Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/cmph-2.0.2/examples/small_set_ex4.c
Examining data/cmph-2.0.2/examples/file_adapter_ex2.c
Examining data/cmph-2.0.2/examples/struct_vector_adapter_ex3.c
Examining data/cmph-2.0.2/examples/vector_adapter_ex1.c
Examining data/cmph-2.0.2/src/buffer_manager.c
Examining data/cmph-2.0.2/src/miller_rabin.c
Examining data/cmph-2.0.2/src/bmz.c
Examining data/cmph-2.0.2/src/fnv_hash.c
Examining data/cmph-2.0.2/src/compressed_seq.h
Examining data/cmph-2.0.2/src/select.h
Examining data/cmph-2.0.2/src/chd.h
Examining data/cmph-2.0.2/src/vqueue.h
Examining data/cmph-2.0.2/src/chm_structs.h
Examining data/cmph-2.0.2/src/bdz_ph.c
Examining data/cmph-2.0.2/src/compressed_rank.c
Examining data/cmph-2.0.2/src/select_lookup_tables.h
Examining data/cmph-2.0.2/src/bmz8.h
Examining data/cmph-2.0.2/src/chm.c
Examining data/cmph-2.0.2/src/bdz_structs.h
Examining data/cmph-2.0.2/src/hashtree.h
Examining data/cmph-2.0.2/src/sdbm_hash.c
Examining data/cmph-2.0.2/src/brz.c
Examining data/cmph-2.0.2/src/select.c
Examining data/cmph-2.0.2/src/bmz8_structs.h
Examining data/cmph-2.0.2/src/vstack.h
Examining data/cmph-2.0.2/src/bdz.h
Examining data/cmph-2.0.2/src/wingetopt.c
Examining data/cmph-2.0.2/src/cmph_structs.h
Examining data/cmph-2.0.2/src/vqueue.c
Examining data/cmph-2.0.2/src/fch_buckets.c
Examining data/cmph-2.0.2/src/fch_buckets.h
Examining data/cmph-2.0.2/src/chd_structs_ph.h
Examining data/cmph-2.0.2/src/sdbm_hash.h
Examining data/cmph-2.0.2/src/buffer_manage.h
Examining data/cmph-2.0.2/src/miller_rabin.h
Examining data/cmph-2.0.2/src/hash_state.h
Examining data/cmph-2.0.2/src/chd_structs.h
Examining data/cmph-2.0.2/src/buffer_manage.c
Examining data/cmph-2.0.2/src/brz_structs.h
Examining data/cmph-2.0.2/src/bitbool.h
Examining data/cmph-2.0.2/src/cmph.c
Examining data/cmph-2.0.2/src/jenkins_hash.c
Examining data/cmph-2.0.2/src/chd.c
Examining data/cmph-2.0.2/src/jenkins_hash.h
Examining data/cmph-2.0.2/src/hash.c
Examining data/cmph-2.0.2/src/hashtree_structs.h
Examining data/cmph-2.0.2/src/bdz_ph.h
Examining data/cmph-2.0.2/src/chd_ph.c
Examining data/cmph-2.0.2/src/cmph_structs.c
Examining data/cmph-2.0.2/src/djb2_hash.c
Examining data/cmph-2.0.2/src/hashtree.c
Examining data/cmph-2.0.2/src/cmph_benchmark.h
Examining data/cmph-2.0.2/src/fnv_hash.h
Examining data/cmph-2.0.2/src/vstack.c
Examining data/cmph-2.0.2/src/fch.c
Examining data/cmph-2.0.2/src/hash.h
Examining data/cmph-2.0.2/src/brz.h
Examining data/cmph-2.0.2/src/graph.h
Examining data/cmph-2.0.2/src/graph.c
Examining data/cmph-2.0.2/src/linear_string_map.h
Examining data/cmph-2.0.2/src/bm_numbers.c
Examining data/cmph-2.0.2/src/cmph.h
Examining data/cmph-2.0.2/src/chd_ph.h
Examining data/cmph-2.0.2/src/bdz.c
Examining data/cmph-2.0.2/src/buffer_manager.h
Examining data/cmph-2.0.2/src/fch.h
Examining data/cmph-2.0.2/src/main.c
Examining data/cmph-2.0.2/src/djb2_hash.h
Examining data/cmph-2.0.2/src/bdz_structs_ph.h
Examining data/cmph-2.0.2/src/buffer_entry.h
Examining data/cmph-2.0.2/src/cmph_types.h
Examining data/cmph-2.0.2/src/linear_string_map.c
Examining data/cmph-2.0.2/src/bmz.h
Examining data/cmph-2.0.2/src/bmz8.c
Examining data/cmph-2.0.2/src/compressed_rank.h
Examining data/cmph-2.0.2/src/fch_structs.h
Examining data/cmph-2.0.2/src/buffer_entry.c
Examining data/cmph-2.0.2/src/cmph_time.h
Examining data/cmph-2.0.2/src/cmph_benchmark.c
Examining data/cmph-2.0.2/src/bdz_gen_lookup_table.c
Examining data/cmph-2.0.2/src/wingetopt.h
Examining data/cmph-2.0.2/src/bmz_structs.h
Examining data/cmph-2.0.2/src/chm.h
Examining data/cmph-2.0.2/src/compressed_seq.c
Examining data/cmph-2.0.2/src/debug.h
Examining data/cmph-2.0.2/tests/cmph_benchmark_test.c
Examining data/cmph-2.0.2/tests/mphf_tests.c
Examining data/cmph-2.0.2/tests/packed_mphf_tests.c
Examining data/cmph-2.0.2/tests/compressed_rank_tests.c
Examining data/cmph-2.0.2/tests/compressed_seq_tests.c
Examining data/cmph-2.0.2/tests/select_tests.c
Examining data/cmph-2.0.2/tests/graph_tests.c
Examining data/cmph-2.0.2/cxxmph/benchmark.h
Examining data/cmph-2.0.2/cxxmph/cxxmph.cc
Examining data/cmph-2.0.2/cxxmph/mph_map_test.cc
Examining data/cmph-2.0.2/cxxmph/mph_index.h
Examining data/cmph-2.0.2/cxxmph/test_test.cc
Examining data/cmph-2.0.2/cxxmph/string_util.h
Examining data/cmph-2.0.2/cxxmph/hollow_iterator.h
Examining data/cmph-2.0.2/cxxmph/string_util_test.cc
Examining data/cmph-2.0.2/cxxmph/bm_common.h
Examining data/cmph-2.0.2/cxxmph/stringpiece.h
Examining data/cmph-2.0.2/cxxmph/mph_index.cc
Examining data/cmph-2.0.2/cxxmph/test.h
Examining data/cmph-2.0.2/cxxmph/bm_common.cc
Examining data/cmph-2.0.2/cxxmph/trigraph_test.cc
Examining data/cmph-2.0.2/cxxmph/trigraph.cc
Examining data/cmph-2.0.2/cxxmph/MurmurHash3.h
Examining data/cmph-2.0.2/cxxmph/mph_bits.cc
Examining data/cmph-2.0.2/cxxmph/mph_bits_test.cc
Examining data/cmph-2.0.2/cxxmph/mph_index_test.cc
Examining data/cmph-2.0.2/cxxmph/map_tester_test.cc
Examining data/cmph-2.0.2/cxxmph/mph_bits.h
Examining data/cmph-2.0.2/cxxmph/bm_index.cc
Examining data/cmph-2.0.2/cxxmph/hollow_iterator_test.cc
Examining data/cmph-2.0.2/cxxmph/bm_map.cc
Examining data/cmph-2.0.2/cxxmph/string_util.cc
Examining data/cmph-2.0.2/cxxmph/MurmurHash3.cpp
Examining data/cmph-2.0.2/cxxmph/seeded_hash.h
Examining data/cmph-2.0.2/cxxmph/benchmark.cc
Examining data/cmph-2.0.2/cxxmph/seeded_hash_test.cc
Examining data/cmph-2.0.2/cxxmph/test.cc
Examining data/cmph-2.0.2/cxxmph/dense_hash_map_test.cc
Examining data/cmph-2.0.2/cxxmph/mph_map.h
Examining data/cmph-2.0.2/cxxmph/map_tester.cc
Examining data/cmph-2.0.2/cxxmph/map_tester.h
Examining data/cmph-2.0.2/cxxmph/trigraph.h
FINAL RESULTS:
data/cmph-2.0.2/cxxmph/string_util.h:68:12: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
return snprintf(str, size, format, v);
data/cmph-2.0.2/examples/small_set_ex4.c:22:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(filename, "%s_%u.mph", cmph_names[alg_n], items_len);
data/cmph-2.0.2/src/brz.c:88:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf((char *)(brz->tmp_dir), "%s/", (char *)tmp_dir);
data/cmph-2.0.2/src/brz.c:93:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf((char *)(brz->tmp_dir), "%s", (char *)tmp_dir);
data/cmph-2.0.2/src/brz.c:296:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(filename, "%s%u.cmph",brz->tmp_dir, nflushes);
data/cmph-2.0.2/src/brz.c:356:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(filename, "%s%u.cmph",brz->tmp_dir, nflushes);
data/cmph-2.0.2/src/brz.c:398:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(filename, "%s%u.cmph",brz->tmp_dir, i);
data/cmph-2.0.2/src/cmph.c:120:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(*key, keys_vd[cmph_vector->position]);
data/cmph-2.0.2/src/debug.h:32:5: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stdout, f, ap);
data/cmph-2.0.2/src/debug.h:45:77: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define DEBUGP(args...) do { fprintf(stdout, "%s:%d ", __FILE__, __LINE__); fprintf(stdout, ## args); } while(0)
data/cmph-2.0.2/cxxmph/bm_common.cc:43:24: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
random_[i] = urls_[random() % urls_.size()];
data/cmph-2.0.2/cxxmph/bm_common.cc:44:9: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if (random() < miss_ratio_int32) {
data/cmph-2.0.2/cxxmph/bm_common.cc:57:14: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
do { v = random(); } while (unique.find(v) != unique.end());
data/cmph-2.0.2/cxxmph/bm_common.cc:69:20: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
uint32_t pos = random() % values_.size();
data/cmph-2.0.2/cxxmph/bm_map.cc:101:3: [3] (random) srandom:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srandom(4);
data/cmph-2.0.2/cxxmph/cxxmph.cc:38:21: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
char ch = (char)getopt(argc, argv, "hvV");
data/cmph-2.0.2/cxxmph/mph_index.h:149:49: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
for (int i = 0; i < 3; ++i) hash_seed_[i] = random();
data/cmph-2.0.2/cxxmph/mph_index_test.cc:14:3: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(1);
data/cmph-2.0.2/src/bm_numbers.c:17:21: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
cmph_uint32 v = random();
data/cmph-2.0.2/src/bm_numbers.c:18:45: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
while (GETBIT(dup, v % dup_bits)) { v = random(); }
data/cmph-2.0.2/src/bm_numbers.c:81:23: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
cmph_uint32 pos = random() % iters;
data/cmph-2.0.2/src/main.c:91:19: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
char ch = (char)getopt(argc, argv, "hVvgc:k:a:M:b:t:f:m:d:s:");
data/cmph-2.0.2/src/main.c:228:2: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(seed);
data/cmph-2.0.2/src/wingetopt.c:84:5: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
int getopt(int argc, char *argv[], char *opstring)
data/cmph-2.0.2/src/wingetopt.h:18:6: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
int getopt(int argc, char *argv[], char *opstring);
data/cmph-2.0.2/tests/mphf_tests.c:51:19: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
char ch = (char)getopt(argc, argv, "hVvk:m:");
data/cmph-2.0.2/tests/packed_mphf_tests.c:56:19: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
char ch = (char)getopt(argc, argv, "hVvt:k:m:");
data/cmph-2.0.2/cxxmph/benchmark.cc:82:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/cmph-2.0.2/cxxmph/bm_index.cc:84:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE* f = fopen(urls_file_.c_str(), "r");
data/cmph-2.0.2/cxxmph/string_util.h:91:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256]; // Is this enough?
data/cmph-2.0.2/examples/file_adapter_ex2.c:8:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE * keys_fd = fopen("keys.txt", "r");
data/cmph-2.0.2/examples/small_set_ex4.c:9:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[256];
data/cmph-2.0.2/examples/small_set_ex4.c:23:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
mphf_fd = fopen(filename, "w");
data/cmph-2.0.2/examples/small_set_ex4.c:33:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
mphf_fd = fopen(filename, "r");
data/cmph-2.0.2/examples/struct_vector_adapter_ex3.c:8:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[11];
data/cmph-2.0.2/examples/struct_vector_adapter_ex3.c:22:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE* mphf_fd = fopen("temp_struct_vector.mph", "wb");
data/cmph-2.0.2/examples/struct_vector_adapter_ex3.c:37:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
mphf_fd = fopen("temp_struct_vector.mph", "rb");
data/cmph-2.0.2/examples/vector_adapter_ex1.c:12:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE* mphf_fd = fopen("temp.mph", "wb");
data/cmph-2.0.2/examples/vector_adapter_ex1.c:27:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
mphf_fd = fopen("temp.mph", "rb");
data/cmph-2.0.2/src/bdz.c:653:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, data->ranktable, sizeof(cmph_uint32)*(data->ranktablesize));
data/cmph-2.0.2/src/bdz.c:661:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, data->g, sizeof(cmph_uint8)*sizeg);
data/cmph-2.0.2/src/bdz_gen_lookup_table.c:13:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int n = atoi(argv[1]);
data/cmph-2.0.2/src/bdz_gen_lookup_table.c:14:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int wordsize = (atoi(argv[2]) >> 1);
data/cmph-2.0.2/src/bdz_ph.c:572:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, data->g, sizeof(cmph_uint8)*sizeg);
data/cmph-2.0.2/src/bm_numbers.c:31:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mphf_name[128];
data/cmph-2.0.2/src/bmz.c:588:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, data->g, sizeof(cmph_uint32)*data->n);
data/cmph-2.0.2/src/bmz8.c:594:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, data->g, sizeof(cmph_uint8)*data->n);
data/cmph-2.0.2/src/brz.c:46:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy((char *)(brz->tmp_dir), "/var/tmp/");
data/cmph-2.0.2/src/brz.c:297:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
tmp_fd = fopen(filename, "wb");
data/cmph-2.0.2/src/brz.c:312:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer + memory_usage, &keylen, sizeof(keylen));
data/cmph-2.0.2/src/brz.c:313:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer + memory_usage + sizeof(keylen), key, (size_t)keylen);
data/cmph-2.0.2/src/brz.c:357:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
tmp_fd = fopen(filename, "wb");
data/cmph-2.0.2/src/brz.c:543:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, &buflenh1, sizeof(cmph_uint32));
data/cmph-2.0.2/src/brz.c:544:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf+sizeof(cmph_uint32), bufh1, (size_t)buflenh1);
data/cmph-2.0.2/src/brz.c:545:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf+sizeof(cmph_uint32)+buflenh1, &buflenh2, sizeof(cmph_uint32));
data/cmph-2.0.2/src/brz.c:546:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf+2*sizeof(cmph_uint32)+buflenh1, bufh2, (size_t)buflenh2);
data/cmph-2.0.2/src/brz.c:547:26: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
for (i = 0; i < n; i++) memcpy(buf+2*sizeof(cmph_uint32)+buflenh1+buflenh2+i,(fchf->g + i), (size_t)1);
data/cmph-2.0.2/src/brz.c:564:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, &buflenh1, sizeof(cmph_uint32));
data/cmph-2.0.2/src/brz.c:565:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf+sizeof(cmph_uint32), bufh1, (size_t)buflenh1);
data/cmph-2.0.2/src/brz.c:566:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf+sizeof(cmph_uint32)+buflenh1, &buflenh2, sizeof(cmph_uint32));
data/cmph-2.0.2/src/brz.c:567:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf+2*sizeof(cmph_uint32)+buflenh1, bufh2, (size_t)buflenh2);
data/cmph-2.0.2/src/brz.c:568:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf+2*sizeof(cmph_uint32)+buflenh1+buflenh2,bmzf->g, (size_t)n);
data/cmph-2.0.2/src/brz.c:755:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, &(data->algo), sizeof(data->algo));
data/cmph-2.0.2/src/brz.c:760:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, &h0_type, sizeof(h0_type));
data/cmph-2.0.2/src/brz.c:768:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, &(data->k), sizeof(data->k));
data/cmph-2.0.2/src/brz.c:777:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, &h1_type, sizeof(h1_type));
data/cmph-2.0.2/src/brz.c:782:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, &h2_type, sizeof(h2_type));
data/cmph-2.0.2/src/brz.c:786:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, data->size, sizeof(cmph_uint8)*data->k);
data/cmph-2.0.2/src/brz.c:790:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, data->offset, sizeof(cmph_uint32)*data->k);
data/cmph-2.0.2/src/brz.c:827:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(g_i, data->g[i], sizeof(cmph_uint8)*n);
data/cmph-2.0.2/src/buffer_entry.c:32:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
buffer_entry->fd = fopen(filename, "rb");
data/cmph-2.0.2/src/buffer_entry.c:69:26: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if (copied_bytes != 0) memcpy(keylen, buffer_entry->buff + buffer_entry->pos, (size_t)copied_bytes);
data/cmph-2.0.2/src/buffer_entry.c:72:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(keylen + copied_bytes, buffer_entry->buff + buffer_entry->pos, (size_t)lacked_bytes);
data/cmph-2.0.2/src/buffer_entry.c:78:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, keylen, sizeof(*keylen));
data/cmph-2.0.2/src/buffer_entry.c:83:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf + sizeof(*keylen), buffer_entry->buff + buffer_entry->pos, (size_t)copied_bytes);
data/cmph-2.0.2/src/buffer_entry.c:87:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf+sizeof(*keylen)+copied_bytes, buffer_entry->buff + buffer_entry->pos, (size_t)lacked_bytes);
data/cmph-2.0.2/src/chd.c:246:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr8, data->packed_cr, data->packed_cr_size);
data/cmph-2.0.2/src/chd.c:253:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr8, data->packed_chd_phf, data->packed_chd_phf_size);
data/cmph-2.0.2/src/chm.c:335:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, data->g, sizeof(cmph_uint32)*data->n);
data/cmph-2.0.2/src/cmph.c:63:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZ];
data/cmph-2.0.2/src/cmph.c:68:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*key + *keylen, buf, strlen(buf));
data/cmph-2.0.2/src/cmph.c:86:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(keylen, keys_vd[cmph_vector->position], sizeof(*keylen));
data/cmph-2.0.2/src/cmph.c:89:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*key, keys_vd[cmph_vector->position] + sizeof(*keylen), size);
data/cmph-2.0.2/src/cmph.c:107:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*key, keys_vd + keys_vd_offset, size);
data/cmph-2.0.2/src/cmph.c:162:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZ];
data/cmph-2.0.2/src/cmph_structs.c:35:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char algo_name[BUFSIZ];
data/cmph-2.0.2/src/compressed_rank.c:146:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*buf, &(cr->max_val), sizeof(cmph_uint32));
data/cmph-2.0.2/src/compressed_rank.c:150:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*buf + pos, &(cr->n), sizeof(cmph_uint32));
data/cmph-2.0.2/src/compressed_rank.c:154:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*buf + pos, &(cr->rem_r), sizeof(cmph_uint32));
data/cmph-2.0.2/src/compressed_rank.c:160:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*buf + pos, &buflen_sel, sizeof(cmph_uint32));
data/cmph-2.0.2/src/compressed_rank.c:164:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*buf + pos, buf_sel, buflen_sel);
data/cmph-2.0.2/src/compressed_rank.c:178:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*buf + pos, cr->vals_rems, vals_rems_size);
data/cmph-2.0.2/src/compressed_rank.c:197:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(cr->max_val), buf, sizeof(cmph_uint32));
data/cmph-2.0.2/src/compressed_rank.c:201:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(cr->n), buf + pos, sizeof(cmph_uint32));
data/cmph-2.0.2/src/compressed_rank.c:205:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(cr->rem_r), buf + pos, sizeof(cmph_uint32));
data/cmph-2.0.2/src/compressed_rank.c:210:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&buflen_sel, buf + pos, sizeof(cmph_uint32));
data/cmph-2.0.2/src/compressed_rank.c:232:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cr->vals_rems, buf + pos, vals_rems_size);
data/cmph-2.0.2/src/compressed_rank.c:254:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cr_packed, buf, buflen);
data/cmph-2.0.2/src/compressed_seq.c:185:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*buf, &(cs->n), sizeof(cmph_uint32));
data/cmph-2.0.2/src/compressed_seq.c:189:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*buf + pos, &(cs->rem_r), sizeof(cmph_uint32));
data/cmph-2.0.2/src/compressed_seq.c:193:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*buf + pos, &(cs->total_length), sizeof(cmph_uint32));
data/cmph-2.0.2/src/compressed_seq.c:200:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*buf + pos, &buflen_sel, sizeof(cmph_uint32));
data/cmph-2.0.2/src/compressed_seq.c:204:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*buf + pos, buf_sel, buflen_sel);
data/cmph-2.0.2/src/compressed_seq.c:217:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*buf + pos, cs->length_rems, length_rems_size);
data/cmph-2.0.2/src/compressed_seq.c:227:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*buf + pos, cs->store_table, store_table_size);
data/cmph-2.0.2/src/compressed_seq.c:246:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(cs->n), buf, sizeof(cmph_uint32));
data/cmph-2.0.2/src/compressed_seq.c:250:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(cs->rem_r), buf + pos, sizeof(cmph_uint32));
data/cmph-2.0.2/src/compressed_seq.c:254:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(cs->total_length), buf + pos, sizeof(cmph_uint32));
data/cmph-2.0.2/src/compressed_seq.c:259:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&buflen_sel, buf + pos, sizeof(cmph_uint32));
data/cmph-2.0.2/src/compressed_seq.c:281:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cs->length_rems, buf + pos, length_rems_size);
data/cmph-2.0.2/src/compressed_seq.c:299:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cs->store_table, buf + pos, store_table_size);
data/cmph-2.0.2/src/compressed_seq.c:318:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cs_packed, buf, buflen);
data/cmph-2.0.2/src/debug.h:30:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(f, p, plen);
data/cmph-2.0.2/src/debug.h:31:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(f + plen, format, strlen(format) + 1);
data/cmph-2.0.2/src/fch.c:463:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, data->g, sizeof(cmph_uint32)*(data->b));
data/cmph-2.0.2/src/hash.c:69:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
*buf = (char *)malloc(strlen(cmph_hash_names[state->hashfunc]) + 1 + *buflen);
data/cmph-2.0.2/src/hash.c:70:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*buf, cmph_hash_names[state->hashfunc], strlen(cmph_hash_names[state->hashfunc]) + 1);
data/cmph-2.0.2/src/hash.c:73:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*buf + strlen(cmph_hash_names[state->hashfunc]) + 1, algobuf, len);
data/cmph-2.0.2/src/jenkins_hash.c:231:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*buf, &(state->seed), sizeof(cmph_uint32));
data/cmph-2.0.2/src/jenkins_hash.c:263:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(jenkins_packed, &(state->seed), sizeof(cmph_uint32));
data/cmph-2.0.2/src/main.c:233:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mphf_file, keys_file, strlen(keys_file));
data/cmph-2.0.2/src/main.c:234:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mphf_file + strlen(keys_file), ".mph\0", (size_t)5);
data/cmph-2.0.2/src/main.c:237:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
keys_fd = fopen(keys_file, "r");
data/cmph-2.0.2/src/main.c:251:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
mphf_fd = fopen(mphf_file, "wb");
data/cmph-2.0.2/src/main.c:289:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
mphf_fd = fopen(mphf_file, "rb");
data/cmph-2.0.2/src/select.c:239:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*buf, &(sel->n), sizeof(cmph_uint32));
data/cmph-2.0.2/src/select.c:241:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*buf + pos, &(sel->m), sizeof(cmph_uint32));
data/cmph-2.0.2/src/select.c:243:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*buf + pos, sel->bits_vec, vec_size);
data/cmph-2.0.2/src/select.c:245:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*buf + pos, sel->select_table, sel_table_size);
data/cmph-2.0.2/src/select.c:257:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(sel->n), buf, sizeof(cmph_uint32));
data/cmph-2.0.2/src/select.c:259:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(sel->m), buf + pos, sizeof(cmph_uint32));
data/cmph-2.0.2/src/select.c:278:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sel->bits_vec, buf + pos, vec_size);
data/cmph-2.0.2/src/select.c:280:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sel->select_table, buf + pos, sel_table_size);
data/cmph-2.0.2/src/select.c:298:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sel_packed, buf, buflen);
data/cmph-2.0.2/tests/mphf_tests.c:94:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mphf_file, keys_file, strlen(keys_file));
data/cmph-2.0.2/tests/mphf_tests.c:95:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mphf_file + strlen(keys_file), ".mph\0", (size_t)5);
data/cmph-2.0.2/tests/mphf_tests.c:98:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
keys_fd = fopen(keys_file, "r");
data/cmph-2.0.2/tests/mphf_tests.c:110:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
mphf_fd = fopen(mphf_file, "rb");
data/cmph-2.0.2/tests/packed_mphf_tests.c:109:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mphf_file, keys_file, strlen(keys_file));
data/cmph-2.0.2/tests/packed_mphf_tests.c:110:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mphf_file + strlen(keys_file), ".mph\0", (size_t)5);
data/cmph-2.0.2/tests/packed_mphf_tests.c:113:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
keys_fd = fopen(keys_file, "r");
data/cmph-2.0.2/tests/packed_mphf_tests.c:125:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
mphf_fd = fopen(mphf_file, "rb");
data/cmph-2.0.2/cxxmph/mph_map.h:131:43: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
return lhs.size() == rhs.size() && std::equal(lhs.begin(), lhs.end(), rhs.begin());
data/cmph-2.0.2/cxxmph/stringpiece.h:40:63: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
: ptr_(str), length_((str == NULL) ? 0 : static_cast<int>(strlen(str))) { }
data/cmph-2.0.2/cxxmph/stringpiece.h:59:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length_ = static_cast<int>(strlen(str));
data/cmph-2.0.2/examples/file_adapter_ex2.c:25:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int id = cmph_search(hash, key, (cmph_uint32)strlen(key));
data/cmph-2.0.2/examples/vector_adapter_ex1.c:31:63: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int id = cmph_search(hash, key, (cmph_uint32)strlen(key));
data/cmph-2.0.2/src/bdz.c:413:20: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
mph->key_source->read(mph->key_source->data, &key, &keylen);
data/cmph-2.0.2/src/bdz_ph.c:371:20: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
mph->key_source->read(mph->key_source->data, &key, &keylen);
data/cmph-2.0.2/src/bmz.c:434:20: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
mph->key_source->read(mph->key_source->data, &key, &keylen);
data/cmph-2.0.2/src/bmz8.c:441:20: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
mph->key_source->read(mph->key_source->data, &key, &keylen);
data/cmph-2.0.2/src/brz.c:83:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen((char *)tmp_dir);
data/cmph-2.0.2/src/brz.c:264:20: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
mph->key_source->read(mph->key_source->data, &key, &keylen);
data/cmph-2.0.2/src/brz.c:295:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
filename = (char *)calloc(strlen((char *)(brz->tmp_dir)) + 11, sizeof(char));
data/cmph-2.0.2/src/brz.c:355:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
filename = (char *)calloc(strlen((char *)(brz->tmp_dir)) + 11, sizeof(char));
data/cmph-2.0.2/src/brz.c:382:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nbytes = fwrite(cmph_names[CMPH_BRZ], (size_t)(strlen(cmph_names[CMPH_BRZ]) + 1), (size_t)1, brz->mphf_fd);
data/cmph-2.0.2/src/brz.c:397:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
filename = (char *)calloc(strlen((char *)(brz->tmp_dir)) + 11, sizeof(char));
data/cmph-2.0.2/src/chd_ph.c:239:21: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
mph->key_source->read(mph->key_source->data, &key, &keylen);
data/cmph-2.0.2/src/chm.c:180:20: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
mph->key_source->read(mph->key_source->data, &key, &keylen);
data/cmph-2.0.2/src/cmph.c:67:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*key = (char *)realloc(*key, *keylen + strlen(buf) + 1);
data/cmph-2.0.2/src/cmph.c:68:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(*key + *keylen, buf, strlen(buf));
data/cmph-2.0.2/src/cmph.c:69:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*keylen += (cmph_uint32)strlen(buf);
data/cmph-2.0.2/src/cmph.c:70:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (buf[strlen(buf) - 1] != '\n') continue;
data/cmph-2.0.2/src/cmph.c:117:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*keylen = (cmph_uint32)strlen(keys_vd[cmph_vector->position]);
data/cmph-2.0.2/src/cmph.c:169:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (buf[strlen(buf) - 1] != '\n') continue;
data/cmph-2.0.2/src/cmph.h:21:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int (*read)(void *, char **, cmph_uint32 *);
data/cmph-2.0.2/src/cmph_structs.c:28:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nbytes = fwrite(cmph_names[mphf->algo], (size_t)(strlen(cmph_names[mphf->algo]) + 1), (size_t)1, fd);
data/cmph-2.0.2/src/debug.h:26:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t plen = strlen(p);
data/cmph-2.0.2/src/debug.h:28:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
f = (char *)malloc(plen + strlen(format) + 1);
data/cmph-2.0.2/src/debug.h:31:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(f + plen, format, strlen(format) + 1);
data/cmph-2.0.2/src/fch.c:103:20: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
mph->key_source->read(mph->key_source->data, &key, &keylen);
data/cmph-2.0.2/src/hash.c:69:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*buf = (char *)malloc(strlen(cmph_hash_names[state->hashfunc]) + 1 + *buflen);
data/cmph-2.0.2/src/hash.c:70:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(*buf, cmph_hash_names[state->hashfunc], strlen(cmph_hash_names[state->hashfunc]) + 1);
data/cmph-2.0.2/src/hash.c:73:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(*buf + strlen(cmph_hash_names[state->hashfunc]) + 1, algobuf, len);
data/cmph-2.0.2/src/hash.c:74:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*buflen = (cmph_uint32)strlen(cmph_hash_names[state->hashfunc]) + 1 + *buflen;
data/cmph-2.0.2/src/hash.c:109:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
offset = (cmph_uint32)strlen(cmph_hash_names[hashfunc]) + 1;
data/cmph-2.0.2/src/hashtree.c:175:20: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
mph->key_source->read(mph->key_source->data, &key, &keylen);
data/cmph-2.0.2/src/main.c:232:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mphf_file = (char *)malloc(strlen(keys_file) + 5);
data/cmph-2.0.2/src/main.c:233:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(mphf_file, keys_file, strlen(keys_file));
data/cmph-2.0.2/src/main.c:234:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(mphf_file + strlen(keys_file), ".mph\0", (size_t)5);
data/cmph-2.0.2/src/main.c:313:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
source->read(source->data, &buf, &buflen);
data/cmph-2.0.2/tests/mphf_tests.c:93:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mphf_file = (char *)malloc(strlen(keys_file) + 5);
data/cmph-2.0.2/tests/mphf_tests.c:94:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(mphf_file, keys_file, strlen(keys_file));
data/cmph-2.0.2/tests/mphf_tests.c:95:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(mphf_file + strlen(keys_file), ".mph\0", (size_t)5);
data/cmph-2.0.2/tests/mphf_tests.c:134:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
source->read(source->data, &buf, &buflen);
data/cmph-2.0.2/tests/packed_mphf_tests.c:108:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mphf_file = (char *)malloc(strlen(keys_file) + 5);
data/cmph-2.0.2/tests/packed_mphf_tests.c:109:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(mphf_file, keys_file, strlen(keys_file));
data/cmph-2.0.2/tests/packed_mphf_tests.c:110:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(mphf_file + strlen(keys_file), ".mph\0", (size_t)5);
data/cmph-2.0.2/tests/packed_mphf_tests.c:168:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
source->read(source->data, &buf, &buflen);
ANALYSIS SUMMARY:
Hits = 189
Lines analyzed = 16626 in approximately 0.57 seconds (29086 lines/second)
Physical Source Lines of Code (SLOC) = 13013
Hits@level = [0] 354 [1] 47 [2] 115 [3] 17 [4] 10 [5] 0
Hits@level+ = [0+] 543 [1+] 189 [2+] 142 [3+] 27 [4+] 10 [5+] 0
Hits/KSLOC@level+ = [0+] 41.7275 [1+] 14.5239 [2+] 10.9122 [3+] 2.07485 [4+] 0.768462 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.