.17/gomoku/main.c:71:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fmtbuf[128];
data/bsdgames-2.17/gomoku/main.c:80:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *plyr[2]; /* who's who */
data/bsdgames-2.17/gomoku/main.c:89:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/bsdgames-2.17/gomoku/main.c:92:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *const fmt[2] = {
data/bsdgames-2.17/gomoku/main.c:117:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((debugfp = fopen(optarg, "w")) == NULL)
data/bsdgames-2.17/gomoku/main.c:131:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((inputfp = fopen(*argv, "r")) == NULL)
data/bsdgames-2.17/gomoku/main.c:260:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(buf, "w")) == NULL) {
data/bsdgames-2.17/gomoku/main.c:320:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(buf, "w")) == NULL) {
data/bsdgames-2.17/gomoku/main.c:379:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fmtbuf, "Debug set to %d", debug);
data/bsdgames-2.17/gomoku/main.c:408:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(fmtbuf + 1, "w")) == NULL)
data/bsdgames-2.17/gomoku/pickmove.c:320:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(forcemap, tmpmap, sizeof(tmpmap));
data/bsdgames-2.17/gomoku/pickmove.c:337:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fmtbuf, "%cL%d %d %d %d", "BW"[color],
data/bsdgames-2.17/gomoku/pickmove.c:396:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fmtbuf, "scanframes: %c combocnt %d", "BW"[color],
data/bsdgames-2.17/gomoku/pickmove.c:402:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fmtbuf, "scanframes: %c elistcnt %d", "BW"[color],
data/bsdgames-2.17/gomoku/pickmove.c:512:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fmtbuf, "%c c %d %d m %x %x o %d %d",
data/bsdgames-2.17/gomoku/pickmove.c:764:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fmtbuf, "%c v%d i%d d%d c %d %d m %x %x o %d %d",
data/bsdgames-2.17/gomoku/pickmove.c:811:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fmtbuf, "E%c ", "bw"[curcolor]);
data/bsdgames-2.17/gomoku/pickmove.c:1035:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(forcemap, tmpmap, sizeof(tmpmap));
data/bsdgames-2.17/gomoku/pickmove.c:1296:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fmtbuf, "sort1: n%d", n);
data/bsdgames-2.17/gomoku/pickmove.c:1344:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "%x/%d", cbp->c_combo.s, cbp->c_nframes);
data/bsdgames-2.17/gomoku/pickmove.c:1471:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
clearcombo(cbp, open)
data/bsdgames-2.17/gomoku/pickmove.c:1473:6: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int open;
data/bsdgames-2.17/gomoku/pickmove.c:1486:6: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
n = open ? 6 : 5;
data/bsdgames-2.17/gomoku/stoc.c:69:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[32];
data/bsdgames-2.17/gomoku/stoc.c:75:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%c%d", letters[s % BSZ1], s / BSZ1);
data/bsdgames-2.17/gomoku/stoc.c:93:6: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
i = atoi(&mp[1]);
data/bsdgames-2.17/hack/def.eshk.h:85:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char customer[PL_NSIZ]; /* most recent customer */
data/bsdgames-2.17/hack/def.eshk.h:86:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char shknam[PL_NSIZ];
data/bsdgames-2.17/hack/hack.Decl.c:70:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nul[40]; /* contains zeros */
data/bsdgames-2.17/hack/hack.Decl.c:71:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char plname[PL_NSIZ];/* player name */
data/bsdgames-2.17/hack/hack.Decl.c:72:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lock[PL_NSIZ + 4] = "1lock"; /* long enough for login name
data/bsdgames-2.17/hack/hack.Decl.c:102:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char genocided[60];
data/bsdgames-2.17/hack/hack.Decl.c:103:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fut_geno[60];
data/bsdgames-2.17/hack/hack.apply.c:449:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dirsyms[12];
data/bsdgames-2.17/hack/hack.bones.c:91:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(bones, O_RDONLY)) >= 0) {
data/bsdgames-2.17/hack/hack.bones.c:158:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(bones, O_RDONLY)) < 0)
data/bsdgames-2.17/hack/hack.cmd.c:229:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char expcmd[10];
data/bsdgames-2.17/hack/hack.cmd.c:249:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSZ];
data/bsdgames-2.17/hack/hack.do.c:245:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(lock, O_RDONLY)) < 0) {
data/bsdgames-2.17/hack/hack.do_name.c:117:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSZ];
data/bsdgames-2.17/hack/hack.do_name.c:174:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSZ];
data/bsdgames-2.17/hack/hack.do_name.c:240:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSZ];
data/bsdgames-2.17/hack/hack.do_name.c:274:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[BUFSZ]; /* %% */
data/bsdgames-2.17/hack/hack.do_name.c:304:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
(void) strcat(buf, " called ");
data/bsdgames-2.17/hack/hack.do_name.c:340:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[BUFSZ]; /* %% */
data/bsdgames-2.17/hack/hack.do_name.c:375:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char ccc[3];
data/bsdgames-2.17/hack/hack.eat.c:332:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char msgbuf[BUFSZ];
data/bsdgames-2.17/hack/hack.end.c:131:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[BUFSZ];
data/bsdgames-2.17/hack/hack.end.c:313:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[NAMSZ + 1];
data/bsdgames-2.17/hack/hack.end.c:314:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char death[DTHSZ + 1];
data/bsdgames-2.17/hack/hack.end.c:315:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char date[7];/* yymmdd */
data/bsdgames-2.17/hack/hack.end.c:343:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(rfile = fopen(recfile, "r"))) {
data/bsdgames-2.17/hack/hack.end.c:422:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(rfile = fopen(recfile, "w"))) {
data/bsdgames-2.17/hack/hack.end.c:487:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char linebuf[BUFSZ];
data/bsdgames-2.17/hack/hack.end.c:489:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
(void) strcpy(linebuf, "Number Points Name");
data/bsdgames-2.17/hack/hack.end.c:493:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
(void) strcpy(bp, "Hp [max]");
data/bsdgames-2.17/hack/hack.end.c:502:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char linebuf[BUFSZ];
data/bsdgames-2.17/hack/hack.end.c:549:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hpbuf[10];
data/bsdgames-2.17/hack/hack.end.c:581:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[12];
data/bsdgames-2.17/hack/hack.end.c:658:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char totchars[10];
data/bsdgames-2.17/hack/hack.end.c:668:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(rfile = fopen(recfile, "r"))) {
data/bsdgames-2.17/hack/hack.end.c:721:42: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
(digit(players[i][0]) && rank <= atoi(players[i])))
data/bsdgames-2.17/hack/hack.end.c:758:42: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
(digit(players[i][0]) && rank <= atoi(players[i]))) {
data/bsdgames-2.17/hack/hack.engrave.c:211:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSZ];
data/bsdgames-2.17/hack/hack.fight.c:99:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSZ];
data/bsdgames-2.17/hack/hack.fight.c:198:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSZ];
data/bsdgames-2.17/hack/hack.h:203:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char fut_geno[60]; /* idem */
data/bsdgames-2.17/hack/hack.h:204:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char genocided[60]; /* defined in Decl.c */
data/bsdgames-2.17/hack/hack.h:209:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char plname[PL_NSIZ], pl_character[PL_CSIZ];
data/bsdgames-2.17/hack/hack.invent.c:399:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSZ];
data/bsdgames-2.17/hack/hack.invent.c:400:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lets[BUFSZ];
data/bsdgames-2.17/hack/hack.invent.c:572:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSZ];
data/bsdgames-2.17/hack/hack.invent.c:577:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char olets[20], ilets[20];
data/bsdgames-2.17/hack/hack.invent.c:728:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char li[BUFSZ];
data/bsdgames-2.17/hack/hack.invent.c:752:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char any[BUFSZ];
data/bsdgames-2.17/hack/hack.invent.c:782:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stuff[BUFSZ];
data/bsdgames-2.17/hack/hack.invent.c:892:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char gbuf[30];
data/bsdgames-2.17/hack/hack.invent.c:999:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lets[6];
data/bsdgames-2.17/hack/hack.invent.c:1024:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lets[3];
data/bsdgames-2.17/hack/hack.main.c:91:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char SAVEF[PL_NSIZ + 11] = "save/"; /* save/99999player */
data/bsdgames-2.17/hack/hack.main.c:93:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char obuf[BUFSIZ]; /* BUFSIZ is defined in stdio.h */
data/bsdgames-2.17/hack/hack.main.c:109:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open("/dev/null", O_RDONLY);
data/bsdgames-2.17/hack/hack.main.c:244:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
locknum = atoi(argv[1]);
data/bsdgames-2.17/hack/hack.main.c:260:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
(void) strcpy(plname, "wizard");
data/bsdgames-2.17/hack/hack.main.c:313:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(SAVEF, O_RDONLY)) >= 0 &&
data/bsdgames-2.17/hack/hack.main.c:489:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(tf, ".%d", foo);
data/bsdgames-2.17/hack/hack.main.c:571:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(RECORD, O_RDWR)) < 0) {
data/bsdgames-2.17/hack/hack.objnam.c:95:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[13];
data/bsdgames-2.17/hack/hack.objnam.c:104:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[BUFSZ];
data/bsdgames-2.17/hack/hack.objnam.c:155:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char bufr[BUFSZ];
data/bsdgames-2.17/hack/hack.objnam.c:320:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prefix[PREFIX];
data/bsdgames-2.17/hack/hack.objnam.c:382:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prefix[PREFIX];
data/bsdgames-2.17/hack/hack.objnam.c:443:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cnt = atoi(bp);
data/bsdgames-2.17/hack/hack.objnam.c:454:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
spe = atoi(bp);
data/bsdgames-2.17/hack/hack.objnam.c:467:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
spe = atoi(p);
data/bsdgames-2.17/hack/hack.options.c:182:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
num = atoi(op);
data/bsdgames-2.17/hack/hack.options.c:242:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSZ];
data/bsdgames-2.17/hack/hack.options.c:247:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
(void) strcpy(buf, "HACKOPTIONS=");
data/bsdgames-2.17/hack/hack.options.c:250:11: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
(void) strcat(buf, "standout,");
data/bsdgames-2.17/hack/hack.options.c:252:11: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
(void) strcat(buf, "nonull,");
data/bsdgames-2.17/hack/hack.options.c:254:11: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
(void) strcat(buf, "nonews,");
data/bsdgames-2.17/hack/hack.options.c:256:11: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
(void) strcat(buf, "time,");
data/bsdgames-2.17/hack/hack.options.c:258:11: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
(void) strcat(buf, "notombstone,");
data/bsdgames-2.17/hack/hack.options.c:260:11: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
(void) strcat(buf, "!rest_on_space,");
data/bsdgames-2.17/hack/hack.options.c:262:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(eos(buf), "endgame: %u topscores/%u around me",
data/bsdgames-2.17/hack/hack.options.c:265:12: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
(void) strcat(buf, "/own scores");
data/bsdgames-2.17/hack/hack.pager.c:86:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bufr[BUFSZ + 6];
data/bsdgames-2.17/hack/hack.pager.c:89:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fp = fopen(DATAFILE, "r")))
data/bsdgames-2.17/hack/hack.pager.c:374:24: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int fd = open(fnam, O_RDONLY);
data/bsdgames-2.17/hack/hack.pager.c:405:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((f = fopen(fnam, "r")) == (FILE *) 0) {
data/bsdgames-2.17/hack/hack.pri.c:718:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char oldbot[100], newbot[100];
data/bsdgames-2.17/hack/hack.pri.c:738:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(newbot,
data/bsdgames-2.17/hack/hack.pri.c:742:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(newbot,
data/bsdgames-2.17/hack/hack.pri.c:748:11: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
(void) strcat(newbot, "18/**");
data/bsdgames-2.17/hack/hack.pri.c:750:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(eos(newbot), "18/%02d", u.ustr - 18);
data/bsdgames-2.17/hack/hack.pri.c:752:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(eos(newbot), "%-2d ", u.ustr);
data/bsdgames-2.17/hack/hack.pri.c:754:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(eos(newbot), " Exp %2d/%-5lu ", u.ulevel, u.uexp);
data/bsdgames-2.17/hack/hack.pri.c:756:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(eos(newbot), " Exp %2u ", u.ulevel);
data/bsdgames-2.17/hack/hack.pri.c:760:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(eos(newbot), " %ld", moves);
data/bsdgames-2.17/hack/hack.read.c:253:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSZ];
data/bsdgames-2.17/hack/hack.rip.c:89:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSZ];
data/bsdgames-2.17/hack/hack.rip.c:97:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(buf, "%ld AU", u.ugold);
data/bsdgames-2.17/hack/hack.rip.c:121:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(buf, "%4d", getyear());
data/bsdgames-2.17/hack/hack.rumors.c:95:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[COLNO];
data/bsdgames-2.17/hack/hack.rumors.c:108:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[COLNO];
data/bsdgames-2.17/hack/hack.rumors.c:124:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
(rumf = fopen(RUMORFILE, "r")) == (FILE *) 0)
data/bsdgames-2.17/hack/hack.save.c:137:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((ofd = open(lock, O_RDONLY)) < 0) {
data/bsdgames-2.17/hack/hack.shk.c:806:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSZ];
data/bsdgames-2.17/hack/hack.shk.c:846:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(&buf[cnt], " %5ld zorkmids", thisused);
data/bsdgames-2.17/hack/hack.shk.c:851:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(buf, "Total:%50ld zorkmids", totused);
data/bsdgames-2.17/hack/hack.shknam.c:225:12: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
(void) strcpy(nampt, "Dirk");
data/bsdgames-2.17/hack/hack.termcap.c:79:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char tbuf[512];
data/bsdgames-2.17/hack/hack.topl.c:73:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char toplines[BUFSZ];
data/bsdgames-2.17/hack/hack.topl.c:217:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pbuf[BUFSZ];
data/bsdgames-2.17/hack/hack.topl.c:238:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
(void) strcat(toplines, " ");
data/bsdgames-2.17/hack/hack.trap.c:484:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSZ];
data/bsdgames-2.17/hack/hack.trap.c:490:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
newlevel = atoi(buf);
data/bsdgames-2.17/hack/hack.tty.c:317:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char inputline[COLNO];
data/bsdgames-2.17/hack/hack.u_init.c:81:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pl_character[PL_CSIZ];
data/bsdgames-2.17/hack/hack.u_init.c:88:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rolesyms[NR_OF_ROLES + 1]; /* filled by u_init() */
data/bsdgames-2.17/hack/hack.u_init.c:398:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
type = atoi(ep);
data/bsdgames-2.17/hack/hack.unix.c:123:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char datestr[7];
data/bsdgames-2.17/hack/hack.unix.c:126:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(datestr, "%02d%02d%02d",
data/bsdgames-2.17/hack/hack.unix.c:188:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAXPATHLEN + 1];
data/bsdgames-2.17/hack/hack.unix.c:307:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(lock, O_RDONLY)) == -1) {
data/bsdgames-2.17/hack/hack.vault.c:177:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSZ];
data/bsdgames-2.17/hack/hack.zap.c:241:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSZ];
data/bsdgames-2.17/hack/makedefs.c:80:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[STRSZ];
data/bsdgames-2.17/hack/makedefs.c:104:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(argv[1], O_RDONLY)) < 0) {
data/bsdgames-2.17/hack/makedefs.c:143:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[LINSZ], *lp = line, *lp0 = line, *lpe = line;
data/bsdgames-2.17/hack/makedefs.c:214:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char identif[NSZ], *ip;
data/bsdgames-2.17/hangman/extern.c:45:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Word[BUFSIZ], Known[BUFSIZ];
data/bsdgames-2.17/hangman/main.c:68:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
Minlen = atoi(optarg);
data/bsdgames-2.17/hangman/setup.c:71:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((Dict = fopen(Dict_name, "r")) == NULL) {
data/bsdgames-2.17/hunt/hunt/hunt.c:87:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Buf[BUFSIZ];
data/bsdgames-2.17/hunt/hunt/hunt.c:105:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char map_key[256]; /* what to map keys to */
data/bsdgames-2.17/hunt/hunt/hunt.c:108:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char name[NAMELEN];
data/bsdgames-2.17/hunt/hunt/hunt.c:187:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
Test_port = atoi(use_port);
data/bsdgames-2.17/hunt/hunt/hunt.c:412:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(*vector)[vec_cnt++], ip->ifa_broadaddr,
data/bsdgames-2.17/hunt/hunt/hunt.c:429:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char local_name[MAXHOSTNAMELEN + 1];
data/bsdgames-2.17/hunt/hunt/hunt.c:617:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[80];
data/bsdgames-2.17/hunt/hunt/hunt.c:628:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(buf, "%8c %.64s", 'a' + i,
data/bsdgames-2.17/hunt/hunt/hunt.c:664:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZ];
data/bsdgames-2.17/hunt/hunt/hunt.c:1039:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
Test_port = atoi(use_port);
data/bsdgames-2.17/hunt/hunt/otto.c:74:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char screen[SCREEN_HEIGHT][SCREEN_WIDTH2];
data/bsdgames-2.17/hunt/hunt/otto.c:112:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
STATIC char command[BUFSIZ];
data/bsdgames-2.17/hunt/hunt/otto.c:142:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
STATIC char been_there[HEIGHT][WIDTH2];
data/bsdgames-2.17/hunt/hunt/otto.c:173:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
debug = fopen("bug", "w");
data/bsdgames-2.17/hunt/hunt/otto.c:447:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(flbr, items, sizeof flbr);
data/bsdgames-2.17/hunt/hunt/playit.c:71:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char screen[SCREEN_HEIGHT][SCREEN_WIDTH2], blanks[SCREEN_WIDTH];
data/bsdgames-2.17/hunt/hunt/playit.c:90:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char ibuf[256], *iptr = ibuf;
data/bsdgames-2.17/hunt/hunt/playit.c:286:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char inp[sizeof Buf];
data/bsdgames-2.17/hunt/hunt/playit.c:380:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[WIDTH + WIDTH % 2];
data/bsdgames-2.17/hunt/hunt/playit.c:551:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(screen[i], blanks, SCREEN_WIDTH);
data/bsdgames-2.17/hunt/hunt/playit.c:584:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&screen[cur_row][cur_col], blanks, SCREEN_WIDTH - cur_col);
data/bsdgames-2.17/hunt/huntd/answer.c:48:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char Ttyname[NAMELEN];
data/bsdgames-2.17/hunt/huntd/answer.c:56:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char name[NAMELEN];
data/bsdgames-2.17/hunt/huntd/answer.c:125:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZ + 1];
data/bsdgames-2.17/hunt/huntd/answer.c:207:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pp->p_maze, Maze, sizeof Maze);
data/bsdgames-2.17/hunt/huntd/answer.c:211:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(Buf, "%5.5s%c%-10.10s %c", " ", stat_char(pp),
data/bsdgames-2.17/hunt/huntd/answer.c:315:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(Buf, "%5.2f%c%-10.10s %c", newpp->p_ident->i_score,
data/bsdgames-2.17/hunt/huntd/answer.c:321:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char smallbuf[10];
data/bsdgames-2.17/hunt/huntd/answer.c:327:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(smallbuf, "%3d", pp->p_ammo);
data/bsdgames-2.17/hunt/huntd/draw.c:82:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(Buf, "%3d", pp->p_ammo);
data/bsdgames-2.17/hunt/huntd/draw.c:93:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(Buf, "%2d/%2d", pp->p_damage, pp->p_damcap);
data/bsdgames-2.17/hunt/huntd/draw.c:99:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(Buf, "%3d", (pp->p_damcap - MAXDAM) / 2);
data/bsdgames-2.17/hunt/huntd/draw.c:106:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(Buf, "%5.2f%c%-10.10s %c", np->p_ident->i_score,
data/bsdgames-2.17/hunt/huntd/draw.c:117:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(Buf, "%5.5s %-10.10s %c", " ",
data/bsdgames-2.17/hunt/huntd/draw.c:270:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
ch = ((char *) Maze)[index];
data/bsdgames-2.17/hunt/huntd/driver.c:117:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
Test_port = atoi(optarg);
data/bsdgames-2.17/hunt/huntd/driver.c:502:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(Buf, "%2d", ouch->p_damage);
data/bsdgames-2.17/hunt/huntd/driver.c:584:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(Buf, "%2d/%2d", gotcha->p_damage, gotcha->p_damcap);
data/bsdgames-2.17/hunt/huntd/driver.c:587:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(Buf, "%3d", (gotcha->p_damcap - MAXDAM) / 2);
data/bsdgames-2.17/hunt/huntd/driver.c:590:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(Buf, "%5.2f", gotcha->p_ident->i_score);
data/bsdgames-2.17/hunt/huntd/driver.c:756:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pp, End_player, sizeof (PLAYER));
data/bsdgames-2.17/hunt/huntd/driver.c:759:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(Buf, "%5.2f%c%-10.10s %c",
data/bsdgames-2.17/hunt/huntd/driver.c:795:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pp, End_monitor, sizeof (PLAYER));
data/bsdgames-2.17/hunt/huntd/driver.c:798:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(Buf, "%5.5s %-10.10s %c", " ",
data/bsdgames-2.17/hunt/huntd/execute.c:67:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
(void) strcpy(pp->p_death, "| Quit |");
data/bsdgames-2.17/hunt/huntd/execute.c:92:11: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
(void) strcpy(pp->p_death, "| Quit |");
data/bsdgames-2.17/hunt/huntd/execute.c:185:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
(void) strcpy(pp->p_death, "| Quit |");
data/bsdgames-2.17/hunt/huntd/execute.c:369:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(Buf, "%3d", pp->p_ammo);
data/bsdgames-2.17/hunt/huntd/execute.c:418:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(Buf, "%3d", pp->p_ammo);
data/bsdgames-2.17/hunt/huntd/execute.c:539:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(Buf, "%3d", --pp->p_ammo);
data/bsdgames-2.17/hunt/huntd/execute.c:563:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(Buf, "%3d", --pp->p_ammo);
data/bsdgames-2.17/hunt/huntd/execute.c:603:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(Buf, "%3d", pp->p_ammo);
data/bsdgames-2.17/hunt/huntd/extern.c:44:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Buf[BUFSIZ]; /* general scribbling buffer */
data/bsdgames-2.17/hunt/huntd/extern.c:45:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Maze[HEIGHT][WIDTH2]; /* the maze */
data/bsdgames-2.17/hunt/huntd/extern.c:46:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Orig_maze[HEIGHT][WIDTH2]; /* the original maze */
data/bsdgames-2.17/hunt/huntd/faketalk.c:91:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZ];
data/bsdgames-2.17/hunt/huntd/get_names.c:55:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char hostname[MAXHOSTNAMELEN + 1];
data/bsdgames-2.17/hunt/huntd/get_names.c:97:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&my_machine_addr, hp->h_addr, hp->h_length);
data/bsdgames-2.17/hunt/huntd/get_names.c:155:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&his_machine_addr, &my_machine_addr,
data/bsdgames-2.17/hunt/huntd/get_names.c:162:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&his_machine_addr, hp->h_addr, hp->h_length);
data/bsdgames-2.17/hunt/huntd/hunt.h:292:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char i_name[NAMELEN];
data/bsdgames-2.17/hunt/huntd/hunt.h:335:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char p_death[MSGLEN];
data/bsdgames-2.17/hunt/huntd/hunt.h:336:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char p_maze[HEIGHT][WIDTH2];
data/bsdgames-2.17/hunt/huntd/hunt.h:339:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char p_cbuf[BUFSIZ];
data/bsdgames-2.17/hunt/huntd/hunt.h:372:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char Buf[BUFSIZ], Maze[HEIGHT][WIDTH2], Orig_maze[HEIGHT][WIDTH2];
data/bsdgames-2.17/hunt/huntd/hunt.h:412:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char map_key[256];
data/bsdgames-2.17/hunt/huntd/makemaze.c:232:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Orig_maze, Maze, sizeof Maze);
data/bsdgames-2.17/hunt/huntd/shots.c:319:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(Buf, "%3d", pp->p_ammo);
data/bsdgames-2.17/hunt/huntd/shots.c:500:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(Buf, "%3d", pp->p_ammo);
data/bsdgames-2.17/hunt/huntd/talk_ctl.h:76:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char l_name[NAME_SIZE];
data/bsdgames-2.17/hunt/huntd/talk_ctl.h:77:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char r_name[NAME_SIZE];
data/bsdgames-2.17/hunt/huntd/talk_ctl.h:80:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char r_tty[TTY_SIZE];
data/bsdgames-2.17/lib/getloadavg.c:42:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen("/proc/loadavg", "r");
data/bsdgames-2.17/mille/extern.c:54:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Initstr[100]; /* initial string for error field */
data/bsdgames-2.17/mille/mille.c:64:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
outf = fopen("q", "w");
data/bsdgames-2.17/mille/move.c:439:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAXPATHLEN];
data/bsdgames-2.17/mille/move.c:466:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((outf = fopen(buf, "w")) == NULL)
data/bsdgames-2.17/mille/save.c:65:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[80];
data/bsdgames-2.17/mille/save.c:150:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[80];
data/bsdgames-2.17/mille/save.c:153:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((inf = open(file, O_RDONLY)) < 0) {
data/bsdgames-2.17/mille/varpush.c:90:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[80];
data/bsdgames-2.17/mille/varpush.c:94:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((outf = fopen(buf, "w")) == NULL) {
data/bsdgames-2.17/monop/cards.c:72:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((deckf=fopen(cardfile, "r")) == NULL) {
data/bsdgames-2.17/monop/execute.c:55:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[257];
data/bsdgames-2.17/monop/execute.c:245:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[80];
data/bsdgames-2.17/monop/execute.c:249:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((inf=open(file, O_RDONLY)) < 0) {
data/bsdgames-2.17/monop/getinp.c:48:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[257];
data/bsdgames-2.17/monop/houses.c:43:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *names[N_MON+2];
data/bsdgames-2.17/monop/houses.c:44:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char cur_prop[80];
data/bsdgames-2.17/monop/initdeck.c:61:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char c[4];
data/bsdgames-2.17/monop/initdeck.c:68:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&rv, c, sizeof rv);
data/bsdgames-2.17/monop/initdeck.c:117:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((inf = fopen(infile, "r")) == NULL) {
data/bsdgames-2.17/monop/initdeck.c:132:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((outf = fopen(outfile, "w")) == NULL) {
data/bsdgames-2.17/monop/initdeck.c:269:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char c[8];
data/bsdgames-2.17/monop/misc.c:100:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[257];
data/bsdgames-2.17/monop/monop.c:109:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[257];
data/bsdgames-2.17/monop/monop.h:93:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char sqnums[3]; /* Square numbers (used to init)*/
data/bsdgames-2.17/monop/morg.c:47:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *names[MAX_PRP+2],
data/bsdgames-2.17/monop/prop.c:168:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[80];
data/bsdgames-2.17/monop/trade.c:52:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *plist[MAX_PRP+2];
data/bsdgames-2.17/morse/morse.c:154:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char foo[10]; /* All morse chars shorter than this */
data/bsdgames-2.17/number/number.c:94:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[256];
data/bsdgames-2.17/phantasia/fight.c:863:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Curmonster.m_name, "Morgoth");
data/bsdgames-2.17/phantasia/gamesupport.c:15:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char flag[2] = /* for printing values of bools */
data/bsdgames-2.17/phantasia/gamesupport.c:462:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(_PATH_SCORE, "r")) != NULL) {
data/bsdgames-2.17/phantasia/gamesupport.c:521:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(_PATH_SCORE, "r+")) != NULL) {
data/bsdgames-2.17/phantasia/interplayer.c:643:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(_PATH_MESS, "w");
data/bsdgames-2.17/phantasia/interplayer.c:650:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(_PATH_VOID, "w");
data/bsdgames-2.17/phantasia/interplayer.c:719:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(_PATH_GOLD, "r+")) != NULL)
data/bsdgames-2.17/phantasia/io.c:103:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[81]; /* a place to store data already on screen */
data/bsdgames-2.17/phantasia/main.c:293:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((Playersfp = fopen(_PATH_PEOPLE, "r+")) == NULL)
data/bsdgames-2.17/phantasia/main.c:299:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((Monstfp = fopen(_PATH_MONST, "r+")) == NULL)
data/bsdgames-2.17/phantasia/main.c:303:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((Messagefp = fopen(_PATH_MESS, "r")) == NULL)
data/bsdgames-2.17/phantasia/main.c:307:22: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((Energyvoidfp = fopen(_PATH_VOID, "r+")) == NULL)
data/bsdgames-2.17/phantasia/main.c:511:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(_PATH_MESS, "w");
data/bsdgames-2.17/phantasia/main.c:633:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hiname[21], nxtname[21]; /* used for finding the two
data/bsdgames-2.17/phantasia/main.c:641:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(_PATH_MOTD, "r")) != NULL
data/bsdgames-2.17/phantasia/main.c:719:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(_PATH_LASTDEAD, "r")) != NULL
data/bsdgames-2.17/phantasia/map.c:134:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s1[2];
data/bsdgames-2.17/phantasia/map.c:151:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s1[2];
data/bsdgames-2.17/phantasia/misc.c:73:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *const nametable[4][4] = /* names of places */
data/bsdgames-2.17/phantasia/misc.c:138:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(Databuf, "%.29s", label);
data/bsdgames-2.17/phantasia/misc.c:654:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(_PATH_LASTDEAD, "w");
data/bsdgames-2.17/phantasia/misc.c:661:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(_PATH_MESS, "w");
data/bsdgames-2.17/phantasia/misc.c:1063:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(_PATH_GOLD, "r+")) != NULL)
data/bsdgames-2.17/phantasia/phantglobs.c:110:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Databuf[SZ_DATABUF]; /* a place to read data into */
data/bsdgames-2.17/phantasia/phantstruct.h:64:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char p_name[SZ_NAME]; /* name */
data/bsdgames-2.17/phantasia/phantstruct.h:65:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char p_password[SZ_PASSWORD];/* password */
data/bsdgames-2.17/phantasia/phantstruct.h:66:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char p_login[SZ_LOGIN]; /* login */
data/bsdgames-2.17/phantasia/phantstruct.h:88:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char m_name[26]; /* name */
data/bsdgames-2.17/phantasia/phantstruct.h:101:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sb_type[4]; /* character type of player */
data/bsdgames-2.17/phantasia/phantstruct.h:102:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sb_name[SZ_NAME]; /* name of player */
data/bsdgames-2.17/phantasia/phantstruct.h:103:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sb_login[SZ_LOGIN]; /* login of player */
data/bsdgames-2.17/phantasia/setup.c:113:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(path, "w")) == NULL)
data/bsdgames-2.17/phantasia/setup.c:119:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((Monstfp = fopen(path, "w")) == NULL)
data/bsdgames-2.17/phantasia/setup.c:123:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(monsterfile, "r")) == NULL)
data/bsdgames-2.17/phantasia/setup.c:163:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(path, "w")) == NULL)
data/bsdgames-2.17/pig/pig.c:66:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/bsdgames-2.17/pom/pom.c:101:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/bsdgames-2.17/ppt/ppt.c:72:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *p, buf[132];
data/bsdgames-2.17/primes/primes.c:88:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char table[TABSIZE]; /* Eratosthenes sieve of odd numbers */
data/bsdgames-2.17/primes/primes.c:182:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *p, buf[LINE_MAX]; /* > max number of digits. */
data/bsdgames-2.17/primes/primes.c:277:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(table, &pattern[factor], pattern_size-factor);
data/bsdgames-2.17/primes/primes.c:281:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&table[fact_lim], pattern, pattern_size);
data/bsdgames-2.17/primes/primes.c:284:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&table[fact_lim], pattern, TABSIZE-fact_lim);
data/bsdgames-2.17/quiz/quiz.c:131:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(file, "r")) == NULL)
data/bsdgames-2.17/quiz/quiz.c:236:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *answer, *t, question[LINE_SZ];
data/bsdgames-2.17/quiz/rxp.c:83:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rxperr[128]; /* parser error message */
data/bsdgames-2.17/quiz/rxp.c:274:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[RXP_LINE_SZ/2];
data/bsdgames-2.17/robots/auto.c:146:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char ans[sizeof moves];
data/bsdgames-2.17/robots/auto.c:231:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ok_moves[10], best_move;
data/bsdgames-2.17/robots/extern.c:61:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Field[Y_FIELDSIZE][X_FIELDSIZE]; /* the playing field itslef */
data/bsdgames-2.17/robots/main.c:64:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
score_wfd = open(Scorefile, O_RDWR);
data/bsdgames-2.17/robots/main.c:80:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
Max_per_uid = atoi(av[0]);
data/bsdgames-2.17/robots/main.c:85:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
score_wfd = open(Scorefile, O_RDWR);
data/bsdgames-2.17/robots/robots.h:91:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s_name[MAXNAME];
data/bsdgames-2.17/robots/robots.h:107:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char Cnt_move, Field[Y_FIELDSIZE][X_FIELDSIZE], Run_ch;
data/bsdgames-2.17/robots/score.c:224:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((inf = open(Scorefile, O_RDONLY)) < 0) {
data/bsdgames-2.17/sail/dr_1.c:147:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char message[60];
data/bsdgames-2.17/sail/dr_2.c:151:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[10];
data/bsdgames-2.17/sail/dr_2.c:233:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char st[4];
data/bsdgames-2.17/sail/dr_2.c:238:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(st, "%d", n);
data/bsdgames-2.17/sail/dr_3.c:59:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char moved[NSHIP];
data/bsdgames-2.17/sail/extern.h:143:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char l_name[20];
data/bsdgames-2.17/sail/extern.h:177:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char captain[20]; /* 0 */
data/bsdgames-2.17/sail/extern.h:188:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char movebuf[10]; /* 72 */
data/bsdgames-2.17/sail/extern.h:268:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char AMMO[9][4];
data/bsdgames-2.17/sail/extern.h:269:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char HDT[9][10];
data/bsdgames-2.17/sail/extern.h:270:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char HDTrake[9][10];
data/bsdgames-2.17/sail/extern.h:271:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char QUAL[9][5];
data/bsdgames-2.17/sail/extern.h:272:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char MT[9][3];
data/bsdgames-2.17/sail/globals.c:444:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char AMMO[9][4] = {
data/bsdgames-2.17/sail/globals.c:456:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char HDT[9][10] = {
data/bsdgames-2.17/sail/globals.c:468:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char HDTrake[9][10] = {
data/bsdgames-2.17/sail/globals.c:480:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char QUAL[9][5] = {
data/bsdgames-2.17/sail/globals.c:492:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char MT[9][3] = {
data/bsdgames-2.17/sail/lo_main.c:63:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sbuf[32];
data/bsdgames-2.17/sail/lo_main.c:69:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(_PATH_LOGFILE, "r")) == 0) {
data/bsdgames-2.17/sail/lo_main.c:88:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(sbuf, "%20.20s", log.l_name);
data/bsdgames-2.17/sail/main.c:67:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open("/dev/null", O_RDONLY);
data/bsdgames-2.17/sail/main.c:112:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
game = atoi(*argv);
data/bsdgames-2.17/sail/misc.c:207:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(_PATH_LOGFILE, "r+")) == NULL) {
data/bsdgames-2.17/sail/pl_4.c:76:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[60];
data/bsdgames-2.17/sail/pl_4.c:92:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[3];
data/bsdgames-2.17/sail/pl_5.c:62:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prompt[60];
data/bsdgames-2.17/sail/pl_5.c:63:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[60], last = '\0';
data/bsdgames-2.17/sail/pl_5.c:73:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(prompt, "move (%d,%c%d): ", ma, af ? '\'' : ' ', ta);
data/bsdgames-2.17/sail/pl_7.c:75:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char movebuf[sizeof SHIP(0)->file->movebuf];
data/bsdgames-2.17/sail/pl_7.c:175:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char format[BUFSIZ];
data/bsdgames-2.17/sail/pl_7.c:216:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[BUFSIZ];
data/bsdgames-2.17/sail/pl_main.c:69:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char captain[80];
data/bsdgames-2.17/sail/pl_main.c:70:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char message[60];
data/bsdgames-2.17/sail/pl_main.c:210:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(captain, "no name");
data/bsdgames-2.17/sail/pl_main.c:217:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[10];
data/bsdgames-2.17/sail/player.h:92:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char movebuf[sizeof SHIP(0)->file->movebuf];
data/bsdgames-2.17/sail/sync.c:62:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char sync_buf[BUFSIZE];
data/bsdgames-2.17/sail/sync.c:64:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char sync_lock[sizeof SF];
data/bsdgames-2.17/sail/sync.c:65:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char sync_file[sizeof LF];
data/bsdgames-2.17/sail/sync.c:97:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char message[BUFSIZ];
data/bsdgames-2.17/sail/sync.c:98:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char format[BUFSIZ];
data/bsdgames-2.17/sail/sync.c:112:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char message[BUFSIZ];
data/bsdgames-2.17/sail/sync.c:124:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[sizeof sync_file];
data/bsdgames-2.17/sail/sync.c:158:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
sync_fp = fopen(sync_file, "w+");
data/bsdgames-2.17/sail/sync.c:161:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
sync_fp = fopen(sync_file, "r+");
data/bsdgames-2.17/sail/sync.c:185:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(sync_bp, "%d %d 0 %ld %ld %ld %ld\n",
data/bsdgames-2.17/sail/sync.c:215:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[80];
data/bsdgames-2.17/sail/sync.c:483:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(ship->file->captain, "begin");
data/bsdgames-2.17/snake/snake/snake.c:151:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
rawscores = open(_PATH_RAWSCORES, O_RDWR|O_CREAT, 0664);
data/bsdgames-2.17/snake/snake/snake.c:157:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
logfile = fopen(_PATH_LOGFILE, "a");
data/bsdgames-2.17/snake/snake/snake.c:170:9: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tv = atol(optarg);
data/bsdgames-2.17/snake/snake/snake.c:174:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ccnt = atoi(optarg);
data/bsdgames-2.17/snake/snake/snake.c:177:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
lcnt = atoi(optarg);
data/bsdgames-2.17/snake/snscore/snscore.c:80:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen(recfile, "r");
data/bsdgames-2.17/tetris/scores.c:115:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
sd = open(_PATH_SCOREFILE, mint, 0666);
data/bsdgames-2.17/tetris/scores.c:221:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char u[sizeof(scores[0].hs_name)];
data/bsdgames-2.17/tetris/scores.c:236:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(u, p, l);
data/bsdgames-2.17/tetris/scores.c:416:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/bsdgames-2.17/tetris/scores.h:41:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hs_name[20]; /* login name */
data/bsdgames-2.17/tetris/screen.c:102:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tcname[3];
data/bsdgames-2.17/tetris/screen.c:124:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char combuf[1024], tbuf[1024];
data/bsdgames-2.17/tetris/screen.c:158:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tcname[3];
data/bsdgames-2.17/tetris/tetris.c:74:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key_msg[100];
data/bsdgames-2.17/tetris/tetris.c:135:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key_write[6][10];
data/bsdgames-2.17/tetris/tetris.c:143:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open("/dev/null", O_RDONLY);
data/bsdgames-2.17/tetris/tetris.c:157:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
level = atoi(optarg);
data/bsdgames-2.17/tetris/tetris.c:189:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(key_write[i], "<space>");
data/bsdgames-2.17/tetris/tetris.h:169:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char key_msg[100];
data/bsdgames-2.17/trek/destruct.c:72:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char checkpass[15];
data/bsdgames-2.17/trek/dumpgame.c:129:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open("trek.dump", O_RDONLY)) < 0 ||
data/bsdgames-2.17/trek/events.c:396:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, Quad, sizeof (Quad));
data/bsdgames-2.17/trek/events.c:398:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, Event, sizeof (Event));
data/bsdgames-2.17/trek/events.c:400:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, &Now, sizeof (Now));
data/bsdgames-2.17/trek/externs.c:67:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *const Systemname[NINHAB] =
data/bsdgames-2.17/trek/externs.c:106:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Sect[NSECTS][NSECTS];
data/bsdgames-2.17/trek/getpar.c:128:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char input[100];
data/bsdgames-2.17/trek/getpar.c:210:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char format[20];
data/bsdgames-2.17/trek/help.c:66:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *const Cntvect[3] =
data/bsdgames-2.17/trek/main.c:220:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
prio = atoi(av[0] + 2);
data/bsdgames-2.17/trek/shield.c:75:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[100];
data/bsdgames-2.17/trek/srscan.c:60:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *const Color[4] =
data/bsdgames-2.17/trek/trek.h:83:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char *const Systemname[NINHAB];
data/bsdgames-2.17/trek/trek.h:99:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char Sect[NSECTS][NSECTS];
data/bsdgames-2.17/trek/trek.h:256:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char passwd[15]; /* game password */
data/bsdgames-2.17/trek/trek.h:297:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char moveprob[6]; /* probability that a Klingon moves */
data/bsdgames-2.17/trek/trek.h:334:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char snapshot[sizeof Quad + sizeof Event + sizeof Now]; /* snapshot for time warp */
data/bsdgames-2.17/trek/warp.c:184:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, Quad, sizeof Quad);
data/bsdgames-2.17/trek/warp.c:186:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, Event, sizeof Event);
data/bsdgames-2.17/trek/warp.c:188:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, &Now, sizeof Now);
data/bsdgames-2.17/worm/worm.c:81:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outbuf[BUFSIZ];
data/bsdgames-2.17/worm/worm.c:127:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
start_len = atoi(argv[1]);
data/bsdgames-2.17/worms/worms.c:220:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ((length = atoi(optarg)) < 2 || length > 1024) {
data/bsdgames-2.17/worms/worms.c:226:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ((number = atoi(optarg)) < 1) {
data/bsdgames-2.17/wump/wump.c:113:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char answer[20]; /* user input */
data/bsdgames-2.17/wump/wump.c:157:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
arrow_num = atoi(optarg);
data/bsdgames-2.17/wump/wump.c:160:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bat_num = atoi(optarg);
data/bsdgames-2.17/wump/wump.c:171:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pit_num = atoi(optarg);
data/bsdgames-2.17/wump/wump.c:174:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
room_num = atoi(optarg);
data/bsdgames-2.17/wump/wump.c:187:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
link_num = atoi(optarg);
data/bsdgames-2.17/wump/wump.c:330:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
next_room = atoi(room_number);
data/bsdgames-2.17/wump/wump.c:351:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
next_room = atoi(answer);
data/bsdgames-2.17/wump/wump.c:440:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
next = atoi(p);
data/bsdgames-2.17/wump/wump.c:669:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[20];
data/bsdgames-2.17/wump/wump.c:775:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(_PATH_WUMPINFO, O_RDONLY)) == -1)
data/bsdgames-2.17/adventure/extern.h:120:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define length(str) (strlen((str)) + 1)
data/bsdgames-2.17/adventure/hdr.h:66:65: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
#define FLUSHLINE do { int flushline_ch; while ((flushline_ch = getchar()) != EOF && flushline_ch != '\n'); } while (0)
data/bsdgames-2.17/adventure/io.c:68:13: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((*s = getchar()) >= 'A' && *s <= 'Z')
data/bsdgames-2.17/adventure/io.c:111:13: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((ch = getchar()) == 'y')
data/bsdgames-2.17/adventure/io.c:139:13: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((ch = getchar()) == 'y')
data/bsdgames-2.17/adventure/setup.c:101:14: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((c = getc(infile)) != EOF) {
data/bsdgames-2.17/adventure/setup.c:104:16: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((c = getc(infile)) == ' ' && c != EOF);
data/bsdgames-2.17/adventure/wizard.c:138:8: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getchar();
data/bsdgames-2.17/arithmetic/arithmetic.c:182:10: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while(!getchar()) ;
data/bsdgames-2.17/atc/graphics.c:71:14: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((c = getchar()) == EOF && errno == EINTR) {
data/bsdgames-2.17/atc/graphics.c:309:6: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = getchar();
data/bsdgames-2.17/atc/graphics.c:407:14: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((c = getchar()) != EOF && c != ' ')
data/bsdgames-2.17/atc/input.c:186:2: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(T_STR, "");
data/bsdgames-2.17/atc/input.c:202:2: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(T_STR, "");
data/bsdgames-2.17/atc/input.c:215:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
newpos = T_POS + strlen(T_STR);
data/bsdgames-2.17/atc/input.c:225:2: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(T_STR, "");
data/bsdgames-2.17/atc/input.c:269:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ioerror(stack[i].pos, strlen(stack[i].str), s);
data/bsdgames-2.17/atc/log.c:109:13: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
old_mask = umask(0);
data/bsdgames-2.17/atc/log.c:111:2: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(old_mask);
data/bsdgames-2.17/atc/main.c:126:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf[strlen(buf) - 1] = '\0';
data/bsdgames-2.17/atc/main.c:250:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line) - 1] = '\0';
data/bsdgames-2.17/atc/main.c:273:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line) - 1] = '\0';
data/bsdgames-2.17/backgammon/backgammon/move.c:457:2: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(tests, "");
data/bsdgames-2.17/backgammon/backgammon/move.c:499:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(tests, "o");
data/bsdgames-2.17/backgammon/backgammon/move.c:504:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(tests, "e");
data/bsdgames-2.17/backgammon/backgammon/move.c:509:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(tests, "i");
data/bsdgames-2.17/backgammon/backgammon/move.c:516:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(tests, "i");
data/bsdgames-2.17/backgammon/backgammon/move.c:524:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(tests, "c");
data/bsdgames-2.17/backgammon/backgammon/move.c:529:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(tests, "o");
data/bsdgames-2.17/backgammon/backgammon/move.c:534:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(tests, "o");
data/bsdgames-2.17/backgammon/backgammon/move.c:539:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(tests, "b");
data/bsdgames-2.17/backgammon/backgammon/move.c:544:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(tests, "e");
data/bsdgames-2.17/backgammon/backgammon/move.c:549:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(tests, "f");
data/bsdgames-2.17/backgammon/backgammon/move.c:554:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(tests, "p");
data/bsdgames-2.17/backgammon/backgammon/move.c:559:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(tests, "i");
data/bsdgames-2.17/backgammon/backgammon/move.c:564:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(tests, "f");
data/bsdgames-2.17/backgammon/common_source/fancy.c:432:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
count = strlen(m);
data/bsdgames-2.17/backgammon/common_source/fancy.c:720:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lHO = strlen(HO);
data/bsdgames-2.17/backgammon/common_source/fancy.c:722:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lBC = strlen(BC);
data/bsdgames-2.17/backgammon/common_source/fancy.c:726:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lUP = strlen(UP);
data/bsdgames-2.17/backgammon/common_source/fancy.c:728:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lND = strlen(ND);
data/bsdgames-2.17/backgammon/common_source/save.c:155:2: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read(fdesc, board, sizeof board);
data/bsdgames-2.17/backgammon/common_source/save.c:156:2: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read(fdesc, off, sizeof off);
data/bsdgames-2.17/backgammon/common_source/save.c:157:2: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read(fdesc, in, sizeof in);
data/bsdgames-2.17/backgammon/common_source/save.c:158:2: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read(fdesc, dice, sizeof dice);
data/bsdgames-2.17/backgammon/common_source/save.c:159:2: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read(fdesc, &cturn, sizeof cturn);
data/bsdgames-2.17/backgammon/common_source/save.c:160:2: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read(fdesc, &dlast, sizeof dlast);
data/bsdgames-2.17/backgammon/common_source/save.c:161:2: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read(fdesc, &pnum, sizeof pnum);
data/bsdgames-2.17/backgammon/common_source/save.c:162:2: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read(fdesc, &rscore, sizeof rscore);
data/bsdgames-2.17/backgammon/common_source/save.c:163:2: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read(fdesc, &wscore, sizeof wscore);
data/bsdgames-2.17/backgammon/common_source/save.c:164:2: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read(fdesc, &gvalue, sizeof gvalue);
data/bsdgames-2.17/backgammon/common_source/save.c:165:2: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read(fdesc, &raflag, sizeof raflag);
data/bsdgames-2.17/backgammon/common_source/subs.c:107:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(0, &c, 1) != 1)
data/bsdgames-2.17/banner/banner.c:1071:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(message, " ");
data/bsdgames-2.17/banner/banner.c:1074:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nchars = strlen(message);
data/bsdgames-2.17/banner/banner.c:1079:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nchars = strlen(message);
data/bsdgames-2.17/battlestar/cypher.c:454:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(DEFAULT_SAVE_FILE));
data/bsdgames-2.17/battlestar/fly.c:93:11: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
switch (getchar()) {
data/bsdgames-2.17/battlestar/getcom.c:65:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (buf[strlen(buf) - 1] != '\n') {
data/bsdgames-2.17/battlestar/getcom.c:67:15: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((i = getchar()) != '\n' && i != EOF)
data/bsdgames-2.17/battlestar/init.c:72:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
savefile = save_file_name(filename, strlen(filename));
data/bsdgames-2.17/battlestar/save.c:178:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmpl = strlen(home);
data/bsdgames-2.17/bcd/bcd.c:168:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen((char *)str) > COLUMNS)
data/bsdgames-2.17/boggle/boggle/bog.c:184:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(argv[0]) != 16) {
data/bsdgames-2.17/boggle/boggle/bog.c:358:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buf) < (size_t)minlength) {
data/bsdgames-2.17/boggle/boggle/bog.c:390:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(buf) + 1;
data/bsdgames-2.17/boggle/boggle/help.c:65:13: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (ungetc(getc(fp), fp) == EOF) {
data/bsdgames-2.17/boggle/boggle/help.c:80:21: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (eof || ungetc(getc(fp), fp) == EOF) {
data/bsdgames-2.17/boggle/boggle/mach.c:162:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return (strlen(base[indx]));
data/bsdgames-2.17/boggle/boggle/mach.c:351:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((n = strlen(w)) > maxw)
data/bsdgames-2.17/boggle/boggle/word.c:89:18: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((pcount = getc(fp)) == EOF)
data/bsdgames-2.17/boggle/boggle/word.c:97:16: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((ch = getc(fp)) != EOF && ch >= 'a')
data/bsdgames-2.17/boggle/mkdict/mkdict.c:82:17: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((ch = getc(stdin)) != EOF && ch != '\n')
data/bsdgames-2.17/boggle/mkindex/mkindex.c:111:17: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((pcount = getc(fp)) == EOF)
data/bsdgames-2.17/boggle/mkindex/mkindex.c:120:15: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((ch = getc(fp)) != EOF && ch >= 'a')
data/bsdgames-2.17/caesar/caesar.c:109:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((nread = read(STDIN_FILENO, inbuf, LINELENGTH)) < 0)
data/bsdgames-2.17/caesar/caesar.c:144:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((nread = read(STDIN_FILENO, inbuf, LINELENGTH)) < 0)
data/bsdgames-2.17/caesar/caesar.c:158:15: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((ch = getchar()) != EOF)
data/bsdgames-2.17/canfield/canfield/canfield.c:1376:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
col += 1 + strlen(cp);
data/bsdgames-2.17/canfield/canfield/canfield.c:1697:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
i = read(dbfd, (char *)&total, sizeof(total));
data/bsdgames-2.17/canfield/cfscores/cfscores.c:133:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
i = read(dbfd, (char *)&total, sizeof(total));
data/bsdgames-2.17/cribbage/io.c:258:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(p) == 2) { /* check for short form */
data/bsdgames-2.17/cribbage/io.c:392:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Newpos = strlen(Msgbuf);
data/bsdgames-2.17/cribbage/io.c:408:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Newpos = strlen(Msgbuf);
data/bsdgames-2.17/cribbage/io.c:430:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(mp);
data/bsdgames-2.17/cribbage/io.c:442:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((len = strlen(mp)) > MSG_X) {
data/bsdgames-2.17/cribbage/io.c:515:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while (read(STDIN_FILENO, &c, sizeof(char)) <= 0)
data/bsdgames-2.17/cribbage/io.c:556:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = strlen(unctrl(*sp)); i; i--)
data/bsdgames-2.17/dm/dm.c:137:8: [1] (buffer) sscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
if (sscanf(lbuf, "%39s%39s", f1, f2) != 2 ||
data/bsdgames-2.17/dm/dm.c:143:8: [1] (buffer) sscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
if (sscanf(lbuf, "%39s%39s%39s%39s%39s",
data/bsdgames-2.17/dm/dm.c:149:8: [1] (buffer) sscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
if (sscanf(lbuf, "%39s%39s%39s%39s", f1, f2, f3, f4) != 4 ||
data/bsdgames-2.17/dm/dm.c:276:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((n = read(fd, buf, sizeof(buf))) > 0)
data/bsdgames-2.17/dm/utmpentry.c:84:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((max = strlen(e->name)) > maxname)
data/bsdgames-2.17/dm/utmpentry.c:86:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((max = strlen(e->line)) > maxline)
data/bsdgames-2.17/dm/utmpentry.c:88:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((max = strlen(e->host)) > maxhost)
data/bsdgames-2.17/dm/utmpentry.c:107:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(fname);
data/bsdgames-2.17/dm/utmpentry.c:272:8: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
(void)strncpy(e->name, up->ut_name, sizeof(up->ut_name));
data/bsdgames-2.17/dm/utmpentry.c:274:8: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
(void)strncpy(e->line, up->ut_line, sizeof(up->ut_line));
data/bsdgames-2.17/dm/utmpentry.c:276:8: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
(void)strncpy(e->host, up->ut_host, sizeof(up->ut_host));
data/bsdgames-2.17/dm/utmpentry.c:288:8: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
(void)strncpy(e->name, up->ut_name, sizeof(up->ut_name));
data/bsdgames-2.17/dm/utmpentry.c:290:8: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
(void)strncpy(e->line, up->ut_line, sizeof(up->ut_line));
data/bsdgames-2.17/dm/utmpentry.c:292:8: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
(void)strncpy(e->host, up->ut_host, sizeof(up->ut_host));
data/bsdgames-2.17/fish/fish.c:176:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf[strlen(buf) - 1] = '\0';
data/bsdgames-2.17/fish/fish.c:458:10: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
input = getchar();
data/bsdgames-2.17/fish/fish.c:459:9: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while (getchar() != '\n');
data/bsdgames-2.17/fish/fish.c:486:18: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((input = getchar()) != EOF && input != '\n');
data/bsdgames-2.17/fortune/fortune/fortune.c:214:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define NAMLEN(d) (strlen((d)->d_name))
data/bsdgames-2.17/fortune/fortune/fortune.c:287:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(line);
data/bsdgames-2.17/fortune/fortune/fortune.c:331:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nchar += strlen(line);
data/bsdgames-2.17/fortune/fortune/fortune.c:525:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tpath = do_malloc((unsigned int) (strlen(dir) + strlen(file) + 2));
data/bsdgames-2.17/fortune/fortune/fortune.c:525:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tpath = do_malloc((unsigned int) (strlen(dir) + strlen(file) + 2));
data/bsdgames-2.17/fortune/fortune/fortune.c:526:17: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
(void) strcat(strcat(strcpy(tpath, dir), "/"), file);
data/bsdgames-2.17/fortune/fortune/fortune.c:664:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
new = copy(file, (unsigned int) (strlen(file) + 2));
data/bsdgames-2.17/fortune/fortune/fortune.c:678:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(file);
data/bsdgames-2.17/fortune/fortune/fortune.c:823:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen(file);
data/bsdgames-2.17/fortune/fortune/fortune.c:845:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
datfile = copy(file, (unsigned int) (strlen(file) + 4)); /* +4 for ".dat" */
data/bsdgames-2.17/fortune/fortune/fortune.c:858:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*posp = copy(file, (unsigned int) (strlen(file) + 4)); /* +4 for ".dat" */
data/bsdgames-2.17/fortune/fortune/fortune.c:1033:2: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read(fp->datfd, Seekpts, sizeof Seekpts);
data/bsdgames-2.17/fortune/fortune/fortune.c:1144:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read(fd, &fp->pos, sizeof fp->pos) != sizeof fp->pos)
data/bsdgames-2.17/fortune/fortune/fortune.c:1176:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(fd, (char *) &fp->tbl, sizeof fp->tbl) != sizeof fp->tbl) {
data/bsdgames-2.17/fortune/fortune/fortune.c:1373:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sp += strlen(sp);
data/bsdgames-2.17/fortune/strfile/strfile.c:215:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = pos - last_off - (sp ? strlen(sp) : 0);
data/bsdgames-2.17/fortune/strfile/strfile.c:436:23: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while (!isalnum(c1 = getc(Sort_1)) && c1 != '\0')
data/bsdgames-2.17/fortune/strfile/strfile.c:438:23: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while (!isalnum(c2 = getc(Sort_2)) && c2 != '\0')
data/bsdgames-2.17/fortune/strfile/strfile.c:452:8: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c1 = getc(Sort_1);
data/bsdgames-2.17/fortune/strfile/strfile.c:453:8: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c2 = getc(Sort_2);
data/bsdgames-2.17/gomoku/bdisp.c:127:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = 6 - strlen(plyr[BLACK]) / 2;
data/bsdgames-2.17/gomoku/bdisp.c:130:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = 30 - strlen(plyr[WHITE]) / 2;
data/bsdgames-2.17/gomoku/bdisp.c:234:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(str);
data/bsdgames-2.17/gomoku/bdisp.c:254:26: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while (cp < end && (c = getchar()) != EOF && c != '\n' && c != '\r') {
data/bsdgames-2.17/gomoku/main.c:345:14: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((c = getc(fp)) != EOF && c != '\n')
data/bsdgames-2.17/gomoku/main.c:442:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str += strlen(str);
data/bsdgames-2.17/gomoku/pickmove.c:1244:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str += strlen(str);
data/bsdgames-2.17/gomoku/pickmove.c:1302:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str += strlen(str);
data/bsdgames-2.17/gomoku/pickmove.c:1312:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str += strlen(str);
data/bsdgames-2.17/gomoku/pickmove.c:1345:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str += strlen(str);
data/bsdgames-2.17/gomoku/pickmove.c:1349:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str += strlen(str);
data/bsdgames-2.17/hack/hack.do_name.c:148:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lth = strlen(buf) + 1;
data/bsdgames-2.17/hack/hack.do_name.c:180:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lth = strlen(buf) + 1;
data/bsdgames-2.17/hack/hack.do_name.c:254:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str = newstring(strlen(buf) + 1);
data/bsdgames-2.17/hack/hack.end.c:359:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
(void) strncpy(t0->name, plname, NAMSZ);
data/bsdgames-2.17/hack/hack.end.c:361:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
(void) strncpy(t0->death, killer, DTHSZ);
data/bsdgames-2.17/hack/hack.end.c:373:7: [1] (buffer) fscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
if (fscanf(rfile, "%6s %d %d %d %d %d %ld %c%c %[^,],%[^\n]",
data/bsdgames-2.17/hack/hack.end.c:552:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hppos = COLNO - 7 - strlen(hpbuf);
data/bsdgames-2.17/hack/hack.end.c:574:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return (strlen(linebuf));
data/bsdgames-2.17/hack/hack.end.c:702:7: [1] (buffer) fscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
if (fscanf(rfile, "%6s %d %d %d %d %d %ld %c%c %[^,],%[^\n]",
data/bsdgames-2.17/hack/hack.engrave.c:113:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(s);
data/bsdgames-2.17/hack/hack.engrave.c:142:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lth = strlen(ep->engr_txt);
data/bsdgames-2.17/hack/hack.engrave.c:193:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
alloc((unsigned) (sizeof(struct engr) + strlen(s) + 1));
data/bsdgames-2.17/hack/hack.engrave.c:202:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ep->engr_lth = strlen(s) + 1;
data/bsdgames-2.17/hack/hack.engrave.c:289:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(sp);
data/bsdgames-2.17/hack/hack.engrave.c:322:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(oep->engr_txt) + spct;
data/bsdgames-2.17/hack/hack.lev.c:329:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
rlen = read(fd, buf, (int) len);
data/bsdgames-2.17/hack/hack.main.c:159:11: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
(void) strncpy(plname, s, sizeof(plname) - 1);
data/bsdgames-2.17/hack/hack.main.c:161:11: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
(void) strncpy(plname, s, sizeof(plname) - 1);
data/bsdgames-2.17/hack/hack.main.c:163:11: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
(void) strncpy(plname, s, sizeof(plname) - 1);
data/bsdgames-2.17/hack/hack.main.c:226:12: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
(void) strncpy(plname, argv[0] + 2, sizeof(plname) - 1);
data/bsdgames-2.17/hack/hack.main.c:230:12: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
(void) strncpy(plname, argv[0], sizeof(plname) - 1);
data/bsdgames-2.17/hack/hack.main.c:236:11: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
(void) strncpy(pl_character, argv[0] + 1,
data/bsdgames-2.17/hack/hack.main.c:504:14: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((c = getchar()) != '\n') {
data/bsdgames-2.17/hack/hack.makemon.c:96:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ct = CMNUM - strlen(fut_geno);
data/bsdgames-2.17/hack/hack.o_init.c:191:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(objects[i].oc_uname) + 1;
data/bsdgames-2.17/hack/hack.o_init.c:196:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(objects[i].oc_name) + 1;
data/bsdgames-2.17/hack/hack.o_init.c:201:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(objects[i].oc_descr) + 1;
data/bsdgames-2.17/hack/hack.objnam.c:81:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int i = strlen(pref);
data/bsdgames-2.17/hack/hack.objnam.c:87:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
(void) strncpy(s, pref, i); /* do not copy trailing 0 */
data/bsdgames-2.17/hack/hack.objnam.c:554:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int j = strlen(wrp[i]);
data/bsdgames-2.17/hack/hack.options.c:170:10: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
(void) strncpy(plname, op + 1, sizeof(plname) - 1);
data/bsdgames-2.17/hack/hack.pager.c:105:14: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
(void) strncpy(buf + 1, " ", 7);
data/bsdgames-2.17/hack/hack.pager.c:284:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(text);
data/bsdgames-2.17/hack/hack.pri.c:761:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(newbot) >= COLNO) {
data/bsdgames-2.17/hack/hack.read.c:264:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} while (strlen(buf) != 1 || !monstersym(*buf));
data/bsdgames-2.17/hack/hack.rip.c:107:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((i1 = strlen(buf)) > 16) {
data/bsdgames-2.17/hack/hack.rip.c:132:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int n = strlen(text) / 2;
data/bsdgames-2.17/hack/hack.save.c:197:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(fd, (char *) &tmp, sizeof tmp) != sizeof tmp)
data/bsdgames-2.17/hack/hack.shk.c:333:12: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
(void) strncpy(ESHK(shopkeeper)->customer, plname, PL_NSIZ);
data/bsdgames-2.17/hack/hack.shknam.c:228:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
(void) strncpy(nampt, q[i], PL_NSIZ);
data/bsdgames-2.17/hack/hack.termcap.c:334:2: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(50000);
data/bsdgames-2.17/hack/hack.topl.c:124:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
alloc((unsigned) (strlen(toplines) + sizeof(struct topl) + 1));
data/bsdgames-2.17/hack/hack.topl.c:144:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (tlx + (int)strlen(s) > CO)
data/bsdgames-2.17/hack/hack.topl.c:233:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n0 = strlen(bp);
data/bsdgames-2.17/hack/hack.topl.c:235:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n0 + (int)strlen(toplines) + 3 < CO - 8 && /* leave room for
data/bsdgames-2.17/hack/hack.topl.c:262:10: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
(void) strncpy((tl = eos(toplines)), bp, n0);
data/bsdgames-2.17/hack/hack.topl.c:270:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n0 = strlen(bp);
data/bsdgames-2.17/hack/hack.topl.c:272:11: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
(void) strcat(tl, "\n");
data/bsdgames-2.17/hack/hack.tty.c:231:12: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((c = getchar()) == EOF) {
data/bsdgames-2.17/hack/hack.tty.c:334:18: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
inputline[1] = getchar();
data/bsdgames-2.17/hack/hack.tty.c:337:19: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
inputline[2] = getchar();
data/bsdgames-2.17/hack/hack.tty.c:343:18: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
inputline[1] = getchar();
data/bsdgames-2.17/hack/hack.tty.c:356:13: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((sym = getchar()) == EOF)
data/bsdgames-2.17/hack/hack.tty.c:367:15: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((sym = getchar()) != EOF)
data/bsdgames-2.17/hack/hack.u_init.c:246:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
(void) strncpy(pl_character, roles[i], PL_CSIZ - 1);
data/bsdgames-2.17/hack/hack.unix.c:194:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
np = path + strlen(path); /* point to end str */
data/bsdgames-2.17/hack/hack.unix.c:198:11: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
(void) strncpy(filename, path, np - path);
data/bsdgames-2.17/hack/hack.unix.c:244:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(fd, (char *) &lockedpid, sizeof(lockedpid)) !=
data/bsdgames-2.17/hack/makedefs.c:149:22: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int n = read(fd, lp0, (line + LINSZ) - lp0);
data/bsdgames-2.17/hack/makedefs.c:181:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(s) > lpe - lp + 1) {
data/bsdgames-2.17/hack/makedefs.c:191:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(s) > lpe - lp + 1) {
data/bsdgames-2.17/hack/makedefs.c:238:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
(void) strncpy(string, identif, 3),
data/bsdgames-2.17/hangman/getguess.c:101:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(0, &ch, sizeof ch) <= 0) {
data/bsdgames-2.17/hangman/getword.c:64:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Word[strlen(Word) - 1] = '\0';
data/bsdgames-2.17/hangman/getword.c:65:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(Word) < Minlen)
data/bsdgames-2.17/hunt/hunt/hunt.c:148:11: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
(void) strncpy(name, optarg, NAMELEN);
data/bsdgames-2.17/hunt/hunt/hunt.c:260:10: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
(void) strncpy(name, "otto", NAMELEN);
data/bsdgames-2.17/hunt/hunt/hunt.c:642:23: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while (!islower(c = getchar()) || (c -= 'a') >= i) {
data/bsdgames-2.17/hunt/hunt/hunt.c:677:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((cnt = read(s, buf, BUFSIZ)) > 0)
data/bsdgames-2.17/hunt/hunt/hunt.c:847:8: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getchar();
data/bsdgames-2.17/hunt/hunt/hunt.c:1029:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(name, envname, NAMELEN);
data/bsdgames-2.17/hunt/hunt/hunt.c:1033:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(name, envname, NAMELEN);
data/bsdgames-2.17/hunt/hunt/hunt.c:1098:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(name, envp, NAMELEN);
data/bsdgames-2.17/hunt/hunt/hunt.c:1138:7: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
i = getchar();
data/bsdgames-2.17/hunt/hunt/hunt.c:1142:8: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
i = getchar();
data/bsdgames-2.17/hunt/hunt/playit.c:113:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(Socket, (char *) &version, LONGLEN) != LONGLEN) {
data/bsdgames-2.17/hunt/hunt/playit.c:265:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
icnt = read(Socket, ibuf, sizeof ibuf);
data/bsdgames-2.17/hunt/hunt/playit.c:288:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
count = read(STDIN, Buf, sizeof Buf);
data/bsdgames-2.17/hunt/hunt/playit.c:348:20: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (isupper(ch = getchar()))
data/bsdgames-2.17/hunt/hunt/playit.c:369:22: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (isupper(ch = getchar()))
data/bsdgames-2.17/hunt/hunt/playit.c:398:15: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((ch = getchar()) == '\n' || ch == '\r')
data/bsdgames-2.17/hunt/hunt/playit.c:476:20: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (isupper(ch = getchar()))
data/bsdgames-2.17/hunt/hunt/playit.c:648:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(Socket, (char *) &version, LONGLEN) != LONGLEN) {
data/bsdgames-2.17/hunt/hunt/playit.c:657:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (write(Socket, Send_message, strlen(Send_message)) < 0) {
data/bsdgames-2.17/hunt/huntd/answer.c:95:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
(void) read(newsock, (char *) &uid, LONGLEN);
data/bsdgames-2.17/hunt/huntd/answer.c:97:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
(void) read(newsock, name, NAMELEN);
data/bsdgames-2.17/hunt/huntd/answer.c:98:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
(void) read(newsock, &team, 1);
data/bsdgames-2.17/hunt/huntd/answer.c:99:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
(void) read(newsock, (char *) &enter_status, LONGLEN);
data/bsdgames-2.17/hunt/huntd/answer.c:101:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
(void) read(newsock, Ttyname, NAMELEN);
data/bsdgames-2.17/hunt/huntd/answer.c:102:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
(void) read(newsock, (char *) &mode, sizeof mode);
data/bsdgames-2.17/hunt/huntd/answer.c:132:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(buf);
data/bsdgames-2.17/hunt/huntd/answer.c:137:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((n = read(newsock, buf, BUFSIZ)) > 0)
data/bsdgames-2.17/hunt/huntd/answer.c:411:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(ip->i_name, name, NAMELEN);
data/bsdgames-2.17/hunt/huntd/draw.c:359:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
outstr(pp, s, strlen(s));
data/bsdgames-2.17/hunt/huntd/driver.c:107:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Last_arg = ep[-1] + strlen(ep[-1]);
data/bsdgames-2.17/hunt/huntd/driver.c:286:9: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
(void) umask(0); /* No privacy at all! */
data/bsdgames-2.17/hunt/huntd/driver.c:628:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(pp->p_death); /* Display the cause of death */
data/bsdgames-2.17/hunt/huntd/driver.c:855:21: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((pp->p_nchar = read(pp->p_fd, pp->p_cbuf, sizeof pp->p_cbuf)) <= 0)
data/bsdgames-2.17/hunt/huntd/driver.c:946:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(ip->i_name) < 8)
data/bsdgames-2.17/hunt/huntd/driver.c:957:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(ip->i_name) < 8)
data/bsdgames-2.17/hunt/huntd/driver.c:962:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(ip->i_name) + 3 < 8)
data/bsdgames-2.17/hunt/huntd/faketalk.c:169:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(void) write(service, buf, strlen(buf));
data/bsdgames-2.17/hunt/huntd/faketalk.c:172:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(void) write(service, buf, strlen(buf));
data/bsdgames-2.17/hunt/huntd/faketalk.c:179:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = buf + 4, t = buf + strlen(buf) - 1;
data/bsdgames-2.17/hunt/huntd/faketalk.c:183:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
t = s + strlen(s) - 1;
data/bsdgames-2.17/hunt/huntd/get_names.c:70:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
(void) strncpy(msg.l_name, my_name, NAME_SIZE);
data/bsdgames-2.17/hunt/huntd/get_names.c:149:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
(void) strncpy(msg.r_name, his_name, NAME_SIZE);
data/bsdgames-2.17/lib/fgetln.c:63:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*len = strlen(buf);
data/bsdgames-2.17/mille/misc.c:256:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
for (cnt = 0; read(0, &c, 1) <= 0; cnt++)
data/bsdgames-2.17/mille/move.c:549:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
move(MOVE_Y, MOVE_X + strlen(names[promptno]) + 1);
data/bsdgames-2.17/mille/varpush.c:83:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((read(file, (void *) &temp, sizeof temp)) < 0) {
data/bsdgames-2.17/monop/cards.c:139:14: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
type_maj = getc(deckf);
data/bsdgames-2.17/monop/cards.c:141:13: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
type_min = getc(deckf);
data/bsdgames-2.17/monop/cards.c:237:14: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((c = getc(deckf)) != '\0')
data/bsdgames-2.17/monop/execute.c:187:16: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((*sp++=getchar()) != '\n')
data/bsdgames-2.17/monop/execute.c:229:22: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
for (sp = buf; (*sp=getchar()) != '\n'; sp++)
data/bsdgames-2.17/monop/execute.c:262:3: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read(inf, start, num);
data/bsdgames-2.17/monop/getinp.c:63:21: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
for (sp = buf; (c=getchar()) != '\n'; ) {
data/bsdgames-2.17/monop/getinp.c:74:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((match+=(n_match=strlen(list[i]))) > LINE) {
data/bsdgames-2.17/monop/initdeck.c:201:12: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((c=getc(inf)) != EOF)
data/bsdgames-2.17/monop/initdeck.c:205:8: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (getc(inf) == '-')
data/bsdgames-2.17/monop/initdeck.c:228:7: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
putc(getc(inf), outf);
data/bsdgames-2.17/monop/initdeck.c:229:7: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
putc(getc(inf), outf);
data/bsdgames-2.17/monop/initdeck.c:230:19: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
for (num = 0; (c=getc(inf)) != '\n'; )
data/bsdgames-2.17/monop/initdeck.c:234:12: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((c=getc(inf)) != EOF)
data/bsdgames-2.17/monop/initdeck.c:238:8: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (getc(inf) == '-')
data/bsdgames-2.17/monop/initdeck.c:240:11: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while (getc(inf) != '\n')
data/bsdgames-2.17/monop/initdeck.c:243:11: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((c=getc(inf)) == EOF)
data/bsdgames-2.17/monop/initdeck.c:246:13: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
putc(c = getc(inf), outf);
data/bsdgames-2.17/monop/initdeck.c:247:21: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
for (num = 0; (c=getc(inf)) != EOF && c != '\n'; )
data/bsdgames-2.17/monop/malloc.c:147:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
iov[1].iov_len = strlen(s);
data/bsdgames-2.17/monop/misc.c:106:21: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
for (sp = buf; (c=getchar()) != '\n'; *sp++ = c)
data/bsdgames-2.17/monop/monop.c:125:23: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
for (sp = buf; (*sp=getchar()) != '\n'; sp++)
data/bsdgames-2.17/morse/morse.c:159:17: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((ch = getchar()) != EOF) {
data/bsdgames-2.17/morse/morse.c:167:20: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((ch = getchar()) != EOF &&
data/bsdgames-2.17/morse/morse.c:195:21: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
else while ((ch = getchar()) != EOF)
data/bsdgames-2.17/number/number.c:167:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((len = strlen(line)) > MAXNUM ||
data/bsdgames-2.17/number/number.c:168:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(fraction != NULL && (flen = strlen(fraction)) > MAXNUM))
data/bsdgames-2.17/phantasia/io.c:33:8: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getchar(); /* get character */
data/bsdgames-2.17/phantasia/io.c:196:9: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getchar();
data/bsdgames-2.17/phantasia/main.c:643:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mvaddstr(2, 40 - strlen(Databuf) / 2, Databuf);
data/bsdgames-2.17/phantasia/main.c:655:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mvaddstr(4, 40 - strlen(Databuf) / 2, Databuf);
data/bsdgames-2.17/phantasia/main.c:669:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mvaddstr(6, 40 - strlen(Databuf) / 2, Databuf);
data/bsdgames-2.17/phantasia/main.c:685:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mvaddstr(Lines++, 40 - strlen(Databuf) / 2, Databuf);
data/bsdgames-2.17/phantasia/main.c:716:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mvaddstr(17, 40 - strlen(Databuf) / 2, Databuf);
data/bsdgames-2.17/phantasia/main.c:722:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mvaddstr(20, 40 - strlen(Databuf) / 2, Databuf);
data/bsdgames-2.17/phantasia/misc.c:710:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen(string);
data/bsdgames-2.17/phantasia/setup.c:87:5: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(0117); /* only owner can read/write created files */
data/bsdgames-2.17/phantasia/setup.c:167:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(Databuf, sizeof(char), strlen(Databuf), fp);
data/bsdgames-2.17/pig/pig.c:80:22: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
for (len = 0; (ch = getchar()) != EOF;) {
data/bsdgames-2.17/pom/pom.c:238:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
switch (strlen(p)) {
data/bsdgames-2.17/ppt/ppt.c:126:20: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
else while ((c = getchar()) != EOF)
data/bsdgames-2.17/quiz/quiz.c:144:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (qp->q_text && qp->q_text[strlen(qp->q_text) - 1] == '\\')
data/bsdgames-2.17/quiz/quiz.c:152:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(qp->q_text, lp, len);
data/bsdgames-2.17/quiz/quiz.c:346:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((m = malloc(strlen(s) + len + 1)) == NULL)
data/bsdgames-2.17/rain/rain.c:148:4: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(delay);
data/bsdgames-2.17/random/random.c:135:15: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((ch = getchar()) != EOF) {
data/bsdgames-2.17/robots/move.c:96:6: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(10000);
data/bsdgames-2.17/robots/move.c:100:9: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = getchar();
data/bsdgames-2.17/robots/move.c:103:24: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while (isdigit(c = getchar()))
data/bsdgames-2.17/robots/query.c:59:17: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
retval = ((c = getchar()) == 'y' || c == 'Y');
data/bsdgames-2.17/robots/score.c:65:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(inf, &max_uid, sizeof max_uid) == sizeof max_uid) {
data/bsdgames-2.17/robots/score.c:68:3: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read(inf, Top, sizeof Top);
data/bsdgames-2.17/robots/score.c:200:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(scp->s_name, pp->pw_name, MAXNAME);
data/bsdgames-2.17/sail/dr_2.c:172:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(movement, "d");
data/bsdgames-2.17/sail/dr_2.c:249:71: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((ma > 0 && ta > 0 && (n = str_end(temp)) != 'l' && n != 'r') || !strlen(temp)) {
data/bsdgames-2.17/sail/dr_2.c:250:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(temp, "r");
data/bsdgames-2.17/sail/dr_2.c:259:71: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((ma > 0 && ta > 0 && (n = str_end(temp)) != 'l' && n != 'r') || !strlen(temp)){
data/bsdgames-2.17/sail/dr_2.c:260:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(temp, "l");
data/bsdgames-2.17/sail/dr_3.c:93:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(sp->file->movebuf, "d");
data/bsdgames-2.17/sail/dr_3.c:96:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(sp->file->movebuf, "d");
data/bsdgames-2.17/sail/pl_5.c:150:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(movebuf, "d");
data/bsdgames-2.17/sail/pl_7.c:465:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
wmove(view_w, 4, (VIEW_X - strlen(cc->name)) / 2);
data/bsdgames-2.17/sail/pl_main.c:89:10: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while (getchar() != '\n')
data/bsdgames-2.17/sail/pl_main.c:159:12: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while (getchar() != '\n')
data/bsdgames-2.17/sail/pl_main.c:164:12: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while (getchar() != '\n')
data/bsdgames-2.17/sail/pl_main.c:204:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(captain, nameptr, sizeof captain);
data/bsdgames-2.17/sail/pl_main.c:212:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
captain[strlen(captain) - 1] = '\0';
data/bsdgames-2.17/sail/pl_main.c:222:3: [1] (buffer) scanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
scanf("%9s", buf);
data/bsdgames-2.17/sail/sync.c:157:18: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
mode_t omask = umask(002);
data/bsdgames-2.17/sail/sync.c:159:3: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(omask);
data/bsdgames-2.17/sail/sync.c:257:20: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
switch (*p++ = getc(sync_fp)) {
data/bsdgames-2.17/snake/snake/snake.c:101:18: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
#define delay(t) usleep(t * 50000);
data/bsdgames-2.17/snake/snake/snake.c:540:2: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read(rawscores, &allbscore, sizeof(short));
data/bsdgames-2.17/snake/snake/snake.c:541:2: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read(rawscores, &allbwho, sizeof(short));
data/bsdgames-2.17/snake/snake/snake.c:543:2: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read(rawscores, &oldbest, sizeof(short));
data/bsdgames-2.17/tetris/input.c:129:21: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (rwait(&tv) && read(0, &c, 1) != 1)
data/bsdgames-2.17/tetris/input.c:158:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(0, &c, 1) != 1)
data/bsdgames-2.17/tetris/scores.c:114:9: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
mask = umask(S_IWOTH);
data/bsdgames-2.17/tetris/scores.c:116:8: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
(void)umask(mask);
data/bsdgames-2.17/tetris/scores.c:233:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(p);
data/bsdgames-2.17/tetris/scores.c:399:16: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((c = getchar()) != '\n')
data/bsdgames-2.17/tetris/scores.c:463:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 40 - strlen(buf); --i >= 0;)
data/bsdgames-2.17/tetris/screen.c:494:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int l = strlen(s);
data/bsdgames-2.17/tetris/tetris.c:153:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(keys = optarg) != 6)
data/bsdgames-2.17/tetris/tetris.c:314:14: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((i = getchar()) != '\n')
data/bsdgames-2.17/trek/cgetc.c:47:11: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return ( getchar() );
data/bsdgames-2.17/trek/dumpgame.c:130:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read(fd, &version, sizeof version) != sizeof version ||
data/bsdgames-2.17/trek/dumpgame.c:166:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(fd, &junk, sizeof junk) != (sizeof junk))
data/bsdgames-2.17/trek/dumpgame.c:171:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(fd, d->area, i) != i)
data/bsdgames-2.17/trek/dumpgame.c:176:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return (read(fd, &junk, 1));
data/bsdgames-2.17/trek/out.c:57:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (d->name[strlen(d->name) - 1] == 's')
data/bsdgames-2.17/worms/worms.c:299:5: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(delay % 1000000);
ANALYSIS SUMMARY:
Hits = 1352
Lines analyzed = 112880 in approximately 3.63 seconds (31130 lines/second)
Physical Source Lines of Code (SLOC) = 81055
Hits@level = [0] 1208 [1] 340 [2] 619 [3] 175 [4] 216 [5] 2
Hits@level+ = [0+] 2560 [1+] 1352 [2+] 1012 [3+] 393 [4+] 218 [5+] 2
Hits/KSLOC@level+ = [0+] 31.5835 [1+] 16.68 [2+] 12.4853 [3+] 4.84856 [4+] 2.68953 [5+] 0.0246746
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.