Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/camlidl-1.09/runtime/camlidlruntime.h Examining data/camlidl-1.09/runtime/cfactory.cpp Examining data/camlidl-1.09/runtime/comerror.c Examining data/camlidl-1.09/runtime/comintf.c Examining data/camlidl-1.09/runtime/comstuff.h Examining data/camlidl-1.09/runtime/dispatch.c Examining data/camlidl-1.09/runtime/idlalloc.c Examining data/camlidl-1.09/runtime/oletypes.c Examining data/camlidl-1.09/runtime/registry.cpp Examining data/camlidl-1.09/runtime/registry.h Examining data/camlidl-1.09/runtime/superror.cpp Examining data/camlidl-1.09/tests/comcomp.c Examining data/camlidl-1.09/tests/comcomp.cpp Examining data/camlidl-1.09/tests/comcomp.h Examining data/camlidl-1.09/tests/comp/CLIENT.CPP Examining data/camlidl-1.09/tests/comp/CMPNT.CPP Examining data/camlidl-1.09/tests/comp/GUIDS.CPP Examining data/camlidl-1.09/tests/comp/IFACE.H Examining data/camlidl-1.09/tests/comp/REGISTRY.CPP Examining data/camlidl-1.09/tests/comp/REGISTRY.H Examining data/camlidl-1.09/tests/dispatch/CFACTORY.CPP Examining data/camlidl-1.09/tests/dispatch/CFACTORY.H Examining data/camlidl-1.09/tests/dispatch/CLIENT.CPP Examining data/camlidl-1.09/tests/dispatch/CMPNT.CPP Examining data/camlidl-1.09/tests/dispatch/CMPNT.H Examining data/camlidl-1.09/tests/dispatch/CUNKNOWN.CPP Examining data/camlidl-1.09/tests/dispatch/CUNKNOWN.H Examining data/camlidl-1.09/tests/dispatch/DCLIENT.CPP Examining data/camlidl-1.09/tests/dispatch/IFACE.H Examining data/camlidl-1.09/tests/dispatch/REGISTRY.CPP Examining data/camlidl-1.09/tests/dispatch/REGISTRY.H Examining data/camlidl-1.09/tests/dispatch/SERVER.CPP Examining data/camlidl-1.09/tests/dispatch/UTIL.CPP Examining data/camlidl-1.09/tools/camlidlcompat.h FINAL RESULTS: data/camlidl-1.09/runtime/dispatch.c:113:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(resname, "%s\\%d", module_path, i); data/camlidl-1.09/runtime/registry.cpp:66:2: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(szKey, szCLSID) ; data/camlidl-1.09/runtime/registry.cpp:107:2: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(szKey, szCLSID) ; data/camlidl-1.09/runtime/registry.cpp:203:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(szKeyBuf, szKey) ; data/camlidl-1.09/runtime/registry.cpp:209:3: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(szKeyBuf, szSubkey ) ; data/camlidl-1.09/tests/comp/REGISTRY.CPP:65:2: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(szKey, szCLSID) ; data/camlidl-1.09/tests/comp/REGISTRY.CPP:106:2: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(szKey, szCLSID) ; data/camlidl-1.09/tests/comp/REGISTRY.CPP:202:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(szKeyBuf, szKey) ; data/camlidl-1.09/tests/comp/REGISTRY.CPP:208:3: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(szKeyBuf, szSubkey ) ; data/camlidl-1.09/tests/dispatch/CMPNT.CPP:169:4: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(szTypeLibFullName, data/camlidl-1.09/tests/dispatch/REGISTRY.CPP:70:2: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(szKey, szCLSID) ; data/camlidl-1.09/tests/dispatch/REGISTRY.CPP:120:2: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(szKey, szCLSID) ; data/camlidl-1.09/tests/dispatch/REGISTRY.CPP:232:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(szKeyBuf, pszPath) ; data/camlidl-1.09/tests/dispatch/REGISTRY.CPP:238:3: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(szKeyBuf, szSubkey ) ; data/camlidl-1.09/tests/dispatch/REGISTRY.CPP:268:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(szKeyBuf, szKey) ; data/camlidl-1.09/tests/dispatch/REGISTRY.CPP:274:3: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(szKeyBuf, szSubkey ) ; data/camlidl-1.09/tests/dispatch/UTIL.CPP:45:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "%s: \t%s", szLabel, szText) ; data/camlidl-1.09/tests/dispatch/UTIL.CPP:72:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "Error (%x): %s", hr, (char*)pMsgBuf) ; data/camlidl-1.09/runtime/camlidlruntime.h:68:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char Data4[8]; data/camlidl-1.09/runtime/cfactory.cpp:205:14: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int fd = open("/tmp/camllog", O_RDWR|O_TRUNC|O_CREAT, _S_IWRITE|_S_IREAD); data/camlidl-1.09/runtime/comerror.c:54:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[1024]; data/camlidl-1.09/runtime/comerror.c:82:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char who[1024], what[1024]; data/camlidl-1.09/runtime/dispatch.c:100:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char module_path[_MAX_PATH]; data/camlidl-1.09/runtime/dispatch.c:101:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char resname[_MAX_PATH + 4]; data/camlidl-1.09/runtime/dispatch.c:102:3: [2] (buffer) wchar_t: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. wchar_t wresname[_MAX_PATH + 4]; data/camlidl-1.09/runtime/idlalloc.c:116:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(res, String_val(mlstring), len + 1); data/camlidl-1.09/runtime/registry.cpp:52:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szModule[512] ; data/camlidl-1.09/runtime/registry.cpp:60:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szCLSID[CLSID_STRING_SIZE] ; data/camlidl-1.09/runtime/registry.cpp:64:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szKey[64] ; data/camlidl-1.09/runtime/registry.cpp:65:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(szKey, "CLSID\\") ; data/camlidl-1.09/runtime/registry.cpp:101:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szCLSID[CLSID_STRING_SIZE] ; data/camlidl-1.09/runtime/registry.cpp:105:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szKey[64] ; data/camlidl-1.09/runtime/registry.cpp:106:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(szKey, "CLSID\\") ; data/camlidl-1.09/runtime/registry.cpp:167:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szBuffer[256] ; data/camlidl-1.09/runtime/registry.cpp:200:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szKeyBuf[1024] ; data/camlidl-1.09/tests/comcomp.c:7:27: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. typedef struct { unsigned char data[16]; } IID; data/camlidl-1.09/tests/comcomp.cpp:19:27: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. typedef struct { unsigned char data[16]; } IID; data/camlidl-1.09/tests/comp/REGISTRY.CPP:51:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szModule[512] ; data/camlidl-1.09/tests/comp/REGISTRY.CPP:59:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szCLSID[CLSID_STRING_SIZE] ; data/camlidl-1.09/tests/comp/REGISTRY.CPP:63:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szKey[64] ; data/camlidl-1.09/tests/comp/REGISTRY.CPP:64:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(szKey, "CLSID\\") ; data/camlidl-1.09/tests/comp/REGISTRY.CPP:100:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szCLSID[CLSID_STRING_SIZE] ; data/camlidl-1.09/tests/comp/REGISTRY.CPP:104:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szKey[64] ; data/camlidl-1.09/tests/comp/REGISTRY.CPP:105:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(szKey, "CLSID\\") ; data/camlidl-1.09/tests/comp/REGISTRY.CPP:166:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szBuffer[256] ; data/camlidl-1.09/tests/comp/REGISTRY.CPP:199:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szKeyBuf[1024] ; data/camlidl-1.09/tests/dispatch/CMPNT.CPP:157:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szModule[512] ; data/camlidl-1.09/tests/dispatch/CMPNT.CPP:163:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szDrive[_MAX_DRIVE]; data/camlidl-1.09/tests/dispatch/CMPNT.CPP:164:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szDir[_MAX_DIR]; data/camlidl-1.09/tests/dispatch/CMPNT.CPP:168:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szTypeLibFullName[_MAX_PATH]; data/camlidl-1.09/tests/dispatch/CMPNT.CPP:176:4: [2] (buffer) wchar_t: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. wchar_t wszTypeLibFullName[_MAX_PATH] ; data/camlidl-1.09/tests/dispatch/REGISTRY.CPP:56:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szModule[512] ; data/camlidl-1.09/tests/dispatch/REGISTRY.CPP:64:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szCLSID[GUID_STRING_SIZE] ; data/camlidl-1.09/tests/dispatch/REGISTRY.CPP:68:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szKey[64] ; data/camlidl-1.09/tests/dispatch/REGISTRY.CPP:69:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(szKey, "CLSID\\") ; data/camlidl-1.09/tests/dispatch/REGISTRY.CPP:90:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szLIBID[GUID_STRING_SIZE] ; data/camlidl-1.09/tests/dispatch/REGISTRY.CPP:114:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szCLSID[GUID_STRING_SIZE] ; data/camlidl-1.09/tests/dispatch/REGISTRY.CPP:118:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szKey[80] ; data/camlidl-1.09/tests/dispatch/REGISTRY.CPP:119:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(szKey, "CLSID\\") ; data/camlidl-1.09/tests/dispatch/REGISTRY.CPP:131:3: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(szKey, "\\LocalServer32") ; data/camlidl-1.09/tests/dispatch/REGISTRY.CPP:133:3: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(szKey, "\\InprocServer32") ; data/camlidl-1.09/tests/dispatch/REGISTRY.CPP:199:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szBuffer[256] ; data/camlidl-1.09/tests/dispatch/REGISTRY.CPP:229:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szKeyBuf[80] ; data/camlidl-1.09/tests/dispatch/REGISTRY.CPP:265:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szKeyBuf[1024] ; data/camlidl-1.09/tests/dispatch/UTIL.CPP:44:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256] ; data/camlidl-1.09/tests/dispatch/UTIL.CPP:71:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256] ; data/camlidl-1.09/runtime/comerror.c:141:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). wstrlen = strlen(methname); data/camlidl-1.09/runtime/comerror.c:150:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). wstrlen = strlen(exndesc); data/camlidl-1.09/runtime/registry.cpp:208:3: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(szKeyBuf, "\\") ; data/camlidl-1.09/runtime/registry.cpp:228:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(szValue)+1) ; data/camlidl-1.09/tests/comp/REGISTRY.CPP:207:3: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(szKeyBuf, "\\") ; data/camlidl-1.09/tests/comp/REGISTRY.CPP:227:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(szValue)+1) ; data/camlidl-1.09/tests/dispatch/REGISTRY.CPP:237:3: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(szKeyBuf, "\\") ; data/camlidl-1.09/tests/dispatch/REGISTRY.CPP:273:3: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(szKeyBuf, "\\") ; data/camlidl-1.09/tests/dispatch/REGISTRY.CPP:293:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(szValue)+1) ; data/camlidl-1.09/tests/dispatch/UTIL.CPP:89:16: [1] (buffer) wcslen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int iLength = wcslen(wsz)+1 ; ANALYSIS SUMMARY: Hits = 76 Lines analyzed = 4995 in approximately 0.15 seconds (33967 lines/second) Physical Source Lines of Code (SLOC) = 3280 Hits@level = [0] 47 [1] 10 [2] 48 [3] 0 [4] 18 [5] 0 Hits@level+ = [0+] 123 [1+] 76 [2+] 66 [3+] 18 [4+] 18 [5+] 0 Hits/KSLOC@level+ = [0+] 37.5 [1+] 23.1707 [2+] 20.122 [3+] 5.4878 [4+] 5.4878 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.