Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/cpl-plugin-vimos-4.1.1+dfsg/libpil/kazlib/sfx.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/libpil/kazlib/hash.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/libpil/kazlib/list.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/libpil/kazlib/except.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/libpil/kazlib/list.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/libpil/kazlib/hash.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/libpil/kazlib/dict.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/libpil/kazlib/dict.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/libpil/tests/paf-test.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilerrno.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilframeset.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilfits.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/piltimer.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pillist.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/piltranslator.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilpaf.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilframe.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/getopt.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilframeset.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/piltask.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilcatmap.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilfileutils.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pillist.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/md5.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilfits.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pildate.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilqc.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilkeymap.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/piltranslator.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilalias.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilstrutils.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pildictionary.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pildfsconfig.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/getopt1.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilkeyword.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilcatmap.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/getopt.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilutils.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilmemory.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pildate.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilframe.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilmemory.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilpaf.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilrecipe.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilerrno.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/piltask.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilstrutils.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilalias.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilkeyword.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilqc.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilrecipe.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilmacros.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilcdb.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilutils.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilastroutils.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilastroutils.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilcdb.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilkeymap.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilmessages.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilfileutils.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/md5.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pildfsconfig.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/piltimer.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pildictionary.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilmessages.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/hdrl_bpm_fit.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/hdrl_sigclip.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/hdrl_overscan_defs.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/hdrl_catalogue.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/hdrl_bpm_3d.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/igam.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/hdrl_test.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/hdrl_sigclip.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/hdrl_image.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/hdrl_fit.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/hdrl_flat.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/hdrl_elemop.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/hdrl_elemop.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/hdrl_random.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/hdrl_lacosmics.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/hdrl_prototyping.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/hdrl_fringe.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/hdrl_prototyping.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/hdrl_strehl.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/hdrl_imagelist_view.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/hdrl_frameiter.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/hdrl_imagelist_view.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/hdrl_image.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/hdrl_frameiter.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/hdrl_image_math.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/hdrl_image_math.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/hdrl_bpm_2d.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/hdrl_bpm_2d.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/hdrl_bpm_fit.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/hdrl_combine.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/hdrl_multiiter.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/hdrl_iter.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/hdrl_utils.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/hdrl_parameter_defs.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/hdrl_catalogue.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/hdrl_imagelist_basic.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/hdrl_lacosmics.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/hdrl_strehl.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/hdrl_image_defs.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/hdrl_buffer.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/hdrl.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/hdrl_collapse.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/hdrl_parameter.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/hdrl_bpm_utils.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/hdrl_overscan.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/hdrl_random.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/hdrl_combine.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/hdrl_iter.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/hdrl_bpm_utils.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/hdrl_imagelist.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/tests/hdrl_utils-test.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/tests/hdrl_elemop-test.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/tests/hdrl_strehl-test.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/tests/hdrl_buffer-test.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/tests/hdrl_frameiter-test.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/tests/hdrl_fringe-test.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/tests/hdrl_random-test.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/tests/hdrl_image-test.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/tests/hdrl_bpm_2d-test.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/tests/hdrl_overscan-test.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/tests/hdrl_collapse-test.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/tests/hdrl_parameter-test.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/tests/hdrl_imagelist_basic-test.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/tests/hdrl_catalogue-test.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/tests/hdrl_bpm_utils-test.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/tests/hdrl_combine-test.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/tests/hdrl_lacosmics-test.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/tests/hdrl_bpm_3d-test.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/tests/hdrl_imagelist_view-test.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/tests/hdrl_bpm_fit-test.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/tests/hdrl_imagelist_io-test.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/tests/hdrl_flat-test.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/tests/hdrl_sigclip-test.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/tests/hdrl_fit-test.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/hdrl_imagelist_io.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/hdrl_flat.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/hdrl_fit.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/hdrl_imagelist_basic.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/hdrl_types.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/hdrl_collapse.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/hdrl_parameter.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/hdrl_utils.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/hdrl_multiiter.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/hdrl_overscan.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/catalogue/create_table_6.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/catalogue/imcore_background.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/catalogue/casu_utilfunctions.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/catalogue/apinit.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/catalogue/moments.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/catalogue/imcore_conf.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/catalogue/imcore_overlp.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/catalogue/casu_utilfunctions.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/catalogue/polynm.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/catalogue/imcore_filter.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/catalogue/classify.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/catalogue/apclust.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/catalogue/create_table.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/catalogue/classify.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/catalogue/seeing.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/catalogue/areals.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/catalogue/imcore_version.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/catalogue/floatmath.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/catalogue/tests/hdrl_casubkg_badpatch-test.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/catalogue/tests/imcore_moments-test.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/catalogue/tests/imcore_apinit-test.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/catalogue/tests/imcore_conf-test.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/catalogue/tests/imcore_classify-test.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/catalogue/tests/imcore_polynm-test.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/catalogue/tests/hdrl_casuaddmul-test.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/catalogue/tests/hdrl_simulerror_montecarlo-test.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/catalogue/tests/casu_imcore-test.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/catalogue/tests/imcore_radii-test.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/catalogue/tests/imcore_background-test.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/catalogue/tests/imcore_seeing-test.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/catalogue/tests/imcore_areals-test.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/catalogue/imcore_phopt.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/catalogue/imcore_radii.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/catalogue/terminate.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/catalogue/imcore_extend.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/catalogue/solve.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/catalogue/ap.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/catalogue/apline.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/catalogue/util.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/catalogue/imcore.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/catalogue/imcore_radii.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/hdrl_bpm_3d.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/hdrl_buffer.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/hdrl_imagelist_basic_body.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/hdrl_fringe.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/hdrl_imagelist_defs.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/hdrl_imagelist_io.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/libmosca/wavelength_calibration.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/libmosca/flat_combine.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/libmosca/extinction.cpp
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/libmosca/statistics.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/libmosca/image_smooth.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/libmosca/rect_region.cpp
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/libmosca/image_spline_fit.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/libmosca/calibrated_slit.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/libmosca/reduce_method.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/libmosca/ccd_config.cpp
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/libmosca/global_distortion.cpp
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/libmosca/response.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/libmosca/detected_slits.cpp
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/libmosca/mosca_image.cpp
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/libmosca/spectrum.cpp
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/libmosca/ccd_config.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/libmosca/spec_std_star.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/libmosca/statistics.cpp
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/libmosca/vector_utils.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/libmosca/extinction.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/libmosca/grism_config.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/libmosca/slit_trace_distortion.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/libmosca/vector_utils.cpp
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/libmosca/profile_providers.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/libmosca/slit_trace_distortion.cpp
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/libmosca/spec_std_star.cpp
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/libmosca/grism_config.cpp
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/libmosca/image_normalisation.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/libmosca/wavelength_calibration.cpp
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/libmosca/mosca_image.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/libmosca/global_distortion.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/libmosca/detected_slit.cpp
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/libmosca/tests/fiera_config-test.cpp
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/libmosca/tests/flat_combine-test.cpp
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/libmosca/tests/image_smooth-test.cpp
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/libmosca/tests/image_normalisation-test.cpp
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/libmosca/image_utils.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/libmosca/spectrum.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/libmosca/detected_slits.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/libmosca/spatial_distortion.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/libmosca/rect_region.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/libmosca/fiera_config.cpp
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/libmosca/reduce_method.cpp
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/libmosca/fiera_config.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/libmosca/image_smooth.cpp
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/libmosca/calibrated_slit.cpp
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/libmosca/type_traits.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/libmosca/spatial_distortion.cpp
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/libmosca/detected_slit.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/mosca/libmosca/response.cpp
Examining data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifucombine.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vimos_ima_science.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vimos_ima_fringe.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmbias.cc
Examining data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vimos_ima_dark.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vimos_ima_bias.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vimos_calib.cc
Examining data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vimos_ima_det_noise.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmdark.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifustandard.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vimos_science.cc
Examining data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vimos_ima_standard.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifuscience.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifucalib.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vimos_ima_twilight_flat.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmspphot.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmdet.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifucombinecube.cc
Examining data/cpl-plugin-vimos-4.1.1+dfsg/irplib/irplib_distortion.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/irplib/irplib_oddeven.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/irplib/irplib_polynomial.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/irplib/irplib_stdstar.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/irplib/irplib_flat.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/irplib/irplib_calib.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/irplib/irplib_wavecal.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/irplib/irplib_ksigma_clip.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/irplib/irplib_slitpos.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/irplib/irplib_wcs.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/irplib/irplib_calib.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/irplib/irplib_plugin.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/irplib/irplib_polynomial.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/irplib/irplib_hist.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/irplib/irplib_wlxcorr.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/irplib/irplib_ppm.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/irplib/irplib_slitpos.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/irplib/irplib_mkmaster.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/irplib/irplib_plugin.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/irplib/irplib_ksigma_clip_body.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/irplib/irplib_cat.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/irplib/irplib_match_cats.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/irplib/irplib_framelist.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/irplib/irplib_spectrum.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/irplib/irplib_framelist.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/irplib/irplib_oddeven.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/irplib/irplib_utils.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/irplib/irplib_wcs.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/irplib/irplib_wlxcorr.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/irplib/irplib_wavecal.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/irplib/irplib_spectrum.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/irplib/irplib_flat.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/irplib/tests/irplib_cat-test.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/irplib/tests/irplib_utils-test.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/irplib/tests/irplib_sdp_spectrum-test.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/irplib/tests/irplib_wlxcorr-test.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/irplib/tests/irplib_strehl-test.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/irplib/tests/irplib_plugin-test.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/irplib/tests/irplib_hist-test.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/irplib/tests/irplib_framelist-test.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/irplib/tests/irplib_wcs-test.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/irplib/tests/irplib_polynomial-test.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/irplib/irplib_stdstar.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/irplib/irplib_ppm.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/irplib/irplib_strehl.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/irplib/irplib_wavecal_impl.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/irplib/irplib_cat.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/irplib/irplib_strehl.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/irplib/irplib_utils.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/irplib/irplib_match_cats.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/irplib/irplib_sdp_spectrum.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/irplib/irplib_mkmaster.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/irplib/irplib_distortion.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/irplib/irplib_ksigma_clip.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/irplib/irplib_hist.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/irplib/irplib_sdp_spectrum.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_mask.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_platesol.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_wcsutils.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_photcal_extinct.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_nebuliser.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_tfits.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_filt.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_imdither.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_defringe.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_darkcor.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_wcsutils.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_fits.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_utils.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_nditcor.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_genbpm.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_gaincor.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_sky.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_filt.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_stats.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_fits.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_match.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_stats.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_tfits.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_getstds.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_flatcor.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_opm.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_pawsky_minus.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_mods.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_mkconf.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_inpaint.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_sky.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/tests/casu_genbpm-test.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/tests/casu_flatcor-test.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/tests/casu_mkconf-test.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/tests/casu_darkcor-test.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/tests/casu_photcal_extinct-test.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/tests/casu_filt-test.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/tests/casu_imdither-test.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/tests/casu_nditcor-test.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/tests/casu_nebuliser-test.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/tests/casu_tfits-test.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/tests/casu_imcombine-test.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/tests/casu_mask-test.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/tests/casu_wcsutils-test.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/tests/casu_platesol-test.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/tests/casu_imcore-test.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/tests/casu_backmap-test.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/tests/casu_pawsky_minus-test.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/tests/casu_sky-test.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/tests/casu_match-test.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/tests/casu_getstds-test.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/tests/casu_gaincor-test.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/tests/casu_fits-test.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/tests/casu_imstack-test.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/tests/casu_opm-test.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/tests/casu_inpaint-test.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/tests/casu_stats-test.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_imcombine.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_backmap.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_imcore.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_utils.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_mask.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/catalogue/create_table_4.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/catalogue/create_table_6.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/catalogue/create_table_2.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/catalogue/imcore_background.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/catalogue/apinit.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/catalogue/moments.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/catalogue/imcore_conf.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/catalogue/create_table_3.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/catalogue/imcore_overlp.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/catalogue/polynm.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/catalogue/imcore_filter.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/catalogue/classify.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/catalogue/apclust.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/catalogue/create_table.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/catalogue/create_table_1.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/catalogue/classify.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/catalogue/seeing.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/catalogue/areals.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/catalogue/imcore_version.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/catalogue/floatmath.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/catalogue/tests/imcore_moments-test.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/catalogue/tests/imcore_apinit-test.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/catalogue/tests/imcore_conf-test.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/catalogue/tests/imcore_classify-test.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/catalogue/tests/imcore_polynm-test.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/catalogue/tests/imcore_radii-test.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/catalogue/tests/imcore_background-test.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/catalogue/tests/imcore_seeing-test.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/catalogue/tests/imcore_areals-test.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/catalogue/tests/imcore_opm-test.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/catalogue/imcore_opm.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/catalogue/imcore_phopt.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/catalogue/imcore_radii.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/catalogue/terminate.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/catalogue/imcore_extend.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/catalogue/solve.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/catalogue/ap.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/catalogue/apline.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/catalogue/util.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/catalogue/imcore.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/catalogue/imcore_radii.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_imstack.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinitm.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/fitsvimoswcs.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/lvimoswcs.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/polyfit.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/worldpos.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcscon.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catread.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/ty2read.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/fortcat.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcslib.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit1.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/webread.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hput.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/median.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/matchstar.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/fileutil.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/agascread.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/dateutil.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/gscread.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/binread.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/tnxpos.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/platefit.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/proj.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/lin.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/fitsfile.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/actread.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/ujcread.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/tabread.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imvimoswcs.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/sph.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/dsspos.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imhfile.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/findstar.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imgetvimoswcs.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcscat.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/slasubs.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcstrig.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/ctgread.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcspoly.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/sortstar.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/cel.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/fitshead.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/fitsfile.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/iget.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsfort.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imsetvimoswcs.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hget.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/fortvimoswcs.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/daoread.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imrotate.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit0.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imio.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imio.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcslib.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/uacread.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/platepos.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/tnxfit.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_lines.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmifu.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmfit.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmmossphotcalib.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_detected_slits.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmwindowtable.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_calibrated_slits.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_ifu_wcs.cc
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_grism.cc
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmsphottable.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_var.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_overscan.cc
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmcube.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmextincttable.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmidstable.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_imaging_utils.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmextractiontable.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmqcutils.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_calib_mult.cc
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmstdfluxtable.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmmosutils.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_overscan.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmimagearray.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmccdtable.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmcpl.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmifutable.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmdetector.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_calib_mult.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmutils.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmcpl.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/moses.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/two_d_linear_wcs.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/two_d_linear_wcs.cc
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmmosutils.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmimage.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmdistmodels.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmfit.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmadfifutable.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_detmodel.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmimgpreprocessing.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_dfs.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_flat_normalise.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmccdtable.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_calibrated_slits.cc
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmmoswavecalib.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_science_impl.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmwcsutils.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_chop_region.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmidstable.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmdetector.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmmath.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_utils.cc
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmspecphottable.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmtable.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmmath.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmifufibers.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_detected_slits.cc
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmobjecttable.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmimgutils.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmutils.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmmatrix.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_ifu_wcs.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmmossphotcalib.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmtablearray.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmimagearray.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmimageset.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmsphottable.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmimage.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmgrismtable.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmstarmatchtable.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_chop_region.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmstdfluxtable.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_response.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmgrismtable.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmifutypes.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmimgutils.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmcube.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmadf.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmifuextraction.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/fors_tools.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_chop_lowconf.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmextincttable.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmifusky.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_spec_idp.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmifusphotcalib.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmifuutils.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_var.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmstartable.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_grism.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmtypes.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_imaging_utils.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmifutypes.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmifuimage.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/moses.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_detmodel.cc
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmimageset.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmdistmodels.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_biascor.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_response.cc
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmifusky.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmlinecatalog.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmadfifutable.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmwindowtable.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmifuflat.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmmoswavecalib.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/tests/vimos_var-test.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/tests/vimos_chop_region-test.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/tests/vimos_chop_lowconf-test.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/tests/vimos_utils-test.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/tests/vimos_biascor-test.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmifuutils.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_biascor.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmspecphottable.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmqcutils.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmifutable.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmifuextraction.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmstartable.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_utils.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_spec_idp.cc
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_lines.cc
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_calib_impl.cc
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_pfits.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmobjecttable.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmtypes.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmmatrix.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmstarmatchtable.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmifufibers.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_calib_impl.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmifusphotcalib.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_flat_normalise.cc
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmtable.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmimgpreprocessing.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_chop_lowconf.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_mods.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmifu.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmwcsutils.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmextractiontable.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmtablearray.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_dfs.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/fors_tools.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_pfits.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmlinecatalog.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_science_impl.cc
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmifuflat.c
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmadf.h
Examining data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmifuimage.c
FINAL RESULTS:
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_getstds.c:1518:11: [5] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is high; the length parameter
appears to be a constant, instead of computing the number of characters
left.
(void)strncat(buf,"&",BUFSIZ);
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_getstds.c:1519:11: [5] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is high; the length parameter
appears to be a constant, instead of computing the number of characters
left.
(void)strncat(buf,url_encode(buf2),BUFSIZ);
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_getstds.c:1524:11: [5] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is high; the length parameter
appears to be a constant, instead of computing the number of characters
left.
(void)strncat(buf,"&",BUFSIZ);
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_getstds.c:1525:11: [5] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is high; the length parameter
appears to be a constant, instead of computing the number of characters
left.
(void)strncat(buf,url_encode(buf2),BUFSIZ);
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_getstds.c:1531:11: [5] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is high; the length parameter
appears to be a constant, instead of computing the number of characters
left.
(void)strncat(buf,"&",BUFSIZ);
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_getstds.c:1532:11: [5] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is high; the length parameter
appears to be a constant, instead of computing the number of characters
left.
(void)strncat(buf,url_encode(buf2),BUFSIZ);
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_getstds.c:1538:11: [5] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is high; the length parameter
appears to be a constant, instead of computing the number of characters
left.
(void)strncat(buf,"&",BUFSIZ);
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_getstds.c:1539:11: [5] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is high; the length parameter
appears to be a constant, instead of computing the number of characters
left.
(void)strncat(buf,url_encode(buf2),BUFSIZ);
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_getstds.c:1541:11: [5] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is high; the length parameter
appears to be a constant, instead of computing the number of characters
left.
(void)strncat(buf,"&",BUFSIZ);
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_getstds.c:1542:11: [5] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is high; the length parameter
appears to be a constant, instead of computing the number of characters
left.
(void)strncat(buf,url_encode(buf2),BUFSIZ);
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_getstds.c:1544:11: [5] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is high; the length parameter
appears to be a constant, instead of computing the number of characters
left.
(void)strncat(buf,"&",BUFSIZ);
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_getstds.c:1545:11: [5] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is high; the length parameter
appears to be a constant, instead of computing the number of characters
left.
(void)strncat(buf,url_encode(buf2),BUFSIZ);
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_getstds.c:1547:11: [5] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is high; the length parameter
appears to be a constant, instead of computing the number of characters
left.
(void)strncat(buf,"&",BUFSIZ);
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_getstds.c:1548:11: [5] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is high; the length parameter
appears to be a constant, instead of computing the number of characters
left.
(void)strncat(buf,url_encode(buf2),BUFSIZ);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imhfile.c:972:8: [5] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is high; the length parameter
appears to be a constant, instead of computing the number of characters
left.
(void)strncat (newpixname, &pixname[4], SZ_IM2PIXFILE);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imhfile.c:990:8: [5] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is high; the length parameter
appears to be a constant, instead of computing the number of characters
left.
(void)strncat (newpixname, pixname, SZ_IM2PIXFILE);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilrecipe.c:1176:6: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
if (chmod(path, 0644) == -1) {
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilrecipe.c:1206:7: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
if (chmod(path, 0444) == -1)
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilrecipe.c:1383:6: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
if (chmod(dstfile, 0644) == -1) {
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilrecipe.c:1413:7: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
if (chmod(dstfile, 0444) == -1)
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_fits.c:140:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(extname,cpl_propertylist_get_string(eh,"EXTNAME"));
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_fits.c:154:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(extname,cpl_propertylist_get_string(eh,"EXTNAME"));
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_getstds.c:197:15: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void)strcpy(catname2,cdscatname);
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_getstds.c:200:15: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void)strcpy(catname2,catname);
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_getstds.c:1228:9: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(newname,0) != 0)
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_getstds.c:1243:13: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(newname,F_OK) != 0)
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_getstds.c:1402:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf,"GET /viz-bin/asu-fits?%s HTTP/1.0\r\n\r\n",req_string);
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_mask.c:117:13: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(cpl_frame_get_filename(master_mask),R_OK) != 0) {
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_utils.c:912:9: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access((const char *)*catpath,R_OK) != 0) {
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/tests/casu_fits-test.c:65:9: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(testfile,F_OK) == 0)
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/tests/casu_fits-test.c:114:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void)sprintf(str,"%s[%s]",testfile,"TESTEXTN");
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/tests/casu_mask-test.c:63:9: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(fname,F_OK) == 0)
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/tests/casu_tfits-test.c:65:9: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(testfile,F_OK) == 0)
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/tests/casu_tfits-test.c:114:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void)sprintf(str,"%s[%s]",testfile,"TESTTAB");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/actread.c:560:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (path,"%s/data2/act%1d.dat", cdpath, regnum);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/actread.c:564:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (path,"%s/data1/act%04d.dat", cdpath, regnum);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/actread.c:597:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (sc->isfil, actfile);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/agascread.c:94:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (cdn,str);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/agascread.c:96:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (cds,str);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/agascread.c:406:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (cdn,str);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/agascread.c:408:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (cds,str);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/agascread.c:634:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (tabpath,cdn);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/agascread.c:645:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (tabpath,cds);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/agascread.c:895:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (path,"%s/agasc/%s/%04d.fit", cdn, zdir[zone], regnum);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/agascread.c:899:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (path,"%s/agasc/%s/%04d.fit", cds, zdir[zone], regnum);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/binread.c:119:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (str, sc->caturl);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/binread.c:300:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (objname, star->objname);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/binread.c:332:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (objname, star->objname);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/binread.c:364:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (objname, star->objname);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/binread.c:463:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (str, starcat->caturl);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/binread.c:567:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (objname, star->objname);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/binread.c:617:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (bindir, str);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/binread.c:628:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (bindir, str);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/binread.c:638:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (bindir, str);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/binread.c:656:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (binpath, bindir);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/binread.c:658:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (binpath, bincat);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/binread.c:666:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (binpath, bincat);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/binread.c:729:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (sc->incdir, bindir);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/binread.c:730:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (sc->incfile, bincat);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/binread.c:739:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (sc->isfil, binfile);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catread.c:244:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (objname, star->objname);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catread.c:269:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (objname, star->objname);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catread.c:295:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (objname, star->objname);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catread.c:501:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (objname, star->objname);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catread.c:569:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (catdir, str);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catread.c:570:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (catpath, catdir);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catread.c:572:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (catpath, catfile);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catread.c:580:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (catpath, catfile);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catread.c:860:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (st->objname, token);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catread.c:969:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (st->objname, token);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:116:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (title, "USNO %s Stars", refcatname);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:249:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (title, "USNO %s Stars", refcatname);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:253:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (title, refcatname);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:265:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (title, refcatname);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:277:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (title, refcatname);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:350:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (progpath, progpath0);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:509:2: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (numstr, nform, dnum);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:513:2: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (numstr, nform, dnum+0.49);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:517:2: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (numstr, nform, (int)(dnum+0.49));
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:521:2: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (numstr, nform, (int)(dnum+0.49));
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:1274:9: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access (filename, R_OK))
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:1326:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (skey, keyword);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:1334:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (skey, keyword);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:1343:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (skey, keyword);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/ctgread.c:299:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (objname, star->objname);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/ctgread.c:328:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (objname, star->objname);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/ctgread.c:358:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (objname, star->objname);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/ctgread.c:584:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (objname, star->objname);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/ctgread.c:652:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (catpath, str);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/ctgread.c:654:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (catpath, catdir);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/ctgread.c:656:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (catpath, catfile);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/ctgread.c:664:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (catpath, catfile);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/ctgread.c:694:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (sc->isfil, catname);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/ctgread.c:1024:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (st->objname, token);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/ctgread.c:1169:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (st->objname, token);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/dateutil.c:223:6: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (tstring, outform, ihr, imn, sec);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/dateutil.c:227:6: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (tstring, outform, ihr, imn, (int)(sec+0.5));
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/dateutil.c:237:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (string, tstring);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/dateutil.c:239:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (string, dstring);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/dateutil.c:241:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (string, "%sT%s", dstring, tstring);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/findstar.c:31:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
{strcpy (imcatname, cat); return; }
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/fitsfile.c:131:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (extnam, ext+1);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/fitsfile.c:684:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (pw[ifield].kname,temp);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/fitsfile.c:721:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (rw[ik].kname, pw[ifield].kname);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/fitsfile.c:903:7: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (!access (filename, 0)) {
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/fitsfile.c:942:7: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (!access (filename, 0)) {
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/fitsfile.c:1180:10: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (!access (filename, 0)) {
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/fitsfile.c:1266:10: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (!access (filename, 0)) {
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/fitsvimoswcs.c:357:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
{ strcpy (vimoswcsproj, type); return; }
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/fitsvimoswcs.c:404:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (wcstemp, vimoswcsproj);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/fitsvimoswcs.c:407:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (wcstemp, vimoswcsproj);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/fortvimoswcs.c:237:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (radecsys, vimoswcs->radecsys);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/gscread.c:118:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (cdn,str);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/gscread.c:120:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (cds,str);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/gscread.c:441:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (cdn,str);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/gscread.c:443:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (cds,str);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/gscread.c:668:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (tabpath,cdn);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/gscread.c:679:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (tabpath,cds);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/gscread.c:929:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (path,"%s/gsc/%s/%04d.gsc", cdn, zdir[zone], regnum);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/gscread.c:933:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (path,"%s/gsc/%s/%04d.gsc", cds, zdir[zone], regnum);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hget.c:121:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (val, value);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hget.c:170:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (val, value);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hget.c:217:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (val, value);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hget.c:314:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (val, value);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hget.c:353:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (val, value);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hget.c:549:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (keywordi, "%s_1", keyword);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hget.c:553:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (keywordi, "%s_01", keyword);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hget.c:557:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (keywordi, "%s_001", keyword);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hget.c:567:2: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (keywordi, keyform, keyword, ikey);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hget.c:574:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (stri, value);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hget.c:623:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (str, value);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hget.c:811:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (cval,v1);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hget.c:828:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (cval,cpar);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hget.c:845:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (cval, v1);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hput.c:148:2: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (value, format, dval);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hput.c:154:2: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (value, format, dval);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hput.c:248:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (keyroot, keyword);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hput.c:260:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (newkey, keyroot);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hput.c:868:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (string, tstring);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hput.c:1010:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (string, tstring);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hput.c:1053:2: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (tstring, degform, deg1);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hput.c:1057:2: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (tstring, degform, (int)deg1);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hput.c:1062:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (string, tstring);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hput.c:1087:6: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (string, numform, num);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hput.c:1091:6: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (string, numform, (int)num);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hput.c:1097:6: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (string, numform, num);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/iget.c:172:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (val, value);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/iget.c:213:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (val, value);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/iget.c:252:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (val, value);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/iget.c:283:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (val, value);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/iget.c:317:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (str, value);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/iget.c:358:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (keyword,keyword0);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/iget.c:404:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (cval,cpar);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/iget.c:412:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (cval, line);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imgetvimoswcs.c:126:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (temp, ctypes[ptype0]);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imgetvimoswcs.c:129:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (temp, ctypes[ptype0]);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imgetvimoswcs.c:304:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (vimoswcs->radecsys, cstr);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imgetvimoswcs.c:305:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (vimoswcs->radecout, cstr);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imgetvimoswcs.c:306:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (vimoswcs->radecin, cstr);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imhfile.c:812:10: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (!access (hdrname, 0)) {
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imhfile.c:869:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (pixname, newpixname);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imhfile.c:873:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (pixname, bang+1);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imhfile.c:875:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (pixname, pixn);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imhfile.c:908:10: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (!access (pixname, 0)) {
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imhfile.c:1140:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (temp,filename);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imhfile.c:1141:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (pixfile, temp);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imhfile.c:1146:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (temp,pixfile);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imhfile.c:1147:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (pixfile, temp);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imhfile.c:1166:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (temp,pixfile);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imhfile.c:1167:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (pixfile, temp);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imrotate.c:103:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (history,"Copy of image %s bits per pixel %d -> %d",
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imrotate.c:120:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (history,"Copy of image %s reflected",filename);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imrotate.c:144:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (history,"Copy of image %s reflected, rotated 90 degrees",
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imrotate.c:156:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (history,"Copy of image %s rotated 90 degrees",filename);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imrotate.c:173:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (history,"Copy of image %s reflected, rotated 180 degrees",
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imrotate.c:185:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (history,"Copy of image %s rotated 180 degrees",filename);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imrotate.c:200:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (history,"Copy of image %s reflected, rotated 270 degrees",
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imrotate.c:212:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (history,"Copy of image %s rotated 270 degrees",filename);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imrotate.c:228:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (history,"Copy of image %s reflected top to bottom",filename);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imsetvimoswcs.c:842:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (matchcat, cat);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imvimoswcs.c:96:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (rastr, *++av);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imvimoswcs.c:98:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (decstr, *++av);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imvimoswcs.c:155:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (rastr, *++av);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imvimoswcs.c:157:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (decstr, *++av);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imvimoswcs.c:190:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (outname, *++av);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imvimoswcs.c:472:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (newname, outname);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imvimoswcs.c:491:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (newname, fname);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imvimoswcs.c:505:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (newname, imext+1);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imvimoswcs.c:522:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (newname, temp);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imvimoswcs.c:529:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (pixname, newname);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imvimoswcs.c:536:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (newname, name);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/tabread.c:244:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (objname, star->objname);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/tabread.c:275:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (objname, star->objname);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/tabread.c:307:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (objname, star->objname);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/tabread.c:503:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (objname, star->objname);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/tabread.c:700:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (tvalue, value);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/tabread.c:750:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (sc->isfil, tabname);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/tabread.c:1127:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (st->objname, cnum);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/tabread.c:1245:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (tabname, tabcomma+1);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/tabread.c:1253:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (taberr,"TABOPEN: Tab table file %s has no entries",
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/tabread.c:1262:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (taberr,"TABOPEN: Tab table file %s cannot be read",
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/tabread.c:1273:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (taberr,"TABOPEN: cannot allocate Tab Table structure for %s",
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/tabread.c:1285:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (taberr,"TABOPEN: cannot allocate filename %s in structure",
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/tabread.c:1292:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (tabtable->filename, tabfile);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/tabread.c:1297:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (taberr,"TABOPEN: cannot allocate buffer for tab table %s",
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/tabread.c:1377:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (taberr,"TABOPEN: No - line in tab table %s",tabfile);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/ty2read.c:516:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (tabpath, str);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/ty2read.c:521:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (tabpath, ty2cd);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/ty2read.c:584:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (tabpath, str);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/ty2read.c:588:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (tabpath, ty2cd);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/ty2read.c:762:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (ty2path, str);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/ty2read.c:767:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (ty2path, ty2cd);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/ty2read.c:804:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (sc->isfil, ty2file);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/uacread.c:199:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (usa2path,str);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/uacread.c:205:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (usa1path,str);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/uacread.c:214:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (ua2path,str);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/uacread.c:217:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (cdroot,str);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/uacread.c:224:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (ua1path,str);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/uacread.c:227:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (cdroot,str);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/uacread.c:528:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (usa2path,str);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/uacread.c:534:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (usa1path,str);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/uacread.c:543:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (ua2path,str);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/uacread.c:546:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (cdroot,str);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/uacread.c:553:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (ua1path,str);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/uacread.c:556:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (cdroot,str);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/uacread.c:945:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (path,"%s/zone%04d.cat", uapath, zn);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/uacread.c:949:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (path,"%s/zone%04d.cat", uapath, zn);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/uacread.c:958:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (path,"%s/%s/zone%04d.cat", cdroot, cdname[icd-1], zn);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/ujcread.c:114:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (cdu,str);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/ujcread.c:373:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (cdu,str);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/ujcread.c:683:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (path, catname);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/ujcread.c:691:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (path,"%s/ZONE%04d.CAT", cdu, zn);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/ujcread.c:693:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (path,"%s/zone%04d.cat", cdu, zn);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:161:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (vimoswcs->ptype,proj);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:164:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (vimoswcs->ctype[0],proj);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:165:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (vimoswcs->ctype[1],proj);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:290:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (vimoswcs->radecout, vimoswcs->radecsys);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:353:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (vimoswcs->ctype[0], ctype1);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:354:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (vimoswcs->c1type, ctype1);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:355:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (vimoswcs->ptype, ctype1);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:393:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (vimoswcs->ctype[0],"%-4s%4s",vimoswcs->c1type,vimoswcs->ptype);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:475:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (vimoswcs->ctype[1], ctype2);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:476:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (vimoswcs->c2type, ctype2);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:528:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (vimoswcs->ctype[1],"%-4s%4s",vimoswcs->c2type,vimoswcs->ptype);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:1106:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (vimoswcs->radecsys,coorsys);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:1474:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (comform, vimoswcs->command_format[i]);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:1491:10: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
(void)sprintf(command, comform, xystring, filename);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:1493:10: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
(void)sprintf(command, comform, filename, xystring);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:1497:10: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
(void)sprintf(command, comform, xystring, filename,
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:1500:10: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
(void)sprintf(command, comform, filename, xystring,
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:1503:10: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
(void)sprintf(command, comform, filename, vimoswcstring,
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:1508:10: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
(void)sprintf(command, comform, xystring, vimoswcstring,
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:1511:10: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
(void)sprintf(command, comform, vimoswcstring, xystring,
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:1514:10: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
(void)sprintf(command, comform, vimoswcstring, filename,
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:1518:9: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
(void)sprintf(command, comform, xystring);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:1520:9: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
(void)sprintf(command, comform, xystring, vimoswcstring);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:1522:9: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
(void)sprintf(command, comform, vimoswcstring, xystring);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:1527:9: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
(void)sprintf(command, comform, filename);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:1529:9: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
(void)sprintf(command, comform, filename, vimoswcstring);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:1531:9: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
(void)sprintf(command, comform, vimoswcstring, filename);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:1534:12: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
(void)sprintf(command, comform, vimoswcstring);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:1535:8: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
ier = system (command);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:1561:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (vimoswcs->radecout, vimoswcs->radecsys);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:1609:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (vimoswcs->radecout, coorsys);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:1669:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (vimoswcs->radecin, vimoswcs->radecsys);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:1713:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (vimoswcs->radecin, coorsys);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:1835:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void)sprintf (vimoswcstring,"%s %s", rastr, decstr);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:1837:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void)sprintf (vimoswcstring,"%s %s", rastr, decstr);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:1862:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void)sprintf (vimoswcstring,"%s %s", rastr, decstr);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:1864:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void)sprintf (vimoswcstring,"%s %s", rastr, decstr);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:1939:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (vimoswcstring, vimoswcs->radecout);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:1953:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (rastr, vimoswcs->units[0]);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:1957:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (decstr, vimoswcs->units[1]);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:1964:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void)sprintf (vimoswcstring,"%s %s", rastr, decstr);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:1966:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void)sprintf (vimoswcstring,"%s %s", rastr, decstr);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:1981:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (vimoswcstring, vimoswcs->units[0]);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:1985:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (vimoswcstring, vimoswcs->units[1]);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:2339:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (vimoswcsfile, filename);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:2348:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
{ strcpy (vimoswcserrmsg, errmsg); return; }
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:2376:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
{ strcpy (vimoswcscoor0, vimoswcscoor); return; }
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:2397:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (vimoswcscom0[i], vimoswcscomm);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsfort.c:237:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (radecsys, vimoswcs->radecsys);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit.c:287:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (ctype2, ctype1);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit.c:294:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (vimoswcs->ctype[0], ctype1);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit.c:295:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (vimoswcs->ctype[1], ctype2);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit.c:610:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void)sprintf (vimoswcs->center,"%2.0f:%2.0f:%5.3f %c%2.0f:%2.0f:%5.3f %s",
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit.c:828:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (vimoswcs->radecout, vimoswcs->radecsys);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit.c:831:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (vimoswcs->radecin, vimoswcs->radecsys);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit.c:958:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (vimoswcs->radecsys,systring);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit0.c:132:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (vimoswcs->ctype[0], ctype1);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit0.c:133:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (vimoswcs->ctype[1], ctype2);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit0.c:424:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void)sprintf (vimoswcs->center,"%2.0f:%2.0f:%5.3f %c%2.0f:%2.0f:%5.3f %s",
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit0.c:638:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (vimoswcs->radecout, vimoswcs->radecsys);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit0.c:641:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (vimoswcs->radecin, vimoswcs->radecsys);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit0.c:739:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (vimoswcs->radecsys,systring);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit1.c:132:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (vimoswcs->ctype[0], ctype1);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit1.c:133:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (vimoswcs->ctype[1], ctype2);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit1.c:424:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void)sprintf (vimoswcs->center,"%2.0f:%2.0f:%5.3f %c%2.0f:%2.0f:%5.3f %s",
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit1.c:638:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (vimoswcs->radecout, vimoswcs->radecsys);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit1.c:641:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (vimoswcs->radecin, vimoswcs->radecsys);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit1.c:739:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (vimoswcs->radecsys,systring);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinitm.c:287:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (ctype2, ctype1);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinitm.c:294:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (vimoswcs->ctype[0], ctype1);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinitm.c:295:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (vimoswcs->ctype[1], ctype2);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinitm.c:610:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void)sprintf (vimoswcs->center,"%2.0f:%2.0f:%5.3f %c%2.0f:%2.0f:%5.3f %s",
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinitm.c:827:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (vimoswcs->radecout, vimoswcs->radecsys);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinitm.c:830:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (vimoswcs->radecin, vimoswcs->radecsys);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinitm.c:957:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (vimoswcs->radecsys,systring);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcslib.c:466:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(requir, "DEC--%s", vimoswcs->pcode);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcslib.c:472:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(requir, "RA---%s", vimoswcs->pcode);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcslib.c:478:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(requir, "%s-%s", vimoswcs->lattyp, vimoswcs->pcode);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcslib.c:484:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(requir, "%s-%s", vimoswcs->lngtyp, vimoswcs->pcode);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/webread.c:95:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (srchurl, "?catalog=%s&ra=%.7f&dec=%.7f&system=%s&",
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/webread.c:100:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (srchurl, temp);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/webread.c:105:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (srchurl, temp);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/webread.c:108:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (srchurl, temp);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/webread.c:112:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (srchurl, temp);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/webread.c:116:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (srchurl, temp);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/webread.c:140:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (srchurl, temp);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/webread.c:142:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (srchurl, temp);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/webread.c:164:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (srchurl, temp);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/webread.c:167:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (srchurl, temp);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/webread.c:170:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (srchurl, temp);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/webread.c:244:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (numlist, numstr);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/webread.c:247:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (numlist, numstr);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/webread.c:252:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (srchurl, "?catalog=%s&num=%s&outsys=%s&",refcatname,numlist,csys);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/webread.c:255:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (srchurl, temp);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/webread.c:332:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (srchurl, cgipart);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/webread.c:333:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (srchurl, srchpar);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/webread.c:395:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (newbuff, tabbuff);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/webread.c:417:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (tabbuff, linebuff);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/webread.c:422:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (newbuff, tabbuff);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/webread.c:426:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (tabbuff, linebuff);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/webread.c:429:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (tabbuff, linebuff);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/webread.c:454:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (tabtable->filename, caturl);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/webread.c:464:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (tabtable->tabname, srchpar);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/webread.c:568:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(hostname, file);
data/cpl-plugin-vimos-4.1.1+dfsg/irplib/irplib_cat.c:89:9: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access((const char *)fname,R_OK) != 0)
data/cpl-plugin-vimos-4.1.1+dfsg/irplib/irplib_plugin.c:1052:13: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
n = sscanf(line, LINE_SCAN_FMT, path, tag, group);
data/cpl-plugin-vimos-4.1.1+dfsg/irplib/irplib_utils.c:68:30: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__((format (printf, 2, 3)))
data/cpl-plugin-vimos-4.1.1+dfsg/irplib/irplib_wcs.c:252:12: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
nret = sscanf(iso8601, IRPLIB_ISO8601_FORMAT, pyear, pmonth,
data/cpl-plugin-vimos-4.1.1+dfsg/irplib/irplib_wlxcorr.c:755:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(title_loc,
data/cpl-plugin-vimos-4.1.1+dfsg/irplib/irplib_wlxcorr.c:788:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(title_loc,
data/cpl-plugin-vimos-4.1.1+dfsg/irplib/tests/irplib_utils-test.c:482:19: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
cpl_test_zero(system("rm dummyon*.fits"));
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilcdb.c:829:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(parString[count], "%s=\"\"", db_key);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilcdb.c:838:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(parString[count], "%s=\"%s\"", db_key, db_data->value);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilcdb.c:844:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(parString[count], "%s=%s", db_key, db_data->value);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilcdb.c:1081:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(grpname, PILCFG_GRP_DEFAULT);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pildfsconfig.c:143:8: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
sz = vsnprintf(path, PIL_PATHNAME_MAX, fmt, ap);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pildfsconfig.c:145:8: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
sz = vsprintf(path, fmt, ap);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pildfsconfig.c:1046:37: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
const char *value, PilCdbKeyMode access)
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pildfsconfig.c:1053:46: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (pilCdbSetKeyMode(cfgDB, group, name, access) == EXIT_FAILURE)
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilfileutils.c:202:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(tpath, s);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilframeset.c:462:21: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
n = sscanf(sofline, "%s %s %s", path, tag, group);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilmessages.c:158:5: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(string, (size_t) MAX_MESSAGE_LENGTH, format, args);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilmessages.c:160:5: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
vsprintf(string, format, args);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilmessages.c:196:5: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(string, (size_t) MAX_MESSAGE_LENGTH, format, args);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilmessages.c:198:5: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
vsprintf(string, format, args);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilmessages.c:290:3: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(messageText, (size_t) MAX_MESSAGE_LENGTH, format, al);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilmessages.c:292:3: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
vsprintf(messageText, format, al);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilmessages.c:324:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(messageLog, ERROR_STRING);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilmessages.c:325:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(messageTerminal, ERROR_STRING);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilmessages.c:328:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(messageLog, WARNING_STRING);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilmessages.c:329:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(messageTerminal, WARNING_STRING);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilmessages.c:332:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(messageLog, INFO_STRING);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilmessages.c:333:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(messageTerminal, INFO_STRING);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilmessages.c:336:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(messageLog, DEBUG_STRING);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilmessages.c:337:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(messageTerminal, DEBUG_STRING);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilmessages.c:346:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(messageTerminal, recipeName);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilmessages.c:359:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(messageTerminal, functionName);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilmessages.c:363:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(messageLog, functionName);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilmessages.c:375:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(messageLog, messageText);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilmessages.c:376:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(messageTerminal, messageText);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilmessages.c:541:30: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
case PIL_MSG_DEBUG : fprintf(logfilePointer, DEBUG_STRING); break;
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilmessages.c:542:30: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
case PIL_MSG_INFO : fprintf(logfilePointer, INFO_STRING); break;
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilmessages.c:543:30: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
case PIL_MSG_WARNING : fprintf(logfilePointer, WARNING_STRING); break;
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilmessages.c:544:30: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
case PIL_MSG_ERROR : fprintf(logfilePointer, ERROR_STRING); break;
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilmessages.c:769:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(recipeName, name);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilqc.c:84:13: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(line, "Revision: %s", version);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilqc.c:118:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pafName, "%s%.4d.paf", PAF_ROOT_NAME, pafIndex);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilqc.c:197:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(allComment, "%s %s", comment, INSTRUMENT);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilqc.c:248:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(allComment, "%s (%s) %s", comment, unit, INSTRUMENT);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilqc.c:250:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(allComment, "%s %s", comment, INSTRUMENT);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilqc.c:297:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(allComment, "%s (%s) %s", comment, unit, INSTRUMENT);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilqc.c:299:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(allComment, "%s %s", comment, INSTRUMENT);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilrecipe.c:630:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(optname, "%s, -%c", common_options[i].opt.name,
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilrecipe.c:632:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(optfmt, " --%%-%lus %%s\n", (unsigned long)sz + 4);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilrecipe.c:633:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(message, optfmt, optname, common_options[i].comment);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilrecipe.c:637:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(optfmt, " --%%-%lus %%s\n", (unsigned long)sz);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilrecipe.c:638:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(message, optfmt, common_options[i].opt.name,
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilrecipe.c:656:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(optfmt, " --%%-%lus %%s [%%s]\n", (unsigned long)sz);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilrecipe.c:658:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(message, optfmt, parg[i].name, parg[i].comment, parg[i].value);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilrecipe.c:1013:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(name, "%s/%s", path, prefix);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilrecipe.c:1019:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(name, "%s/%s_%04d", path, prefix, count);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilrecipe.c:1043:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(name, "%s/%s", path, pilRecGetName());
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilrecipe.c:1049:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(name, "%s/%s_%04d", path, pilRecGetName(), count);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilrecipe.c:1061:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(name, "%s/%s", path, category);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilrecipe.c:1161:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(srcfile, pilFrmGetName(frame));
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilrecipe.c:1163:7: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(srcfile, R_OK)) {
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilrecipe.c:1173:8: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (!access(path, F_OK)) {
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilrecipe.c:1175:11: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(path, R_OK | W_OK)) {
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilrecipe.c:1256:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(linkname, "%s/%s", e_path, s);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilrecipe.c:1263:7: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(p_path, R_OK)) {
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilrecipe.c:1361:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(srcfile, "%s/%s", cwd, filename);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilrecipe.c:1363:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dstfile, "%s/%s.log", path, prefix);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilrecipe.c:1370:7: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(filename, R_OK)) {
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilrecipe.c:1380:8: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (!access(dstfile, F_OK)) {
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilrecipe.c:1382:11: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(dstfile, R_OK | W_OK)) {
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilrecipe.c:1998:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(logfile_dir, tdir);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilrecipe.c:2139:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(product_dir, tdir);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilrecipe.c:2149:7: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(product_dir, F_OK)) {
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilrecipe.c:2155:7: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(product_dir, R_OK | W_OK)) {
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilrecipe.c:2172:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(export_dir, tdir);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilrecipe.c:2176:9: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(export_dir, F_OK)) {
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilrecipe.c:2182:9: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(export_dir, R_OK | W_OK)) {
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilrecipe.c:2669:9: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(name, F_OK)) {
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilrecipe.c:2674:9: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(name, R_OK)) {
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/piltask.c:211:9: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(argv[0], F_OK | X_OK))
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/piltimer.c:493:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(tstring, "%3s %3s %2d %2d:%02d:%02d.%03ld %4d",
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/piltranslator.c:1048:9: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
if (sscanf(line, KEYMAP_NAME "%[^\n]\n", name)) {
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/piltranslator.c:1055:9: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
if (sscanf(line, KEYMAP_FORM "%[^\n]\n", form)) {
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/piltranslator.c:1062:9: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
if (sscanf(line, KEYMAP_COMM "%[^\n]\n", comment)) {
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/piltranslator.c:1069:9: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
if (sscanf(line, KEYMAP_ALIAS "%[^\n]\n", alias)) {
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/piltranslator.c:1192:7: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
n = vsprintf(translation,value,indexes);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/piltranslator.c:1313:7: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
n = vsprintf(translation, value, indexes);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/piltranslator.c:1630:9: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
if (sscanf(line, CATMAP_NAME "%[^\n]\n", name)) {
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/piltranslator.c:1637:9: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
if (sscanf(line, CATMAP_ALIAS "%[^\n]\n", alias)) {
data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/hdrl_imagelist_io.c:496:22: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
cpl_ensure_code( fprintf(stream, msg, himlist->ni) >= msgmin,
data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/hdrl_imagelist_io.c:504:22: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
cpl_ensure_code( fprintf(stream, imsg, i, himlist->ni) >= imsgmin,
data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/hdrl_imagelist_io.c:550:22: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
cpl_ensure_code( fprintf(stream, imsg, i, himlist->ni) >= imsgmin,
data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/hdrl_utils.c:469:16: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (dir && access(dir, W_OK) == 0) {
data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/hdrl_utils.c:474:31: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (tmpdirs[i] && access(tmpdirs[i], W_OK) == 0) {
data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/tests/hdrl_frameiter-test.c:377:9: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (system("rm -f frameiter*fits")) {}
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vimos_ima_bias.c:250:11: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
(void)snprintf(alldesc,SZ_ALLDESC,vimos_ima_bias_description,
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vimos_ima_bias.c:609:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outfile[i],esoout[i]);
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vimos_ima_bias.c:619:23: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void)sprintf(outfile[i],"%s_%8d.fits",prettypfx[i],night);
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vimos_ima_dark.c:275:11: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
(void)snprintf(alldesc,SZ_ALLDESC,vimos_ima_dark_description,
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vimos_ima_dark.c:736:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outfile[i],esoout[i]);
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vimos_ima_dark.c:746:23: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void)sprintf(outfile[i],"%s_%8d.fits",prettypfx[i],night);
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vimos_ima_det_noise.c:182:11: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
(void)snprintf(alldesc,SZ_ALLDESC,vimos_ima_det_noise_description,
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vimos_ima_fringe.c:224:11: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
(void)snprintf(alldesc,SZ_ALLDESC,vimos_ima_fringe_description,
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vimos_ima_fringe.c:627:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(bname,cpl_frame_get_filename(ps.product_frame_fringe));
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vimos_ima_fringe.c:640:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(bname,cpl_frame_get_filename(ps.product_frame_fringe_var));
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vimos_ima_fringe.c:713:13: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(fname,F_OK))
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vimos_ima_fringe.c:808:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void)sprintf(outfname,"%s.fits",esonames[producttype]);
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vimos_ima_fringe.c:817:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void)sprintf(outfname,"tmp_%s",bname);
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vimos_ima_fringe.c:830:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(outfname,"%s_%s_%s.fits",filter,prefix[producttype],dateobs);
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vimos_ima_science.c:436:11: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
(void)snprintf(alldesc,SZ_ALLDESC,vimos_ima_science_description,
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vimos_ima_science.c:1167:9: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(cs.cacheloc,R_OK+W_OK+X_OK) != 0) {
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vimos_ima_science.c:1497:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(bname,
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vimos_ima_science.c:1519:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(bname,
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vimos_ima_science.c:2011:13: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(fname,F_OK))
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vimos_ima_science.c:2202:13: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(bname,F_OK))
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vimos_ima_science.c:2444:13: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(bname,F_OK))
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vimos_ima_science.c:2597:13: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(bname,F_OK))
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vimos_ima_science.c:2766:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void)sprintf(outfname,"%s%d.fits",esonames[producttype],fnumber);
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vimos_ima_science.c:2775:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void)sprintf(outfname,"tmp_%s",bname);
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vimos_ima_science.c:2784:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void)sprintf(outfname,"%s",bname);
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vimos_ima_science.c:2786:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void)sprintf(dot,"%s.fits",suffix[producttype]);
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vimos_ima_science.c:2863:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void)sprintf(tmpfname,"scitmp_%s",cpl_frame_get_filename(fr));
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vimos_ima_science.c:2864:13: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(tmpfname,F_OK))
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vimos_ima_standard.c:364:11: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
(void)snprintf(alldesc,SZ_ALLDESC,vimos_ima_standard_description,
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vimos_ima_standard.c:986:9: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(cs.cacheloc,R_OK+W_OK+X_OK) != 0) {
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vimos_ima_standard.c:1289:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(bname,
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vimos_ima_standard.c:1311:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(bname,
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vimos_ima_standard.c:1334:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(bname,
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vimos_ima_standard.c:1356:21: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(bname,
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vimos_ima_standard.c:1375:21: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(bname,
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vimos_ima_standard.c:1459:13: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(fname,F_OK))
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vimos_ima_standard.c:1646:13: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(fname,F_OK))
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vimos_ima_standard.c:1802:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void)sprintf(outfname,"%s%d.fits",esonames[producttype],fnumber);
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vimos_ima_standard.c:1811:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void)sprintf(outfname,"tmp_%s",bname);
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vimos_ima_standard.c:1820:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void)sprintf(outfname,"%s",bname);
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vimos_ima_standard.c:1822:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void)sprintf(dot,"%s.fits",suffix[producttype]);
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vimos_ima_twilight_flat.c:309:11: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
(void)snprintf(alldesc,SZ_ALLDESC,vimos_ima_twilight_flat_description,
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vimos_ima_twilight_flat.c:899:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outfile[i],esoout[i]);
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vimos_ima_twilight_flat.c:911:23: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void)sprintf(outfile[i],"%s_%s_%08d.fits",filter,prettypfx[i],
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vimos_science.cc:2748:11: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system("rm object_table_*.fits "
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vimos_science.cc:2752:11: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system("rm object_table_*.fits "
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vimos_science.cc:2756:9: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system("rm mos_sci_disp_coeff_sky_*.fits");
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vimos_science.cc:2758:13: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system("rm mos_sci_skylines_offsets_slit_*.fits");
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmdark.c:1644:14: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
vmstrlower(strcpy(masterDarkName, mdarkTag));
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmdet.c:1508:14: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
vmstrlower(strcpy(ccdTableName, ccdTableCategory));
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmdet.c:1541:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
vmstrlower(strcpy(badPixelImageName, badPixelCategory));
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifucalib.c:1723:20: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
vmstrlower(strcpy(traceName, traceTag));
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifucalib.c:1860:22: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
vmstrlower(strcpy(idsName, idsTag));
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifucalib.c:1951:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
vmstrlower(strcpy(transName, transTag));
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifucalib.c:2805:14: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
vmstrlower(strcpy(masterFlatName, mFlatTag));
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifucalib.c:2854:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
vmstrlower(strcpy(extraName, arcExtrTag));
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifucalib.c:2882:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
vmstrlower(strcpy(extraName, flatExtrTag));
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifucombine.c:475:14: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
vmstrlower(strcpy(fovName, fovFullTag));
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifucombinecube.cc:706:14: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
vmstrlower(strcpy(cubeName, cubeTag));
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifuscience.c:1031:20: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
vmstrlower(strcpy(outTraceName, outTraceTag));
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifuscience.c:1086:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(tablename, "ids_1_%s.fits", useSkyIndividual ? "indi" : "norm");
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifuscience.c:1111:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(tablename, "ids_1x_%s.fits", useSkyIndividual ? "indi" : "norm");
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifuscience.c:1116:22: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
vmstrlower(strcpy(outIdsName, outIdsTag));
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifuscience.c:1146:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(tablename, "ids_2_%s.fits", useSkyIndividual ? "indi" : "norm");
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifuscience.c:1670:14: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
vmstrlower(strcpy(reducedName, reducedTag));
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifuscience.c:1699:14: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
vmstrlower(strcpy(fovName, fovTag));
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifuscience.c:1728:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
vmstrlower(strcpy(reducedName, fluxReducedTag));
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifustandard.c:1868:14: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
vmstrlower(strcpy(sphotTableName, sphotTableTag));
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifustandard.c:2089:14: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
vmstrlower(strcpy(reducedName, reducedTag));
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifustandard.c:2123:14: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
vmstrlower(strcpy(fovName, fovTag));
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifustandard.c:2154:14: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
vmstrlower(strcpy(skyName, skyTag));
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifustandard.c:2182:14: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
vmstrlower(strcpy(starName, starTag));
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmspphot.c:668:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(output1DName, "%s_%d.fits", reducedCategory, i);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/moses.c:10818:13: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(name, MAX_COLNAME, "%"CPL_SIZE_FORMAT, j);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/moses.c:10852:21: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(name, MAX_COLNAME, "%"CPL_SIZE_FORMAT, k);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/moses.c:10863:13: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(name, MAX_COLNAME, "%"CPL_SIZE_FORMAT, j);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/moses.c:11253:13: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(name, MAX_COLNAME, "%"CPL_SIZE_FORMAT, j);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/moses.c:11289:21: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(name, MAX_COLNAME, "%"CPL_SIZE_FORMAT, k);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/moses.c:11300:13: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(name, MAX_COLNAME, "%"CPL_SIZE_FORMAT, j);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_calib_mult.cc:2293:9: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system("rm TMP_mos_arc_spectrum_extracted.fits");
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_dfs.c:339:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
vmstrlower(strcpy(filename, category));
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_dfs.c:1082:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
vmstrlower(strcpy(filename, category));
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_dfs.c:1257:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
vmstrlower(strcpy(filename, category));
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_dfs.c:1525:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
vmstrlower(strcpy(filename, tag));
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_dfs.c:1565:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
vmstrlower(strcpy(filename, tag));
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_dfs.c:1614:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
vmstrlower(strcpy(filename, tag));
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_imaging_utils.c:1289:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((*gr)[i].name,cpl_propertylist_get_string(p,"DATE-OBS"));
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_pfits.c:156:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(chipname,cpl_propertylist_get_string(plist,"ESO DET CHIP1 ID"));
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_pfits.c:188:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(filter,cpl_propertylist_get_string(plist,key));
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_pfits.c:210:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dateobs,cpl_propertylist_get_string(plist,"DATE-OBS"));
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_pfits.c:232:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(projid,cpl_propertylist_get_string(plist,"ESO OBS PROG ID"));
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_science_impl.cc:2409:5: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(name, MAX_COLNAME, "object_%" CPL_SIZE_FORMAT, maxobjects);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_science_impl.cc:2412:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(name, MAX_COLNAME, "object_%" CPL_SIZE_FORMAT, maxobjects);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_science_impl.cc:2419:13: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(name, MAX_COLNAME, "object_%" CPL_SIZE_FORMAT, j);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_science_impl.cc:2429:13: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(name, MAX_COLNAME, "ra_%" CPL_SIZE_FORMAT, j);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_science_impl.cc:2436:13: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(name, MAX_COLNAME, "dec_%" CPL_SIZE_FORMAT, j);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_science_impl.cc:2464:13: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(name, MAX_COLNAME, "object_%" CPL_SIZE_FORMAT, j);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_science_impl.cc:2466:17: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(name, MAX_COLNAME, "start_%" CPL_SIZE_FORMAT, j);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_science_impl.cc:2468:17: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(name, MAX_COLNAME, "end_%" CPL_SIZE_FORMAT, j);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_science_impl.cc:2491:17: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(name, MAX_COLNAME, "ra_%" CPL_SIZE_FORMAT, j);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_science_impl.cc:2494:17: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(name, MAX_COLNAME, "dec_%" CPL_SIZE_FORMAT, j);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmadf.c:441:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(adf->name, VM_ADF_MOS);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmadf.c:444:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(adf->name, VM_ADF_IFU);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmadf.c:447:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(adf->name, VM_ADF_IMA);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmadf.c:1742:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(adf->name, VM_ADF_MOS);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmadf.c:1745:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(adf->name, VM_ADF_IFU);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmadf.c:1748:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(adf->name, VM_ADF_IMA);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmccdtable.c:123:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(newTab->name, VM_CCD);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmextincttable.c:94:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(table->name, VM_ATMEXT);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmextractiontable.c:162:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(newTab->name, VM_EXT);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmextractiontable.c:1325:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(ttype[10+i+1], "%s", colName);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmextractiontable.c:1333:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(ttype[11+crvOrder+1+i+1], "%s", colName);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmgrismtable.c:66:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(newTab->name, VM_GRS);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmidstable.c:69:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(newTab->name, VM_IDS);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmifu.c:6671:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(tablename, "align_shifts1_%s.fits", individual ? "indi" : "norm");
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmifu.c:6673:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(tablename, "align_ids1_%s.fits", individual ? "indi" : "norm");
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmifutable.c:228:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ifuTab->name, VM_IFU);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmimage.c:2857:8: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (!access(imageName, F_OK)) {
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmimgutils.c:920:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(*pafName, "%s_%d.cmf", namePAF, quad);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmimgutils.c:935:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pafName_noext, "%s_%d", namePAF, quad);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmimgutils.c:1199:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(*pafName, "%s_%d.cmf", namePAF, quad);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmimgutils.c:1214:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pafName_noext, "%s_%d", namePAF, quad);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmlinecatalog.c:65:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(newTab->name, VM_LIN);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmmosutils.c:1706:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pafName, "%s-%d.paf", namePAF, quad);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmmosutils.c:1903:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pafName, "%s-%d.paf", namePAF, quad);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmmosutils.c:2045:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(filename, "%s_%s_%d.cmf", namePAF, grismName, quad);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmmosutils.c:2049:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pafName, filename); /* Need this, because pafName is returned */
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmmosutils.c:2066:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pafName_noext, "%s_%s_%d", namePAF, grismName, quad);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmobjecttable.c:125:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(newTab->name, VM_OBJ);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmqcutils.c:991:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(descName, name);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmqcutils.c:1064:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(descName, name);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmqcutils.c:1142:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(descName, name);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmqcutils.c:1226:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(descName, name);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmspecphottable.c:99:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(table->name, VM_SPHOT);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmsphottable.c:65:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(newTab->name, VM_SPHOT);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmstarmatchtable.c:107:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(table->name, VM_MATCH);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmstartable.c:100:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(table->name, VM_STAR);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmstdfluxtable.c:95:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(table->name, VM_SFLUX);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmtable.c:235:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(self->descName, name);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmtable.c:236:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(self->descComment, comment);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmtable.c:251:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(self->descValue->s, value);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmtable.c:278:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tDesc->descName, name);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmtable.c:279:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tDesc->descComment, comment);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmtable.c:305:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tDesc->descName, name);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmtable.c:306:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tDesc->descComment, comment);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmtable.c:333:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tDesc->descName, name);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmtable.c:334:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tDesc->descComment, comment);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmtable.c:361:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tDesc->descName, name);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmtable.c:362:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tDesc->descComment, comment);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmtable.c:390:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tDesc->descName, name);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmtable.c:391:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tDesc->descComment, comment);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmtable.c:431:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tDesc->descName, name);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmtable.c:432:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tDesc->descComment, comment);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmtable.c:471:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tDesc->descName, name);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmtable.c:472:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tDesc->descComment, comment);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmtable.c:530:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tDesc->descComment, comment);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmtable.c:569:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tDesc->descComment, comment);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmtable.c:607:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tDesc->descComment, comment);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmtable.c:651:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tDesc->descValue->s, value);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmtable.c:653:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tDesc->descComment, comment);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmtable.c:706:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(copyDesc->descName, outName);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmtable.c:1260:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tCol->colName, name);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmtable.c:1285:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tCol->colName, name);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmtable.c:1309:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tCol->colName, name);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmtable.c:1333:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tCol->colName, name);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmtable.c:1358:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tCol->colName, name);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmtable.c:1412:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(aNewTable->name, VM_EMPTY_TABLE_STRING);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmtable.c:1535:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(descName, inDesc->descName);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmtable.c:1752:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(comment, desc->descComment);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmtable.c:1816:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(comment, desc->descComment);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmtable.c:1882:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(comment, desc->descComment);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmtable.c:1951:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(comment, desc->descComment);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmtable.c:2013:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(val, desc->descValue->s);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmtable.c:2016:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(comment, desc->descComment);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmtable.c:2112:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(comment, desc->descComment);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmtable.c:2186:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(comment, desc->descComment);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmtable.c:2261:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(comment, desc->descComment);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmtable.c:3613:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(charBuf, (tDesc->descValue->s));
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmutils.c:1692:13: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(cval, FLEN_CARD, PRO_REC_RAWi_NAME, nraw);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmutils.c:1705:13: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(cval, FLEN_CARD, PRO_REC_RAWi_CATG, nraw);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmutils.c:1756:13: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(cval, FLEN_CARD, PRO_REC_CALi_NAME, ncal);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmutils.c:1769:13: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(cval, FLEN_CARD, PRO_REC_CALi_CATG, ncal);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmutils.c:1782:13: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(cval, FLEN_CARD, PRO_REC_CALi_DATAMD5, ncal);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmutils.c:1840:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(cval, FLEN_CARD, PRO_REC_PARAMi_NAME, i + 1);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmutils.c:1855:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(cval, FLEN_CARD, PRO_REC_PARAMi_VALUE, i + 1);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmwcsutils.c:746:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (wcs->ctype[0], ctype1);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmwcsutils.c:747:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (wcs->ctype[1], ctype2);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmwcsutils.c:862:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (wcs->radecout, wcs->radecsys);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmwcsutils.c:865:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (wcs->radecin, wcs->radecsys);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmwindowtable.c:186:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(newTab->name, VM_WIN);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/actread.c:88:16: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((str = getenv("ACT_PATH")) != NULL ) {
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/actread.c:357:16: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((str = getenv("ACT_PATH")) != NULL ) {
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/actread.c:553:19: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((cdpath = getenv("ACT_PATH")) == NULL )
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/agascread.c:93:16: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((str = getenv("AGASC_NORTH")) != NULL )
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/agascread.c:95:16: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((str = getenv("AGASC_SOUTH")) != NULL )
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/agascread.c:405:16: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((str = getenv("AGASC_NORTH")) != NULL )
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/agascread.c:407:16: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((str = getenv("AGASC_SOUTH")) != NULL )
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/binread.c:612:13: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((str = getenv("PPM_PATH")) != NULL ) {
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/binread.c:623:13: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((str = getenv("SAO_PATH")) != NULL ) {
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/binread.c:633:27: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (!binset && (str = getenv("WCS_BINDIR")) != NULL ) {
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catread.c:568:13: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((str = getenv("WCS_CATDIR")) != NULL )
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/ctgread.c:651:13: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((str = getenv("WCS_CATDIR")) != NULL )
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/gscread.c:95:16: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((str = getenv("GSC_PATH")) != NULL) {
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/gscread.c:117:16: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((str = getenv("GSC_NORTH")) != NULL )
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/gscread.c:119:16: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((str = getenv("GSC_SOUTH")) != NULL )
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/gscread.c:420:16: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((str = getenv("GSC_PATH")) != NULL) {
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/gscread.c:440:16: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((str = getenv("GSC_NORTH")) != NULL )
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/gscread.c:442:16: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((str = getenv("GSC_SOUTH")) != NULL )
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/ty2read.c:94:16: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((str = getenv("TY2_PATH")) != NULL ) {
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/ty2read.c:363:16: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((str = getenv("TY2_PATH")) != NULL ) {
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/ty2read.c:513:16: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((str = getenv("TY2_PATH")) != NULL ) {
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/ty2read.c:582:16: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((str = getenv("TY2_PATH")) != NULL ) {
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/ty2read.c:759:16: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((str = getenv("TY2_PATH")) != NULL ) {
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/uacread.c:198:17: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((str = getenv("USA2_PATH")) != NULL)
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/uacread.c:204:17: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((str = getenv("USA1_PATH")) != NULL)
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/uacread.c:213:17: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((str = getenv("UA2_PATH")) != NULL)
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/uacread.c:215:22: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
else if ((str = getenv("UA2_ROOT")) != NULL) {
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/uacread.c:223:17: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((str = getenv("UA1_PATH")) != NULL)
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/uacread.c:225:22: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
else if ((str = getenv("UA1_ROOT")) != NULL) {
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/uacread.c:527:17: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((str = getenv("USA2_PATH")) != NULL)
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/uacread.c:533:17: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((str = getenv("USA1_PATH")) != NULL)
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/uacread.c:542:17: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((str = getenv("UA2_PATH")) != NULL)
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/uacread.c:544:22: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
else if ((str = getenv("UA2_ROOT")) != NULL) {
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/uacread.c:552:17: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((str = getenv("UA1_PATH")) != NULL)
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/uacread.c:554:22: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
else if ((str = getenv("UA1_ROOT")) != NULL) {
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/ujcread.c:105:33: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (refcat == UJC && (str = getenv("UJ_PATH")) != NULL ) {
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/ujcread.c:365:33: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (refcat == UJC && (str = getenv("UJ_PATH")) != NULL ) {
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:2417:18: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
else if ((str = getenv (envar)) != NULL)
data/cpl-plugin-vimos-4.1.1+dfsg/irplib/irplib_plugin.c:552:17: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("CPL_MSG_LEVEL") == NULL) cpl_msg_set_level(CPL_MSG_OFF);
data/cpl-plugin-vimos-4.1.1+dfsg/irplib/irplib_plugin.c:650:27: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
svalue = envvar ? getenv(envvar) : NULL;
data/cpl-plugin-vimos-4.1.1+dfsg/irplib/irplib_plugin.c:857:46: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
const char * sof_path = envname ? getenv(envname) : NULL;
data/cpl-plugin-vimos-4.1.1+dfsg/irplib/irplib_plugin.c:898:29: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
const char * sof_path = getenv(var_name);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/getopt.c:211:9: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
#ifndef getenv
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/getopt.c:212:14: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
extern char *getenv ();
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/getopt.c:397:21: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
posixly_correct = getenv ("POSIXLY_CORRECT");
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/getopt.c:972:1: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
getopt (argc, argv, optstring)
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/getopt.c:1002:11: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
c = getopt (argc, argv, "abc:d:0123456789");
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/getopt.h:145:12: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
extern int getopt (int __argc, char *const *__argv, const char *__shortopts);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/getopt.h:147:12: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
extern int getopt ();
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/getopt.h:151:12: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
extern int getopt_long (int __argc, char *const *__argv, const char *__shortopts,
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/getopt.h:164:12: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
extern int getopt ();
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/getopt.h:166:12: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
extern int getopt_long ();
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/getopt1.c:67:1: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
getopt_long (argc, argv, options, long_options, opt_index)
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/getopt1.c:123:11: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
c = getopt_long (argc, argv, "abc:d:0123456789",
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pildfsconfig.c:104:25: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
register char *path = getenv(env);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pildfsconfig.c:192:32: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (!instrument || !(troot = getenv(PIL_ROOTDIR)))
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pildfsconfig.c:249:15: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((path = getenv("HOME")) == NULL)
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pildfsconfig.c:356:27: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
register char *tvalue = getenv(PIL_EXPORT_FLAG);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pildfsconfig.c:402:27: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
register char *tvalue = getenv(PIL_OVERWRITE_FLAG);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilpaf.c:2379:12: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
user = getenv("USER");
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilpaf.c:2380:27: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
user = user == NULL ? getenv("LOGNAME") : user;
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilrecipe.c:1575:15: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt_long(argc, argv, common_optstr, options,
data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/hdrl_buffer.c:283:13: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
getenv("HDRL_BUFFER_MALLOC")) {
data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/hdrl_utils.c:460:9: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
getenv("TMPDIR"),
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/moses.c:202:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand((unsigned int)time((time_t *)0));
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/moses.c:15314:51: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char *saturation_level = getenv("SATURATION_LEVEL");
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/moses.c:15316:48: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char *max_saturated = getenv("MAX_SATURATED");
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_backmap.c:175:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
memset((char *)hist[i],0,MAXHIST*sizeof(int));
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_defringe.c:121:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pname1[64],comment1[64],pname2[64],comment2[64];
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_defringe.c:153:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void)sprintf(pname1,"ESO DRS FRINGE%d",i+1);
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_defringe.c:154:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void)sprintf(comment1,"Fringe frame # %d",i+1);
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_defringe.c:155:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void)sprintf(pname2,"ESO DRS FRNGSC%d",i+1);
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_defringe.c:156:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void)sprintf(comment2,"Fringe scale # %d",i+1);
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_fits.c:85:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char extname[81];
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_fits.c:144:27: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void)sprintf(extname,"%d",nexten);
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_fits.c:158:27: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void)sprintf(extname,"%d",nexten);
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_fits.c:167:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void)sprintf(extname,"%d",nexten);
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_getstds.c:168:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *req_string,catname2[64],*cdscatname,*cdscatid,*path2;
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_getstds.c:382:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *cdscats[7] = {"","II/246","I/284","I/317","II/183A","II/311",
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_getstds.c:384:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *cdscatnames[7] = {"","2mass","usnob","ppmxl","landolt","wise",
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_getstds.c:443:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fullname[SZBUF];
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_getstds.c:635:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fullname[SZBUF];
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_getstds.c:827:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fullname[SZBUF];
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_getstds.c:1117:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[BUFSIZ],catname2[SZBUF];
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_getstds.c:1125:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen(fname,"r");
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_getstds.c:1221:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char newname[SZBUF];
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_getstds.c:1234:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen(newname,"a");
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_getstds.c:1287:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFMAX],outfile[32];
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_getstds.c:1324:10: [2] (tmpfile) mkstemp:
Potential for temporary file vulnerability in some circumstances. Some
older Unix-like systems create temp files with permission to write by all
by default, so be sure to set the umask to override this. Also, some older
Unix systems might fail to use O_EXCL when opening the file, so make sure
that O_EXCL is used by the library (CWE-377).
fd = mkstemp(outfile);
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_getstds.c:1397:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFMAX];
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_getstds.c:1449:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ssin.sin_addr,hp->h_addr_list[0],hp->h_length);
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_getstds.c:1505:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[2*BUFSIZ];
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_getstds.c:1506:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZ],equi[1];
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_getstds.c:1576:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[BUFSIZ];
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_getstds.c:1598:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf+j,"%%%2x",(unsigned char)instring[i]);
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_imcombine.c:173:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[SZBUF];
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_imdither.c:165:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char timestamp[25];
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_nditcor.c:90:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char comment[32];
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_nditcor.c:118:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void)sprintf(comment,"Corrected for ndit=%d",ndit);
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_nditcor.c:129:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void)sprintf(comment,"Corrected for ndit=%d",ndit);
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_photcal_extinct.c:873:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *req_cols[9] = {"filter_name","atm_extcoef","mag_offset",
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_photcal_extinct.c:997:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *cols[2] = {"coleq_columns","coleq_errcols"};
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_platesol.c:142:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[9];
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_utils.c:290:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyword[SZKEY],value[SZVAL],*fn,*base;
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_utils.c:1095:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char test[8];
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_utils.c:1102:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
info[i] = atoi(test);
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_wcsutils.c:46:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *notabkeys[NNOTABKEYS] = {"^CRVAL[1-2]*","^CRPIX[1-2]*",
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_wcsutils.c:467:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[SZKEY];
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_wcsutils.c:557:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[SZKEY];
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_wcsutils.c:763:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[9],key2[9];
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/catalogue/classify.c:91:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *cols32[NCOL32] = {"Core_flux","Core1_flux","Core2_flux",
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/catalogue/classify.c:98:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *cols80[NCOL80] = {"Aper_flux_3","Aper_flux_1","Aper_flux_4",
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/catalogue/classify.c:206:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *cols[MAX(NCOL32,NCOL80)],colname[32];
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/catalogue/classify.c:235:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
cols[i] = (char *)cols32[i];
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/catalogue/classify.c:239:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
cols[i] = (char *)cols80[i];
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/catalogue/classify.c:243:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
cols[i] = (char *)cols80[i];
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/catalogue/classify.c:305:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(colname,"Areal_%d_profile",i+1);
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/catalogue/create_table.c:335:49: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern int imcore_do_seeing_gen(ap_t *ap, const char *col_ellipt,
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/catalogue/create_table.c:336:32: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *col_pkht, char *col_areals[NAREAL],
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/catalogue/create_table.c:336:48: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *col_pkht, char *col_areals[NAREAL],
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/catalogue/create_table_1.c:79:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *ttype[NCOLS]={"No.","Isophotal_flux","Total_flux","Core_flux",
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/catalogue/create_table_1.c:89:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *tunit[NCOLS]={" ","Counts","Counts","Counts","Pixels","Pixels",
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/catalogue/create_table_1.c:178:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *areal_colnames[NAREAL];
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/catalogue/create_table_1.c:183:30: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
areal_colnames[i] = (char *)ttype[areal_cols[i]-1];
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/catalogue/create_table_2.c:102:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *ttype[NCOLS]={"Sequence_number","Isophotal_flux",
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/catalogue/create_table_2.c:134:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *tunit[NCOLS]={"Number","ADU",
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/catalogue/create_table_2.c:278:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *areal_colnames[NAREAL];
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/catalogue/create_table_2.c:283:30: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
areal_colnames[i] = (char *)ttype[areal_cols[i]-1];
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/catalogue/create_table_3.c:59:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *ttype[NCOLS]={"No.","X_coordinate","Y_coordinate",
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/catalogue/create_table_3.c:69:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *tunit[NCOLS]={" ","Pixels","Pixels","Counts","Counts"," ",
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/catalogue/create_table_3.c:158:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *areal_colnames[NAREAL];
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/catalogue/create_table_3.c:163:30: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
areal_colnames[i] = (char *)ttype[areal_cols[i]-1];
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/catalogue/create_table_6.c:102:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *ttype[NCOLS]={"Sequence_number","Isophotal_flux",
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/catalogue/create_table_6.c:134:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *tunit[NCOLS]={"Number","ADU",
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/catalogue/create_table_6.c:280:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *areal_colnames[NAREAL];
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/catalogue/create_table_6.c:285:30: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
areal_colnames[i] = (char *)ttype[areal_cols[i]-1];
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/catalogue/imcore_background.c:146:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
memset((char *)hist[i],0,MAXHIST*sizeof(int));
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/catalogue/imcore_conf.c:159:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char card[64];
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/tests/casu_fits-test.c:46:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[BUFSIZ];
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/tests/casu_tfits-test.c:46:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[BUFSIZ];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/actread.c:17:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char actcd[64]="/data/act";
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/actread.c:77:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cstr[32];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/actread.c:577:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fcat = fopen (path, "r"))) {
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/actread.c:636:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rastr[16], raxstr[16], ramins[16], ramaxs[16];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/actread.c:728:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[256];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/actread.c:764:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
irh = atoi (line);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/actread.c:765:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
irm = atoi (line+3);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/actread.c:768:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
idd = atoi (line+15);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/actread.c:769:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
idm = atoi (line+18);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/actread.c:804:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((diskfile = fopen (filename, "r")) == NULL)
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/agascread.c:15:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cdn[64]="/data/gsc1"; /* pathname of northern hemisphere AGASC CDROM */
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/agascread.c:16:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cds[64]="/data/gsc2"; /* pathname of southern hemisphere AGASC CDROM */
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/agascread.c:59:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char inpath[64]; /* Pathname for input FITS table file */
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/agascread.c:60:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char entry[100]; /* Buffer for FITS table row */
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/agascread.c:78:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cstr[32];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/agascread.c:137:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (kw[0].kname,"AGASC_ID");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/agascread.c:138:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (kw[1].kname,"RA_DEG");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/agascread.c:139:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (kw[2].kname,"DEC_DEG");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/agascread.c:140:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (kw[3].kname,"POS_ERR");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/agascread.c:141:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (kw[4].kname,"MAG");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/agascread.c:142:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (kw[5].kname,"MAG_ERR");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/agascread.c:143:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (kw[6].kname,"MAG_BAND");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/agascread.c:144:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (kw[7].kname,"CLASS");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/agascread.c:379:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char inpath[64]; /* Pathname for input FITS table file */
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/agascread.c:380:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char entry[100]; /* Buffer for FITS table row */
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/agascread.c:412:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (kw[0].kname,"AGASC_ID");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/agascread.c:413:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (kw[1].kname,"RA_DEG");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/agascread.c:414:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (kw[2].kname,"DEC_DEG");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/agascread.c:415:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (kw[3].kname,"POS_ERR");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/agascread.c:416:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (kw[4].kname,"MAG");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/agascread.c:417:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (kw[5].kname,"MAG_ERR");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/agascread.c:418:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (kw[6].kname,"MAG_BAND");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/agascread.c:419:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (kw[7].kname,"CLASS");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/agascread.c:571:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zdir[24][8]={"n0000","n0730","n1500","n2230","n3000","n3730","n4500",
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/agascread.c:596:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tabpath[64]; /* Pathname for regions table */
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/agascread.c:605:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fitsline[120];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/agascread.c:614:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (rkw[0].kname,"REG_NO");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/agascread.c:615:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (rkw[1].kname,"RA_H_LOW");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/agascread.c:616:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (rkw[2].kname,"RA_M_LOW");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/agascread.c:617:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (rkw[3].kname,"RA_S_LOW");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/agascread.c:618:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (rkw[4].kname,"RA_H_HI");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/agascread.c:619:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (rkw[5].kname,"RA_M_HI");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/agascread.c:620:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (rkw[6].kname,"RA_S_HI");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/agascread.c:621:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (rkw[7].kname,"DECSI_LOW");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/agascread.c:622:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (rkw[8].kname,"DEC_D_LOW");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/agascread.c:623:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (rkw[9].kname,"DEC_M_LOW");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/agascread.c:624:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (rkw[10].kname,"DECSI_HI");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/agascread.c:625:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (rkw[11].kname,"DEC_D_HI");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/agascread.c:626:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (rkw[12].kname,"DEC_M_HI");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/agascread.c:637:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (tabpath,"/tables/regions.tbl");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/agascread.c:646:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (tabpath,"/tables/regions.tbl");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/agascread.c:825:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sgn[4]; /* Sign of declination */
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/binread.c:17:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bindir[64]="/data/stars";
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/binread.c:98:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cstr[16];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/binread.c:99:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[128];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/binread.c:192:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rstr1[16],rstr2[16],dstr1[16],dstr2[16];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/binread.c:452:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[128];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/binread.c:600:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char binpath[128]; /* Full pathname for catalog file */
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/binread.c:669:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fcat = open (binpath, O_RDONLY)) < 3) {
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/binread.c:801:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rastr[16], raxstr[16], ramins[16], ramaxs[16];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/binread.c:938:6: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy ((char *)&st->xno, (char *) &ino, 4);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/binread.c:942:6: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy ((char *)&st->xno, (char *) &ino, 4);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/binread.c:946:6: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy ((char *)&st->xno, (char *) &ino, 4);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/binread.c:1052:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[8];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/binread.c:1085:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((diskfile = fopen (filename, "r")) == NULL)
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/binread.c:1111:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[8];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/binread.c:1114:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((diskfile = fopen (filename, "r")) == NULL)
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catread.c:24:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char catdir[64]="/data/catalogs";
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catread.c:76:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cstr[32];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catread.c:375:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cstr[32];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catread.c:541:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char header[80];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catread.c:542:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char catpath[128]; /* Full pathname for catalog file */
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catread.c:547:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char token[80];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catread.c:586:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fcat = fopen (catpath, "r"))) {
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catread.c:782:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char token[80];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catread.c:988:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((diskfile = fopen (filename, "r")) == NULL)
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catread.c:1055:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
deg = (double) atoi (value);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catread.c:1060:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
min = (double) atoi (value);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catread.c:1070:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
min = (double) atoi (value);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catread.c:1088:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dec = sign * (double) atoi (value);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:85:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (title, "HST Guide Stars");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:99:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (title, "USNO SA-1.0 Catalog Stars");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:103:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (title, "USNO SA-2.0 Catalog Stars");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:107:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (title, "USNO SA Catalog Stars");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:126:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (title, "USNO A-1.0 Catalog Stars");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:130:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (title, "USNO A-2.0 Catalog Stars");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:134:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (title, "USNO A Catalog Stars");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:140:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (title, "USNO J Catalog Stars");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:149:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (title, "SAO Catalog Stars");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:164:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (title, "PPM Catalog Stars");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:179:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (title, "IRAS Point Sources");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:192:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (title, "Tycho 2 Catalog Stars");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:200:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (title, "Tycho Catalog Stars");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:213:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (title, "Hipparcos Catalog Stars");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:225:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (title, "ACT Catalog Stars");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:234:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (title, "Bright Star Catalog Stars");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:254:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (title, " Catalog Sources");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:266:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (title, " Catalog Sources");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:278:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (title, " Catalog Sources");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:304:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catname, "GSC");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:306:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catname, "UJC");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:308:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catname, "UA2");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:310:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catname, "USA2");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:312:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catname, "SAO");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:314:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catname, "IRAS");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:316:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catname, "PPM");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:318:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catname, "TYCHO");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:320:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catname, "UA1");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:322:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catname, "UA2");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:324:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catname, "USA1");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:326:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catname, "USA2");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:328:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catname, "HIP");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:330:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catname, "ACT");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:332:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catname, "BSC");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:334:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catname, "TY2");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:374:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (refcatname, "gsc");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:378:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (refcatname, "uac");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:382:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (refcatname, "ua1");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:386:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (refcatname, "ua2");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:390:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (refcatname, "usac");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:394:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (refcatname, "usa1");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:398:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (refcatname, "usa2");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:402:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (refcatname, "ujc");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:406:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (refcatname, "sao");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:410:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (refcatname, "ppm");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:414:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (refcatname, "iras");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:419:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (refcatname, "tycho2");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:421:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (refcatname, "tycho");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:425:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (refcatname, "hipparcos");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:429:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (refcatname, "act");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:433:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (refcatname, "bsc");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:450:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nform[16]; /* Format for star number */
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:456:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (numstr, "%013.8f", dnum);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:458:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (numstr, "%13.8f", dnum);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:464:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (numstr, "%07d", (int)(dnum+0.5));
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:466:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (numstr, "%7d", (int)(dnum+0.5));
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:472:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (numstr, "%012.7f", dnum);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:474:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (numstr, "%12.7f", dnum);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:480:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (numstr, "%09.4f", dnum);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:482:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (numstr, "%9.4f", dnum);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:488:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (numstr, "%06d", (int)(dnum+0.5));
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:490:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (numstr, "%6d", (int)(dnum+0.5));
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:496:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (numstr, "%010.5f", dnum);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:498:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (numstr, "%10.5f", dnum);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:504:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (nform,"%%%d.%df", nnfld, nndec);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:506:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (nform,"%%0%d.%df", -nnfld, nndec);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:508:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (nform,"%%%d.%df", nndec+5, nndec);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:512:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (nform,"%%%d.0f", nnfld);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:516:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (nform,"%%%dd", nnfld);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:520:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (nform,"%%0%dd", -nnfld);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:524:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (numstr, "%6d", (int)(dnum+0.49));
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:715:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rstr1[16],rstr2[16],dstr1[16],dstr2[16];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:809:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rstr1[16],rstr2[16],dstr1[16],dstr2[16];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:1294:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char skey[16];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:1295:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyword[81];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:1297:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char squot[2], dquot[2], lbracket[2], rbracket[2], comma[2];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:1335:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (skey, " =");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:1344:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (skey, ": ");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:1364:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ipar = atoi (brack1);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:1393:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sptbv[468]={"O5O8B0B0B0B1B1B1B2B2B2B3B3B3B4B5B5B6B6B6B7B7B8B8B8B9B9B9B9A0A0A0A0A0A0A0A0A0A2A2A2A2A2A2A2A2A5A5A5A5A6A7A7A7A7A7A7A7A7A7A7F0F0F0F0F0F0F0F2F2F2F2F2F2F2F5F5F5F5F5F5F5F5F5F8F8F8F8F8F8G0G5G5G2G2G2G3G3G4G4G5G5G5G6G6G6G6G6K6K6K6K6K7K7K7K7K7K7K7K7K7K7K7K7K7K7K8K8K8K8K8K8K8K8K8K8K8K8K8K8K8K8K8K8K8K5K5K5K5K5K6K6K6K6K6K6K6K7K7K7K7K7K7K7K8K8K8K8K9K9K9M0M0M0M0M0M0M1M1M1M1M1M2M2M2M2M3M3M4M4M5M5M5M2M2M2M3M3M4M4M5M5M5M6M6M6M6M6M6M6M6M6M7M7M7M7M7M7M7M7M7M7M7M7M7M7M8M8M8M8M8M8M8"};
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:1432:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sptbr1[96]={"O5O8O9O9B0B0B0B0B0B1B1B1B2B2B2B2B2B3B3B3B3B3B3B5B5B5B5B6B6B6B7B7B7B7B8B8B8B8B8B9B9B9B9B9A0A0A0"};
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:1434:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sptbr2[904]={"A0A0A0A0A0A0A0A0A2A2A2A2A2A2A2A2A2A2A2A2A2A2A2A5A5A5A5A5A5A5A5A5A5A5A7A7A7A7A7A7A7A7A7A7A7A7A7A7A7A7F0F0F0F0F0F0F0F0F0F0F0F0F0F0F0F0F2F2F2F2F2F2F2F2F2F2F2F5F5F5F5F5F5F5F5F5F5F5F5F5F5F8F8F8F8F8F8F8F8F8F8F8F8F8F8G0G0G0G0G0G0G0G0G2G2G2G2G2G5G5G5G5G5G5G5G5G8G8G8G8G8G8G8G8G8G8G8G8G8G8K0K0K0K0K0K0K0K0K0K0K0K0K0K0K0K2K2K2K2K2K2K2K2K2K2K2K2K2K2K2K2K2K2K2K2K2K2K2K2K2K2K2K2K2K2K2K2K5K5K5K5K5K5K5K5K5K5K5K5K5K5K5K5K5K5K5K5K5K5K5K5K5K5K5K5K5K5K5K5K5K5K5K5K5K5K5K5K5K5K5K5K7K7K7K7K7K7K7K7K7K7K7K7K7K7K7K7K7K7K7K7K7K7K7K7K7M0M0M0M0M0M0M0M0M0M0M0M0M0M0M0M0M0M0M0M0M0M0M0M0M1M1M1M1M1M1M1M1M1M1M1M1M1M1M1M2M2M2M2M2M2M2M2M2M2M2M2M2M2M2M3M3M3M3M3M3M3M3M3M3M3M4M4M4M4M4M4M4M4M4M4M4M4M4M4M5M5M5M5M5M5M5M5M5M5M5M5M5M5M5M5M5M5M5M5M6M6M6M6M6M6M6M6M6M6M6M6M6M6M6M6M6M6M6M6M6M6M6M6M6M6M6M6M6M7M7M7M7M7M7M7M7M7M7M7M7M7M7M7M7M7M7M7M7M7M7M7M7M7M7M7M7M7M7M7M7M7M7M7M7M7M7M7M7M7M7M7M8M8M8M8M8M8M8M8M8M8M8M8M8M8M8M8M8M8M8M8M8M8M8M8"};
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/cel.c:260:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pcodes[25][4] =
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/cel.c:268:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char pcode[4];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/cel.c:517:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char pcode[4];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/cel.c:546:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char pcode[4];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/ctgread.c:27:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char catdir[64]="/data/catalogs";
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/ctgread.c:80:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cstr[32];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/ctgread.c:438:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cstr[32];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/ctgread.c:623:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char header[80];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/ctgread.c:624:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char catpath[128]; /* Full pathname for catalog file */
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/ctgread.c:630:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char token[80];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/ctgread.c:670:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fcat = fopen (catpath, "r"))) {
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/ctgread.c:937:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char token[80];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/ctgread.c:1188:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((diskfile = fopen (filename, "r")) == NULL)
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/ctgread.c:1214:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/ctgread.c:1219:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fcat = fopen (catpath, "r"))) {
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/ctgread.c:1280:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
deg = (double) atoi (value);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/ctgread.c:1285:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
min = (double) atoi (value);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/ctgread.c:1295:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
min = (double) atoi (value);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/ctgread.c:1313:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dec = sign * (double) atoi (value);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/daoread.c:119:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fcat = fopen (daofile, "r"))) {
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/dateutil.c:207:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tstring[32], dstring[32];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/dateutil.c:208:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outform[64];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/dateutil.c:222:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (outform, "%%02d:%%02d:%%0%d.%df", nf, ndec);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/dateutil.c:226:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (outform, "%%02d:%%02d:%%0%dd", nf);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/dateutil.c:233:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (dstring, "%4d-%02d-%02d", iyr, imon, iday);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/dateutil.c:458:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (isotime, "%04d-%02d-%02dT%02d:%02d:%02d",
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/dateutil.c:1302:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (string, "*** date out of range ***");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/dateutil.c:1304:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (string, "%02d/%02d/%02d %02d:%02d:%06.3f",
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/dateutil.c:1307:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (string, "%02d/%02d/%3d %02d:%02d:%6.3f",
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/dateutil.c:1310:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (string, "*** date out of range ***");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/dateutil.c:1335:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (string, "*** date out of range ***");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/dateutil.c:1337:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (string, "%02d/%02d/%02d", iday, imon, iyr-1900);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/dateutil.c:1339:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (string, "%02d/%02d/%3d", iday, imon, iyr-1900);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/dateutil.c:1341:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (string, "*** date out of range ***");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/dateutil.c:1365:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (string, "%02d:%02d:%06.3f", ihr, imn, sec);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/dateutil.c:2073:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (isotime, "%04d-%02d-%02dT%02d:%02d:%02d",
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/fileutil.c:82:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((diskfile = fopen (filename, "r")) == NULL)
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/fileutil.c:131:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((diskfile = fopen (filename, "r")) == NULL)
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/fileutil.c:156:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char token[256];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/fileutil.c:159:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((diskfile = fopen (filename, "r")) == NULL)
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/findstar.c:28:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char imcatname[256] = "";
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/findstar.c:128:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char trimsec[32];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/findstar.c:163:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
xborder1 = atoi (tx1+1);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/findstar.c:166:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
xborder2 = w - atoi (tx2);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/findstar.c:169:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
yborder1 = atoi (tx3);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/findstar.c:172:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
yborder2 = atoi (tx4) - h;
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/findstar.c:761:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
setnspix (atoi (parvalue));
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/findstar.c:764:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
setispix (atoi (parvalue));
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/findstar.c:767:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
setniterate (atoi (parvalue));
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/findstar.c:769:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
setborder (atoi (parvalue));
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/findstar.c:771:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
setmaxrad (atoi (parvalue));
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/findstar.c:773:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
setminrad (atoi (parvalue));
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/findstar.c:777:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
setmaxwalk (atoi (parvalue));
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/findstar.c:779:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
setminsep (atoi (parvalue));
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/fitsfile.c:81:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fitsbuf[2884];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/fitsfile.c:87:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char extname[32]; /* FITS extension name */
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/fitsfile.c:88:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char extnam[32]; /* Desired FITS extension name */
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/fitsfile.c:128:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
extnum = atoi (ext+1);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/fitsfile.c:524:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open (inpath, O_RDONLY);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/fitsfile.c:564:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[16];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/fitsfile.c:618:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tname[12];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/fitsfile.c:619:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[16];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/fitsfile.c:620:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tform[16];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/fitsfile.c:663:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (tname, "TBCOL%d", ifield+1);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/fitsfile.c:670:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (tname, "TFORM%d", ifield+1);;
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/fitsfile.c:677:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pw[ifield].kl = atoi (tf1);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/fitsfile.c:681:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (tname, "TTYPE%d", ifield+1);;
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/fitsfile.c:802:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[30];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/fitsfile.c:819:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[30];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/fitsfile.c:836:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[30];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/fitsfile.c:853:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[30];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/fitsfile.c:904:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open (filename, O_WRONLY);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/fitsfile.c:911:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open (filename, O_RDWR+O_CREAT, 0666);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/fitsfile.c:943:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open (filename, O_WRONLY);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/fitsfile.c:951:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open (filename, O_APPEND, 0666);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/fitsfile.c:1181:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fdout = open (filename, O_WRONLY);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/fitsfile.c:1188:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fdout = open (filename, O_RDWR+O_CREAT, 0666);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/fitsfile.c:1267:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open (filename, O_WRONLY);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/fitsfile.c:1274:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open (filename, O_RDWR+O_CREAT, 0666);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/fitsfile.c:1312:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyword[16];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/fitsfile.c:1327:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((diskfile = fopen (filename, "r")) == NULL)
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/fitsfile.h:15:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char kname[10]; /* Keyword for table entry */
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/fitsvimoswcs.c:108:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char flds[15][8];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/fitsvimoswcs.c:112:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rastr[16],decstr[16];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/fitsvimoswcs.c:114:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (flds[0], "CTYPE1");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/fitsvimoswcs.c:115:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (flds[1], "CTYPE2");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/fitsvimoswcs.c:116:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (flds[2], "CRVAL1");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/fitsvimoswcs.c:117:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (flds[3], "CRVAL2");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/fitsvimoswcs.c:118:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (flds[4], "CDELT1");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/fitsvimoswcs.c:119:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (flds[5], "CDELT2");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/fitsvimoswcs.c:120:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (flds[6], "CRPIX1");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/fitsvimoswcs.c:121:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (flds[7], "CRPIX2");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/fitsvimoswcs.c:122:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (flds[8], "CROTA1");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/fitsvimoswcs.c:123:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (flds[9], "CROTA2");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/fitsvimoswcs.c:124:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (flds[10], "IMWCS");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/fitsvimoswcs.c:125:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (flds[11], "CD1_1");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/fitsvimoswcs.c:126:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (flds[12], "CD1_2");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/fitsvimoswcs.c:127:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (flds[13], "CD2_1");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/fitsvimoswcs.c:128:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (flds[14], "CD2_2");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/fitsvimoswcs.c:204:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyword[16];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/fitsvimoswcs.c:207:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword,"CO1_%d", i);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/fitsvimoswcs.c:214:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword,"CO2_%d", i);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/fitsvimoswcs.c:225:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyword[16];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/fitsvimoswcs.c:228:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword,"PC%03d%03d", i, j);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/fitsvimoswcs.c:253:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[80];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/fitsvimoswcs.c:256:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyword[16];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/fitsvimoswcs.c:294:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword,"CO1_%d",i+1);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/fitsvimoswcs.c:304:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword,"CO2_%d",i+1);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/fitsvimoswcs.c:353:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char vimoswcsproj[8]="TAN"; /* WCS projection name */
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/fitsvimoswcs.c:370:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char wcstemp[16];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/fitsvimoswcs.c:403:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (wcstemp, "RA---");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/fitsvimoswcs.c:406:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (wcstemp, "DEC--");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/fitsvimoswcs.c:457:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyword[16];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/fitsvimoswcs.c:460:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword, "CO1_%d",i+1);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/fitsvimoswcs.c:465:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyword[16];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/fitsvimoswcs.c:468:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword, "CO2_%d",i+1);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/fortcat.c:32:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char catdir[64]="/data/catalogs";
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/fortcat.c:69:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char title[64]; /* Title of catalog */
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/fortcat.c:120:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char title[64]; /* Title of catalog */
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/gscread.c:16:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cdn[64]="/data/gsc1";
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/gscread.c:19:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cds[64]="/data/gsc2";
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/gscread.c:66:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char inpath[64]; /* Pathname for input FITS table file */
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/gscread.c:67:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char entry[100]; /* Buffer for FITS table row */
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/gscread.c:85:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cstr[32];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/gscread.c:160:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (kw[0].kname,"GSC_ID");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/gscread.c:161:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (kw[1].kname,"RA_DEG");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/gscread.c:162:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (kw[2].kname,"DEC_DEG");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/gscread.c:163:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (kw[3].kname,"POS_ERR");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/gscread.c:164:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (kw[4].kname,"MAG");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/gscread.c:165:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (kw[5].kname,"MAG_ERR");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/gscread.c:166:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (kw[6].kname,"MAG_BAND");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/gscread.c:167:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (kw[7].kname,"CLASS");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/gscread.c:400:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char inpath[64]; /* Pathname for input FITS table file */
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/gscread.c:401:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char entry[100]; /* Buffer for FITS table row */
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/gscread.c:447:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (kw[0].kname,"GSC_ID");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/gscread.c:448:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (kw[1].kname,"RA_DEG");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/gscread.c:449:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (kw[2].kname,"DEC_DEG");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/gscread.c:450:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (kw[3].kname,"POS_ERR");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/gscread.c:451:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (kw[4].kname,"MAG");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/gscread.c:452:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (kw[5].kname,"MAG_ERR");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/gscread.c:453:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (kw[6].kname,"MAG_BAND");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/gscread.c:454:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (kw[7].kname,"CLASS");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/gscread.c:605:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zdir[24][8]={"n0000","n0730","n1500","n2230","n3000","n3730","n4500",
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/gscread.c:630:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tabpath[64]; /* Pathname for regions table */
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/gscread.c:639:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fitsline[120];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/gscread.c:648:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (rkw[0].kname,"REG_NO");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/gscread.c:649:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (rkw[1].kname,"RA_H_LOW");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/gscread.c:650:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (rkw[2].kname,"RA_M_LOW");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/gscread.c:651:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (rkw[3].kname,"RA_S_LOW");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/gscread.c:652:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (rkw[4].kname,"RA_H_HI");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/gscread.c:653:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (rkw[5].kname,"RA_M_HI");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/gscread.c:654:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (rkw[6].kname,"RA_S_HI");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/gscread.c:655:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (rkw[7].kname,"DECSI_LOW");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/gscread.c:656:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (rkw[8].kname,"DEC_D_LOW");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/gscread.c:657:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (rkw[9].kname,"DEC_M_LOW");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/gscread.c:658:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (rkw[10].kname,"DECSI_HI");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/gscread.c:659:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (rkw[11].kname,"DEC_D_HI");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/gscread.c:660:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (rkw[12].kname,"DEC_M_HI");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/gscread.c:671:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (tabpath,"/tables/regions.tbl");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/gscread.c:680:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (tabpath,"/tables/regions.tbl");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/gscread.c:859:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sgn[4]; /* Sign of declination */
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hget.c:58:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char val[VLENGTH+1];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hget.c:542:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keywordi[16];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hget.c:544:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyform[8];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hget.c:551:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (keyform, "%s_%d");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hget.c:555:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (keyform, "%s_%02d");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hget.c:559:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (keyform, "%s_%03d");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hget.c:684:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char cval[80];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hget.c:686:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cwhite[2];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hget.c:687:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char squot[2], dquot[2], lbracket[2], rbracket[2], slash[2], comma[2];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hget.c:688:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyword[81]; /* large for ESO hierarchical keywords */
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hget.c:689:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[100];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hget.c:819:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ipar = atoi (brack1);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hget.c:1106:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
deg = (double) atoi (value);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hget.c:1113:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
min = (double) atoi (value);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hget.c:1123:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
min = (double) atoi (value);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hget.c:1130:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dec = sign * (double) atoi (value);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hput.c:63:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[30];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hput.c:66:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (value,"%d",ival);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hput.c:83:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[30];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hput.c:86:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (value,"%d",ival);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hput.c:102:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[30];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hput.c:105:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (value,"%f",rval);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hput.c:121:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[30];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hput.c:124:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (value,"%g",dval);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hput.c:141:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[30];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hput.c:142:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char format[8];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hput.c:147:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (format, "%%.%dg", -ndec);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hput.c:153:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (format, "%%.%df", ndec);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hput.c:171:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[30];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hput.c:190:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[30];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hput.c:210:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[8];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hput.c:236:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyroot[8], newkey[12], *v, value[80];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hput.c:312:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[80];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hput.c:359:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[100];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hput.c:360:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char newcom[50];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hput.c:529:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[100];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hput.c:750:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tstring[64];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hput.c:791:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf (tstring,"%02d:%02d:%09.6f",hours,minutes,seconds);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hput.c:803:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf (tstring,"%02d:%02d:%08.5f",hours,minutes,seconds);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hput.c:815:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf (tstring,"%02d:%02d:%07.4f",hours,minutes,seconds);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hput.c:827:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf (tstring,"%02d:%02d:%06.3f",hours,minutes,seconds);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hput.c:839:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf (tstring,"%02d:%02d:%05.2f",hours,minutes,seconds);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hput.c:851:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf (tstring,"%02d:%02d:%04.1f",hours,minutes,seconds);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hput.c:863:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf (tstring,"%02d:%02d:%04.1f",hours,minutes,seconds);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hput.c:894:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tstring[64];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hput.c:939:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf (tstring,"%c%02d:%02d:%09.6f",sign,degrees,minutes,seconds);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hput.c:950:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf (tstring,"%c%02d:%02d:%08.5f",sign,degrees,minutes,seconds);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hput.c:961:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf (tstring,"%c%02d:%02d:%07.4f",sign,degrees,minutes,seconds);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hput.c:972:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf (tstring,"%c%02d:%02d:%06.3f",sign,degrees,minutes,seconds);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hput.c:983:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf (tstring,"%c%02d:%02d:%05.2f",sign,degrees,minutes,seconds);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hput.c:994:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf (tstring,"%c%02d:%02d:%04.1f",sign,degrees,minutes,seconds);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hput.c:1005:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf (tstring,"%c%02d:%02d:%04.1f",sign,degrees,minutes,seconds);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hput.c:1030:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char degform[8];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hput.c:1032:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tstring[64];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hput.c:1052:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (degform, "%%%d.%df", field, ndec);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hput.c:1056:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (degform, "%%%4d", field);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hput.c:1082:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char numform[8];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hput.c:1086:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (numform, "%%%d.%df", field, ndec);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hput.c:1090:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (numform, "%%%dd", field);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hput.c:1096:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (numform, "%%.%df", ndec);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hput.c:1100:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (string, "%d", (int)num);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/iget.c:40:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char val[30];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/iget.c:276:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *value,val[30];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/iget.c:342:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char cval[500];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/iget.c:344:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cwhite[8];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/iget.c:345:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lbracket[2],rbracket[2];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/iget.c:346:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyword[16];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/iget.c:347:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[500];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/iget.c:394:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ipar = atoi (c1);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imgetvimoswcs.c:39:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char ctypes[28][4]; /* 3-letter codes for projections */
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imgetvimoswcs.c:67:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rstr[64], dstr[64], temp[16], cstr[16];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imgetvimoswcs.c:125:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (temp,"RA---");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imgetvimoswcs.c:128:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (temp,"DEC--");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imgetvimoswcs.c:437:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[0], "DSS");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imgetvimoswcs.c:438:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[1], "AZP");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imgetvimoswcs.c:439:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[2], "TAN");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imgetvimoswcs.c:440:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[3], "SIN");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imgetvimoswcs.c:441:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[4], "STG");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imgetvimoswcs.c:442:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[5], "ARC");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imgetvimoswcs.c:443:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[6], "ZPN");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imgetvimoswcs.c:444:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[7], "ZEA");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imgetvimoswcs.c:445:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[8], "AIR");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imgetvimoswcs.c:446:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[9], "CYP");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imgetvimoswcs.c:447:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[10], "CAR");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imgetvimoswcs.c:448:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[11], "MER");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imgetvimoswcs.c:449:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[12], "CEA");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imgetvimoswcs.c:450:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[13], "COP");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imgetvimoswcs.c:451:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[14], "COD");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imgetvimoswcs.c:452:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[15], "COE");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imgetvimoswcs.c:453:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[16], "COO");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imgetvimoswcs.c:454:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[17], "BON");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imgetvimoswcs.c:455:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[18], "PCO");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imgetvimoswcs.c:456:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[19], "GLS");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imgetvimoswcs.c:457:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[20], "PAR");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imgetvimoswcs.c:458:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[21], "AIT");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imgetvimoswcs.c:459:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[22], "MOL");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imgetvimoswcs.c:460:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[23], "CSC");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imgetvimoswcs.c:461:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[24], "QSC");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imgetvimoswcs.c:462:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[25], "TSC");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imgetvimoswcs.c:463:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[26], "NCP");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imgetvimoswcs.c:464:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[27], "TNX");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imhfile.c:176:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen (filename, "r");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imhfile.c:247:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pixname[SZ_IM2PIXFILE+1];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imhfile.c:248:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char newpixname[SZ_IM2HDRFILE+1];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imhfile.c:256:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen (bang + 1, "r");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imhfile.c:258:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen (pixname, "r");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imhfile.c:267:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen (newpixname, "r");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imhfile.c:437:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *fhead, *fhead1, *fp, endline[81];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imhfile.c:439:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fitsline[81];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imhfile.c:595:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (fitsline, "IRAF header file name");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imhfile.c:627:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (fitsline, "IRAF .pix pixel file");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imhfile.c:813:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open (hdrname, O_WRONLY);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imhfile.c:820:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open (hdrname, O_RDWR+O_CREAT, 0666);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imhfile.c:857:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pixname[SZ_IM2PIXFILE+1];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imhfile.c:909:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open (pixname, O_WRONLY);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imhfile.c:916:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open (pixname, O_RDWR+O_CREAT, 0666);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imhfile.c:1022:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *fitsend, *fitsp, pixfile[SZ_IM2PIXFILE], hdrfile[SZ_IM2HDRFILE];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imhfile.c:1023:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char title[SZ_IM2TITLE], temp[80];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imhfile.c:1139:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (temp, "HDR$");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imhfile.c:1145:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (temp, "HDR$");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imhfile.c:1165:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (temp, "HDR$");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imhfile.c:1675:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[8];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imio.c:865:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[8];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imrotate.c:37:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char history[128];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imrotate.c:251:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char flds[15][8];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imrotate.c:252:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctype1[16], ctype2[16];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imrotate.c:256:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (flds[0], "CTYPE1");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imrotate.c:257:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (flds[1], "CTYPE2");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imrotate.c:258:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (flds[2], "CRVAL1");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imrotate.c:259:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (flds[3], "CRVAL2");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imrotate.c:260:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (flds[4], "CDELT1");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imrotate.c:261:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (flds[5], "CDELT2");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imrotate.c:262:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (flds[6], "CRPIX1");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imrotate.c:263:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (flds[7], "CRPIX2");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imrotate.c:264:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (flds[8], "CROTA1");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imrotate.c:265:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (flds[9], "CROTA2");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imrotate.c:266:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (flds[10], "IMWCS");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imrotate.c:267:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (flds[11], "CD1_1");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imrotate.c:268:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (flds[12], "CD1_2");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imrotate.c:269:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (flds[13], "CD2_1");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imrotate.c:270:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (flds[14], "CD2_2");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imrotate.c:502:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyword[16];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imrotate.c:505:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword,"CO1_%d", i);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imrotate.c:509:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword,"CO2_%d", i);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imsetvimoswcs.c:53:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char defcatname[8]; /* default catalog name */
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imsetvimoswcs.c:66:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char matchcat[32]=""; /* Match catalog name */
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imsetvimoswcs.c:118:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char numstr[32];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imsetvimoswcs.c:127:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rstr[32], dstr[32];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imsetvimoswcs.c:132:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char refcoor[8];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imsetvimoswcs.c:133:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char title[80];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imsetvimoswcs.c:451:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rastr[32], decstr[32];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imsetvimoswcs.c:761:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rstr[32], dstr[32], numstr[32];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imvimoswcs.c:32:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outname[128]; /* Name for output image */
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imvimoswcs.c:67:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rastr[16];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imvimoswcs.c:68:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char decstr[16];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imvimoswcs.c:71:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[128];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imvimoswcs.c:299:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((flist = fopen (listfile, "r")) == NULL) {
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imvimoswcs.c:383:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char newname[128]; /* Name for revised image */
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imvimoswcs.c:384:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pixname[128]; /* Pixel file name for revised image */
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imvimoswcs.c:385:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[16];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imvimoswcs.c:514:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (temp,"%1d",rot);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imvimoswcs.c:516:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (temp,"%2d",rot);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imvimoswcs.c:518:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (temp,"%3d",rot);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imvimoswcs.c:520:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (temp,"%4d",rot);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imvimoswcs.c:526:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (newname, "w.fits");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imvimoswcs.c:528:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (pixname, "HDR$");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imvimoswcs.c:530:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (pixname, "w.pix");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imvimoswcs.c:532:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (newname, "w.imh");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/matchstar.c:97:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rastr[16], decstr[16];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/matchstar.c:101:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vpar[16]; /* List of parameters to fit */
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/matchstar.c:278:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (vpar, "%d", pfit);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/matchstar.c:346:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vimoswcstring[64];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/matchstar.c:462:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rastr[32], decstr[32];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/matchstar.c:470:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[1025];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/matchstar.c:475:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char token[256];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/matchstar.c:486:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fd = fopen (filename, "r"))) {
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/matchstar.c:687:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rastr[16], decstr[16];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/matchstar.c:691:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vpar[16]; /* List of parameters to fit */
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/matchstar.c:788:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (vpar, "%d", pfit);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/matchstar.c:856:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vimoswcstring[64];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/matchstar.c:975:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rastr[16],decstr[16];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/matchstar.c:1227:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rastr[16], decstr[16];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/matchstar.c:1268:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rastr[16],decstr[16];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/platefit.c:198:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rastr[16], decstr[16];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/platepos.c:343:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyword[16];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/platepos.c:347:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword,"CO1_%d",i+1);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/platepos.c:351:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword,"CO2_%d",i+1);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/polyfit.c:196:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rastr[16], decstr[16];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/tabread.c:103:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cstr[32];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/tabread.c:386:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cstr[32];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/tabread.c:654:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[TABMAX];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/tabread.c:724:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cstr[32];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/tabread.c:760:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sc->keyid, "ID");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/tabread.c:762:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sc->keyid, "id");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/tabread.c:781:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sc->keyra, "RA");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/tabread.c:783:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sc->keyra, "ra");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/tabread.c:785:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sc->keyra, "ra");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/tabread.c:795:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sc->keydec, "DEC");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/tabread.c:797:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sc->keydec, "dec");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/tabread.c:799:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sc->keydec, "dec");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/tabread.c:809:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sc->keymag1, "MAG");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/tabread.c:811:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sc->keymag1, "MAG");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/tabread.c:813:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sc->keymag1, "MAG");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/tabread.c:815:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sc->keymag1, "magr");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/tabread.c:825:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sc->keymag2, "magb");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/tabread.c:827:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sc->keymag2, "magr");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/tabread.c:833:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sc->keyrpm, "URA");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/tabread.c:835:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sc->keyrpm, "ura");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/tabread.c:837:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sc->keyrpm, "Ura");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/tabread.c:839:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sc->keyrpm, "Ux");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/tabread.c:845:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sc->keydpm, "UDEC");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/tabread.c:847:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sc->keydpm, "udec");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/tabread.c:849:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sc->keydpm, "Udec");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/tabread.c:851:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sc->keydpm, "Uy");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/tabread.c:926:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sc->keypeak, "PEAK");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/tabread.c:928:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sc->keypeak, "peak");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/tabread.c:930:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sc->keypeak, "plate");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/tabread.c:934:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sc->keypeak, "field");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/tabread.c:942:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sc->keytype, "TYPE");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/tabread.c:944:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sc->keytype, "type");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/tabread.c:1039:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (cstr,"%.0f", (dnum * 100000000.0) + 0.1);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/tabread.c:1088:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cnum[32];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/tabread.c:1112:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (cnum,"%.0f", (st->num * 100000000.0) + 0.1);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/tabread.c:1260:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fcat = fopen (tabfile, "r"))) {
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/tabread.c:1318:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
itab = atoi (tabname);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/tabread.c:1493:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[24];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/tabread.c:1511:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[24];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/tabread.c:1528:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[24];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/tabread.c:1545:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[24];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/tabread.c:1563:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[24];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/tabread.c:1641:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[24];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/tabread.c:1661:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[24];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/tabread.c:1681:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *str0, *str1, *line, *head, keylow[24], keyup[24];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/tabread.c:1857:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((diskfile = fopen (filename, "r")) == NULL)
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/tnxfit.c:180:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rastr[16], decstr[16];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/ty2read.c:20:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ty2cd[64]="/data/catalogs/tycho2";
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/ty2read.c:69:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char inpath[128]; /* Pathname for input region file */
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/ty2read.c:84:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cstr[32];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/ty2read.c:343:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char inpath[128]; /* Pathname for input region file */
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/ty2read.c:525:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (tabpath,"/data/index.dat");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/ty2read.c:535:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*star1 = atoi (line);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/ty2read.c:538:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*star2 = atoi (line+nchar);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/ty2read.c:592:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (tabpath,"/data/index.dat");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/ty2read.c:650:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
num1 = atoi (line);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/ty2read.c:651:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
num2 = atoi (line+nchar);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/ty2read.c:771:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (ty2path, "/data/catalog.dat");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/ty2read.c:784:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fcat = fopen (ty2path, "r"))) {
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/ty2read.c:938:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((diskfile = fopen (filename, "r")) == NULL)
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/uacread.c:29:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char usa1path[64]="/data/usnosa10";
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/uacread.c:33:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char usa2path[64]="/data/usnosa20";
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/uacread.c:39:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char ua1path[64]="/data/ua1";
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/uacread.c:45:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char ua2path[64]="/data/ua2";
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/uacread.c:50:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char cdroot[32]="/cdrom";
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/uacread.c:53:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char cdname[11][8]={"ua001","ua002","ua003","ua004","ua005","ua006",
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/uacread.c:184:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ispc[2];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/uacread.c:186:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cstr[32];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/uacread.c:512:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ispc[2];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/uacread.c:810:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rastrx[16];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/uacread.c:830:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rastr[16];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/uacread.c:874:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zonepath[64]; /* Pathname for input UA zone file */
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/uacread.c:893:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fcat = fopen (zonepath, "r"))) {
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/ujcread.c:17:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char cdu[64]="/data/ujcat/catalog"; /* pathname of UJ 1.0 CDROM */
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/ujcread.c:83:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cstr[32];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/ujcread.c:97:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char title[128];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/ujcread.c:359:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char title[128];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/ujcread.c:565:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rastrx[16];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/ujcread.c:584:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rastr[16];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/ujcread.c:628:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zonepath[128]; /* Pathname for input UJ zone file */
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/ujcread.c:647:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fcat = fopen (zonepath, "r"))) {
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:75:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char vimoswcserrmsg[80];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:76:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char vimoswcsfile[256]={""};
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:155:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (vimoswcs->c1type,"RA");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:156:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (vimoswcs->c2type,"DEC");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:162:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (vimoswcs->ctype[0],"RA---");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:163:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (vimoswcs->ctype[1],"DEC--");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:182:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (vimoswcs->radecsys,"FK5");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:184:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (vimoswcs->radecsys,"FK4");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:281:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (vimoswcs->radecsys,"FK5");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:283:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (vimoswcs->radecsys,"FK4");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:317:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctypes[30][4];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:319:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[0], "LIN");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:320:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[1], "AZP");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:321:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[2], "TAN");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:322:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[3], "SIN");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:323:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[4], "STG");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:324:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[5], "ARC");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:325:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[6], "ZPN");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:326:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[7], "ZEA");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:327:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[8], "AIR");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:328:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[9], "CYP");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:329:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[10], "CAR");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:330:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[11], "MER");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:331:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[12], "CEA");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:332:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[13], "COP");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:333:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[14], "COD");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:334:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[15], "COE");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:335:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[16], "COO");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:336:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[17], "BON");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:337:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[18], "PCO");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:338:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[19], "GLS");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:339:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[20], "PAR");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:340:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[21], "AIT");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:341:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[22], "MOL");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:342:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[23], "CSC");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:343:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[24], "QSC");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:344:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[25], "TSC");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:345:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[26], "NCP");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:346:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[27], "DSS");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:347:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[28], "PLT");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:348:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[29], "TNX");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:463:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (vimoswcs->radecsys,"NPOLE");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:470:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (vimoswcs->radecsys,"SPA");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:640:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (vimoswcs->radecsys, "FK5");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:661:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (vimoswcs->radecsys, "FK4");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:1125:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vimoswcstring[32];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:1462:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command[120];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:1463:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char comform[120];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:1464:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char xystring[32];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:1476:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (comform, "sgsc -ah %s");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:1486:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void)sprintf (xystring, "%.2f %.2f", xfile, yfile);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:1566:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (vimoswcs->radecout+1,"%.4f", vimoswcs->equinox);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:1578:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (vimoswcs->radecout, "B1950");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:1583:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (vimoswcs->radecout+1,"%.4f", vimoswcs->equinox);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:1595:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (vimoswcs->radecout, "J2000");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:1674:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (vimoswcs->radecin+1,"%.4f", vimoswcs->equinox);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:1686:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (vimoswcs->radecin, "B1950");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:1691:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (vimoswcs->radecin+1,"%.4f", vimoswcs->equinox);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:1703:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (vimoswcs->radecin, "J2000");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:1804:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rastr[32], decstr[32];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:1824:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void)sprintf (vimoswcstring,"Off map");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:1879:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (vimoswcstring," galactic");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:1886:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (vimoswcstring," ecliptic");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:1888:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (vimoswcstring," ecliptic");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:1896:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (vimoswcstring," planet");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:1898:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (vimoswcstring," planet");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:1906:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (vimoswcstring," alt-az");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:1908:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (vimoswcstring," alt-az");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:1916:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (vimoswcstring," long-npa");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:1918:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (vimoswcstring," long-npa");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:1926:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (vimoswcstring," long-spa");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:1928:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (vimoswcstring," long-spa");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:1976:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (vimoswcstring, " linear");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:2371:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char vimoswcscoor0[16];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:2384:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *vimoswcscom0[10];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:2405:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char envar[16];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:2412:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (envar, "WCS_COMMAND");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:2414:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (envar, "WCS_COMMAND%d", i);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.h:73:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char instrument[32]; /* Instrument name */
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.h:74:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctype[4][9]; /* Values of CTYPEn keywords */
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.h:75:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c1type[9]; /* 1st coordinate type code:
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.h:77:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c2type[9]; /* 2nd coordinate type code:
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.h:79:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ptype[9]; /* projection type code:
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.h:81:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char units[4][32]; /* Units if LINEAR */
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.h:82:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char radecsys[32]; /* Reference frame: FK4, FK4-NO-E, FK5, GAPPT*/
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.h:83:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char radecout[32]; /* Output reference frame: FK4,FK5,GAL,ECL */
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.h:84:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char radecin[32]; /* Input reference frame: FK4,FK5,GAL,ECL */
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.h:92:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char center[32]; /* Center coordinates (with frame) */
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.h:99:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *command_format[10]; /* WCS command formats */
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcscat.h:90:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char isp[4]; /* Spectral type or other 2-char identifier */
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcscat.h:101:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char objname[32]; /* Object name */
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcscat.h:135:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char isfil[24]; /* Star catalog file name */
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcscat.h:136:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char isname[64]; /* Star catalog description */
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcscat.h:145:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char incdir[128]; /* Catalog directory pathname */
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcscat.h:146:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char incfile[32]; /* Catalog file name */
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcscat.h:175:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyid[16]; /* Entry name for ID */
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcscat.h:176:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyra[16]; /* Entry name for right ascension */
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcscat.h:177:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keydec[16]; /* Entry name for declination */
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcscat.h:178:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keymag1[16]; /* Entry name for first or only magnitude */
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcscat.h:179:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keymag2[16]; /* Entry name for second magnitude, if present */
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcscat.h:180:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyrpm[16]; /* Entry name for right ascension proper motion */
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcscat.h:181:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keydpm[16]; /* Entry name for declination proper motion */
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcscat.h:182:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keypeak[16]; /* Entry name for integer code */
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcscat.h:183:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keytype[16]; /* Entry name for spectral type */
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcscat.h:184:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyadd[16]; /* Entry name for additional keyword */
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcscat.h:270:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char white[MAXWHITE]; /* Whitespace (separator) characters */
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcscat.h:271:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *tok1[MAXTOKENS]; /* Pointers to start of tokens */
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcscon.c:681:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (cstr, "XY");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcscon.c:712:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (cstr, "B1950");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcscon.c:714:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (cstr, "B%7.2f", equinox);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcscon.c:722:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (cstr, "galactic");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcscon.c:724:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (cstr, "ecliptic");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcscon.c:727:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (cstr, "J2000");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcscon.c:729:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (cstr, "J%7.2f", equinox);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcscon.c:737:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (cstr, "PLANET");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcscon.c:1650:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void)sprintf (eqcoor,"%02d:%02d:%06.3f %c%02d:%02d:%05.2f",
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit.c:39:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vimoswcserrmsg[80];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit.c:92:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyword[12];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit.c:93:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *upval, value[72];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit.c:107:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (keyword, "WCSNAME");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit.c:201:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctype1[32], ctype2[32];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit.c:207:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyword[16], keycdelt[16];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit.c:214:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vimoswcsname[16]; /* Name of WCS depended on by current WCS */
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit.c:270:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword,"WCSDEP%c",mchar);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit.c:282:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword,"CTYPE1%c",mchar);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit.c:286:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword,"CTYPE2%c",mchar);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit.c:297:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword,"CTYPE3%c",mchar);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit.c:300:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword,"CTYPE4%c",mchar);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit.c:311:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword,"CUNIT1%c",mchar);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit.c:318:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword,"CUNIT2%c",mchar);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit.c:329:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword,"CRPIX1%c",mchar);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit.c:332:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword,"CRPIX2%c",mchar);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit.c:337:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword,"CRVAL1%c",mchar);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit.c:340:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword,"CRVAL2%c",mchar);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit.c:357:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword,"LONPOLE%c",mchar);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit.c:361:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword,"LATPOLE%c",mchar);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit.c:370:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword,"PROJR0%c", mchar);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit.c:374:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword,"PV%d%c",i, mchar);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit.c:382:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword,"CD1_1%c",mchar);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit.c:384:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword,"CD1_2%c",mchar);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit.c:386:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword,"CD2_1%c",mchar);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit.c:388:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword,"CD2_2%c",mchar);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit.c:390:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keycdelt, "CDELT1%c", mchar);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit.c:394:12: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
(void)strcpy (vimoswcs->ptype, "PLATE");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit.c:396:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword,"CO1_%d", i+1);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit.c:403:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword,"CO2_%d",i+1);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit.c:447:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword, "CDELT2%c", mchar);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit.c:540:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword,"CROTA2%c",mchar);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit.c:543:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword,"CROTA1%c",mchar);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit.c:605:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (vimoswcs->radecsys,"FK4");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit.c:607:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (vimoswcs->radecsys,"FK5");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit.c:619:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword,"PPO%d", i+1);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit.c:625:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword,"AMDX%d", i+1);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit.c:631:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword,"AMDY%d",i+1);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit.c:636:8: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
(void)strcpy (vimoswcs->c1type, "RA");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit.c:637:8: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
(void)strcpy (vimoswcs->c2type, "DEC");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit.c:638:8: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
(void)strcpy (vimoswcs->ptype, "DSS");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit.c:643:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (vimoswcs->ctype[0], "RA---DSS");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit.c:644:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (vimoswcs->ctype[1], "DEC--DSS");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit.c:820:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (vimoswcs->radecsys, "LINEAR");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit.c:824:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (vimoswcs->radecout, "FK4");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit.c:826:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (vimoswcs->radecout, "FK5");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit.c:869:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char systring[32], eqstring[32];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit.c:870:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char radeckey[16], eqkey[16];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit.c:876:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (eqkey, "EQUINOX%c", mchar);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit.c:878:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (eqkey, "EQUINOX");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit.c:882:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (radeckey,"RADESYS%c", mchar);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit.c:884:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (radeckey, "RADECSYS");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit.c:890:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ieq = atoi (eqstring+1);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit.c:891:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (systring, "FK5");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit.c:895:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ieq = atoi (eqstring+1);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit.c:896:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (systring, "FK4");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit.c:941:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (systring,"FK5");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit.c:973:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (vimoswcs->radecsys,"GALACTIC");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit.c:975:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (vimoswcs->radecsys,"ECLIPTIC");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit.c:977:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (vimoswcs->radecsys,"SGALACTC");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit.c:979:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (vimoswcs->radecsys,"HELIOECL");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit.c:981:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (vimoswcs->radecsys,"ALTAZ");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit.c:983:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (vimoswcs->radecsys,"LINEAR");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit.c:989:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (vimoswcs->radecsys,"FK5");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit.c:991:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (vimoswcs->radecsys,"FK4");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit0.c:32:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vimoswcserrmsg[80];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit0.c:57:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctype1[32], ctype2[32];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit0.c:63:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyword[16];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit0.c:199:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword,"PROJP%d",i);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit0.c:212:12: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
(void)strcpy (vimoswcs->ptype, "PLATE");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit0.c:214:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword,"CO1_%d", i+1);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit0.c:221:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword,"CO2_%d",i+1);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit0.c:419:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (vimoswcs->radecsys,"FK4");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit0.c:421:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (vimoswcs->radecsys,"FK5");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit0.c:433:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword,"PPO%d", i+1);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit0.c:439:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword,"AMDX%d", i+1);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit0.c:445:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword,"AMDY%d",i+1);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit0.c:450:8: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
(void)strcpy (vimoswcs->c1type, "RA");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit0.c:451:8: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
(void)strcpy (vimoswcs->c2type, "DEC");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit0.c:452:8: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
(void)strcpy (vimoswcs->ptype, "DSS");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit0.c:457:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (vimoswcs->ctype[0], "RA---DSS");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit0.c:458:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (vimoswcs->ctype[1], "DEC--DSS");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit0.c:630:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (vimoswcs->radecsys, "LINEAR");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit0.c:634:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (vimoswcs->radecout, "FK4");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit0.c:636:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (vimoswcs->radecout, "FK5");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit0.c:663:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char systring[32], eqstring[32];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit0.c:671:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ieq = atoi (eqstring+1);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit0.c:672:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (systring, "FK5");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit0.c:676:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ieq = atoi (eqstring+1);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit0.c:677:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (systring, "FK4");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit0.c:722:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (systring,"FK5");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit0.c:754:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (vimoswcs->radecsys,"GALACTIC");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit0.c:756:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (vimoswcs->radecsys,"ECLIPTIC");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit0.c:758:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (vimoswcs->radecsys,"SGALACTC");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit0.c:760:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (vimoswcs->radecsys,"HELIOECL");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit0.c:762:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (vimoswcs->radecsys,"ALTAZ");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit0.c:764:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (vimoswcs->radecsys,"LINEAR");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit0.c:770:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (vimoswcs->radecsys,"FK5");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit0.c:772:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (vimoswcs->radecsys,"FK4");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit1.c:32:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vimoswcserrmsg[80];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit1.c:57:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctype1[32], ctype2[32];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit1.c:63:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyword[16];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit1.c:199:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword,"PROJP%d",i);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit1.c:212:12: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
(void)strcpy (vimoswcs->ptype, "PLATE");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit1.c:214:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword,"CO1_%d", i+1);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit1.c:221:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword,"CO2_%d",i+1);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit1.c:419:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (vimoswcs->radecsys,"FK4");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit1.c:421:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (vimoswcs->radecsys,"FK5");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit1.c:433:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword,"PPO%d", i+1);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit1.c:439:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword,"AMDX%d", i+1);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit1.c:445:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword,"AMDY%d",i+1);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit1.c:450:8: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
(void)strcpy (vimoswcs->c1type, "RA");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit1.c:451:8: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
(void)strcpy (vimoswcs->c2type, "DEC");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit1.c:452:8: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
(void)strcpy (vimoswcs->ptype, "DSS");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit1.c:457:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (vimoswcs->ctype[0], "RA---DSS");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit1.c:458:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (vimoswcs->ctype[1], "DEC--DSS");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit1.c:630:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (vimoswcs->radecsys, "LINEAR");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit1.c:634:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (vimoswcs->radecout, "FK4");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit1.c:636:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (vimoswcs->radecout, "FK5");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit1.c:663:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char systring[32], eqstring[32];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit1.c:671:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ieq = atoi (eqstring+1);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit1.c:672:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (systring, "FK5");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit1.c:676:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ieq = atoi (eqstring+1);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit1.c:677:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (systring, "FK4");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit1.c:722:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (systring,"FK5");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit1.c:754:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (vimoswcs->radecsys,"GALACTIC");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit1.c:756:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (vimoswcs->radecsys,"ECLIPTIC");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit1.c:758:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (vimoswcs->radecsys,"SGALACTC");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit1.c:760:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (vimoswcs->radecsys,"HELIOECL");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit1.c:762:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (vimoswcs->radecsys,"ALTAZ");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit1.c:764:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (vimoswcs->radecsys,"LINEAR");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit1.c:770:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (vimoswcs->radecsys,"FK5");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit1.c:772:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (vimoswcs->radecsys,"FK4");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinitm.c:39:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vimoswcserrmsg[80];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinitm.c:94:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyword[12];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinitm.c:95:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *upval, value[72];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinitm.c:109:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (keyword, "WCSNAME");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinitm.c:203:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctype1[32], ctype2[32];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinitm.c:209:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyword[16], keycdelt[16];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinitm.c:216:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vimoswcsname[16]; /* Name of WCS depended on by current WCS */
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinitm.c:270:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword,"WCSDEP%c",mchar);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinitm.c:282:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword,"CTYPE1%c",mchar);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinitm.c:286:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword,"CTYPE2%c",mchar);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinitm.c:297:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword,"CTYPE3%c",mchar);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinitm.c:300:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword,"CTYPE4%c",mchar);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinitm.c:311:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword,"CUNIT1%c",mchar);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinitm.c:318:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword,"CUNIT2%c",mchar);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinitm.c:329:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword,"CRPIX1%c",mchar);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinitm.c:332:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword,"CRPIX1%c",mchar);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinitm.c:337:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword,"CRVAL1%c",mchar);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinitm.c:340:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword,"CRVAL2%c",mchar);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinitm.c:357:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword,"LONPOLE%c",mchar);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinitm.c:361:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword,"LATPOLE%c",mchar);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinitm.c:370:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword,"PROJR0%c", mchar);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinitm.c:374:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword,"PV%d%c",i, mchar);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinitm.c:382:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword,"CD1_1%c",mchar);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinitm.c:384:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword,"CD1_2%c",mchar);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinitm.c:386:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword,"CD2_1%c",mchar);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinitm.c:388:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword,"CD2_2%c",mchar);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinitm.c:390:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keycdelt, "CDELT1%c", mchar);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinitm.c:394:12: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
(void)strcpy (vimoswcs->ptype, "PLATE");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinitm.c:396:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword,"CO1_%d", i+1);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinitm.c:403:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword,"CO2_%d",i+1);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinitm.c:447:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword, "CDELT2%c", mchar);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinitm.c:540:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword,"CROTA2%c",mchar);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinitm.c:543:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword,"CROTA1%c",mchar);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinitm.c:605:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (vimoswcs->radecsys,"FK4");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinitm.c:607:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (vimoswcs->radecsys,"FK5");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinitm.c:619:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword,"PPO%d", i+1);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinitm.c:625:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword,"AMDX%d", i+1);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinitm.c:631:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword,"AMDY%d",i+1);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinitm.c:636:8: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
(void)strcpy (vimoswcs->c1type, "RA");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinitm.c:637:8: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
(void)strcpy (vimoswcs->c2type, "DEC");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinitm.c:638:8: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
(void)strcpy (vimoswcs->ptype, "DSS");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinitm.c:643:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (vimoswcs->ctype[0], "RA---DSS");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinitm.c:644:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (vimoswcs->ctype[1], "DEC--DSS");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinitm.c:819:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (vimoswcs->radecsys, "LINEAR");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinitm.c:823:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (vimoswcs->radecout, "FK4");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinitm.c:825:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (vimoswcs->radecout, "FK5");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinitm.c:868:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char systring[32], eqstring[32];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinitm.c:869:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char radeckey[16], eqkey[16];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinitm.c:875:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (eqkey, "EQUINOX%c", mchar);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinitm.c:877:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (eqkey, "EQUINOX");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinitm.c:881:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (radeckey,"RADESYS%c", mchar);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinitm.c:883:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (radeckey, "RADECSYS");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinitm.c:889:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ieq = atoi (eqstring+1);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinitm.c:890:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (systring, "FK5");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinitm.c:894:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ieq = atoi (eqstring+1);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinitm.c:895:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (systring, "FK4");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinitm.c:940:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (systring,"FK5");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinitm.c:972:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (vimoswcs->radecsys,"GALACTIC");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinitm.c:974:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (vimoswcs->radecsys,"ECLIPTIC");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinitm.c:976:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (vimoswcs->radecsys,"SGALACTC");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinitm.c:978:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (vimoswcs->radecsys,"HELIOECL");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinitm.c:980:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (vimoswcs->radecsys,"ALTAZ");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinitm.c:982:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (vimoswcs->radecsys,"LINEAR");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinitm.c:988:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (vimoswcs->radecsys,"FK5");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinitm.c:990:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (vimoswcs->radecsys,"FK4");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcslib.c:426:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char requir[9];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcslib.c:459:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(vimoswcs->pcode, "%.3s", &ctype[j][5]);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcslib.c:463:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(vimoswcs->lngtyp, "RA");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcslib.c:464:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(vimoswcs->lattyp, "DEC");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcslib.c:469:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(vimoswcs->lngtyp, "RA");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcslib.c:470:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(vimoswcs->lattyp, "DEC");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcslib.c:475:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(vimoswcs->lngtyp, "%cLON", ctype[j][0]);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcslib.c:476:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(vimoswcs->lattyp, "%cLAT", ctype[j][0]);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcslib.c:481:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(vimoswcs->lngtyp, "%cLON", ctype[j][0]);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcslib.c:482:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(vimoswcs->lattyp, "%cLAT", ctype[j][0]);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcslib.c:555:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(vimoswcs->pcode, "SIN");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcslib.c:689:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(vimoswcs->pcode, "SIN");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcslib.h:165:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char pcodes[25][4];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcslib.h:239:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pcode[4];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcslib.h:240:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lngtyp[5], lattyp[5];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcspoly.c:200:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyword[16];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcspoly.c:205:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword,"PX1_%d",i+1);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcspoly.c:211:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword,"PX2_%d",i+1);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcspoly.c:227:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyword[16];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcspoly.c:231:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword,"PX1_%d",i+1);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcspoly.c:236:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword,"PX2_%d",i+1);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/webread.c:78:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char srchurl[LINE];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/webread.c:79:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[64];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/webread.c:84:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cstr[32];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/webread.c:99:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (temp, "radius=%.3f&",dtemp);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/webread.c:104:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (temp, "dra=%.3f&",dtemp);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/webread.c:107:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (temp, "ddec=%.3f&",dtemp);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/webread.c:111:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (temp, "mag1=%.2f&mag=%.2f&",mag1,mag2);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/webread.c:115:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (temp, "epoch=%.5f&", epout);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/webread.c:128:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (srchurl, "?ra=%.7f&dec=%.7f&", ra, dec);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/webread.c:131:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (temp, "radius=%.3f&",dtemp);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/webread.c:136:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (temp, "radius=%.3f&",dtemp*60.0);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/webread.c:138:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (temp, "radius=%.3f&",ddec*60.0);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/webread.c:141:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (temp, "nout=%d&mime=skycat", nstarmax);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/webread.c:153:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (srchurl, "?ra=%.7f&dec=%.7f&", ra, dec);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/webread.c:156:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (temp, "radius=%.3f&",dtemp);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/webread.c:160:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (temp, "radius=%.3f&",dra*3600.0);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/webread.c:162:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (temp, "radius=%.3f&",ddec*3600.0);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/webread.c:166:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (temp, "mag=%.2f,%.2f&", mag1, mag2);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/webread.c:169:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (temp, "format=8&sort=mr");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/webread.c:223:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char srchurl[LINE];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/webread.c:224:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char numlist[LINE];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/webread.c:225:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char numstr[32];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/webread.c:226:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char csys[32];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/webread.c:229:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char title[64]; /* Description of catalog (returned) */
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/webread.c:233:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cstr[32];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/webread.c:234:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[64];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/webread.c:254:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (temp, "epoch=%.5f&", epout);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/webread.c:294:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char linebuff[LINE];
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/webread.c:558:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hostname[MAXHOSTNAMELENGTH + 12]; /* name of host */
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/webread.c:606:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&adrinet->sin_addr, hp->h_addr_list[0], hp->h_length);
data/cpl-plugin-vimos-4.1.1+dfsg/irplib/irplib_cat.c:287:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fullname[FILENAME_SZBUF];
data/cpl-plugin-vimos-4.1.1+dfsg/irplib/irplib_plugin.c:493:34: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
stream = is_debug ? stdout : fopen("/dev/null", "a");
data/cpl-plugin-vimos-4.1.1+dfsg/irplib/irplib_plugin.c:655:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
= svalue ? atoi(svalue) : cpl_parameter_get_default_bool(p);
data/cpl-plugin-vimos-4.1.1+dfsg/irplib/irplib_plugin.c:661:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
= svalue ? atoi(svalue) : cpl_parameter_get_default_int(p);
data/cpl-plugin-vimos-4.1.1+dfsg/irplib/irplib_plugin.c:1030:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[LINE_LEN_MAX + 1];
data/cpl-plugin-vimos-4.1.1+dfsg/irplib/irplib_plugin.c:1031:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[LINE_LEN_MAX + 1], group[LINE_LEN_MAX + 1], tag[LINE_LEN_MAX + 1];
data/cpl-plugin-vimos-4.1.1+dfsg/irplib/irplib_plugin.c:1037:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(name, "r");
data/cpl-plugin-vimos-4.1.1+dfsg/irplib/irplib_utils.c:1010:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
stream = fopen(rawfile, "r");
data/cpl-plugin-vimos-4.1.1+dfsg/irplib/irplib_wlxcorr.c:738:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char title_loc[1024] ;
data/cpl-plugin-vimos-4.1.1+dfsg/irplib/tests/irplib_utils-test.c:130:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zero[100] = {0};
data/cpl-plugin-vimos-4.1.1+dfsg/irplib/tests/irplib_utils-test.c:168:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[32] = "";
data/cpl-plugin-vimos-4.1.1+dfsg/irplib/tests/irplib_utils-test.c:256:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(filename1, "w");
data/cpl-plugin-vimos-4.1.1+dfsg/irplib/tests/irplib_utils-test.c:260:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(filename2, "w");
data/cpl-plugin-vimos-4.1.1+dfsg/irplib/tests/irplib_wlxcorr-test.c:134:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
? fopen("/dev/null", "a") : stdout;
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/kazlib/dict.c:1200:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
typedef char input_t[256];
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/kazlib/dict.c:1239:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new, str, sz);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/kazlib/dict.c:1465:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int dictnum = atoi(tok1);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/kazlib/dict.c:1478:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int dict1 = atoi(tok1), dict2 = atoi(tok2);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/kazlib/dict.c:1478:39: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int dict1 = atoi(tok1), dict2 = atoi(tok2);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/kazlib/hash.c:851:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
typedef char input_t[256];
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/kazlib/hash.c:885:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new, str, sz);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/kazlib/list.c:781:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
typedef char input_t[256];
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/kazlib/list.c:820:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new, str, sz);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/md5.c:103:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void MD5Final(unsigned char digest[16], struct MD5Context *ctx)
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/md5.h:10:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char in[64];
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/md5.h:16:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void MD5Final(unsigned char digest[16], struct MD5Context *context);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilcdb.c:409:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if (!memcpy(db_value->value, value, sz)) {
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilcdb.c:1059:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cfgline[PIL_LINE_LENGTH_MAX + 1];
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilcdb.c:1060:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char grpname[PIL_LINE_LENGTH_MAX + 1];
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilcdb.c:1061:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyname[PIL_LINE_LENGTH_MAX + 1], keyvalue[PIL_LINE_LENGTH_MAX + 1];
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pildate.c:57:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char timeISO8601[TIME_ISO8601_LENGTH];
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pildfsconfig.c:137:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PIL_PATHNAME_MAX + 1];
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pildfsconfig.c:212:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(s, instrument, strlen(instrument) + 1);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pildfsconfig.c:707:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(cfgfile = fopen(filename, "w")))
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pildfsconfig.c:776:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(cfgfile = fopen(filename, "r"))) {
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pildfsconfig.c:807:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(cfgfile = fopen(filename, "r"))) {
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pildfsconfig.c:836:34: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (filename && (cfgfile = fopen(filename, "r"))) {
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pildfsconfig.c:844:34: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (filename && (cfgfile = fopen(filename, "r"))) {
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilfileutils.c:150:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char spath[PIL_PATHNAME_MAX + 1];
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilfileutils.c:151:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tpath[2 * (PIL_PATHNAME_MAX + 1)]; /* Avoid buffer overflow */
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilfileutils.c:287:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fits_record[FITS_RECORD_SIZE];
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilfileutils.c:290:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((file = fopen(filename, "r"))) {
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilfileutils.c:331:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char paf_record[PAF_RECORD_SIZE + 1];
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilfileutils.c:334:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((file = fopen(filename, "r"))) {
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilfileutils.c:394:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char basename[PIL_PATHNAME_MAX + 1];
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilfileutils.c:397:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tfile[PIL_PATHNAME_MAX + 1];
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilfileutils.c:451:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char dirname[PIL_PATHNAME_MAX + 1];
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilfileutils.c:511:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char expanded_path[PIL_PATHNAME_MAX + 1];
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilfileutils.c:513:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tpath[PIL_PATHNAME_MAX + 1];
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilfits.c:104:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char card[PIL_FITS_CARD_MAX];
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilfits.c:105:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char comment[PIL_FITS_CARD_MAX];
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilfits.c:106:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[PIL_FITS_VALUE_MAX];
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilfits.c:107:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type[2];
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilfits.c:498:26: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
TLOGICAL, (char *)keyName, f[value], (char *)comment, &status))
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilfits.c:674:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char card[FLEN_CARD];
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilfits.c:738:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char card[FLEN_CARD];
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilfits.c:805:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char card[FLEN_CARD];
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilfits.c:872:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char card[FLEN_CARD];
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilfits.c:956:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char datecard[FLEN_CARD];
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilfits.c:957:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char card[FLEN_CARD];
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilfits.c:1088:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dummy[FLEN_CARD];
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilfits.c:1266:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[FLEN_CARD];
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilfits.c:1325:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char card[FLEN_CARD];
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilfits.c:1410:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char datamd5[MD5HASHSZ+1];
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilfits.c:1412:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char digest[16];
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilfits.c:1414:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[PIL_FITS_BLOCK_SIZE];
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilfits.c:1428:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((in = fopen(filename, "r")) == NULL) {
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilfits.c:1540:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(datamd5,
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilframe.c:275:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(frame->filename, filename, length);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilframeset.c:446:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sofline[PIL_LINE_LENGTH_MAX + 1];
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilframeset.c:450:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fp = fopen(filename, "r")))
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilframeset.c:455:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PIL_LINE_LENGTH_MAX + 1];
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilframeset.c:456:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char group[PIL_LINE_LENGTH_MAX + 1];
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilframeset.c:457:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tag[PIL_LINE_LENGTH_MAX + 1];
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilframeset.c:541:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(filename, "w");
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilmessages.c:81:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char recipeName[MAX_RECIPE_NAME] = "Undefined";
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilmessages.c:82:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char logfileName[MAX_LOGFILE_NAME] = ".logfile";
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilmessages.c:147:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[MAX_MESSAGE_LENGTH + 1];
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilmessages.c:185:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[MAX_MESSAGE_LENGTH + 1];
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilmessages.c:273:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char messageText[MAX_MESSAGE_LENGTH];
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilmessages.c:274:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char messageLog[MAX_MESSAGE_LENGTH];
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilmessages.c:275:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char messageTerminal[MAX_MESSAGE_LENGTH];
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilmessages.c:347:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(messageTerminal, ": ");
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilmessages.c:360:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(messageTerminal, "() ");
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilmessages.c:364:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(messageLog, "() ");
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilmessages.c:527:27: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((logfilePointer = fopen(logfileName, "w")) == NULL) {
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilpaf.c:226:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(record->data.sval, value, sz);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilpaf.c:266:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(record->data.sval, value, sz);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilpaf.c:597:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(record->data.sval, value, sz);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilpaf.c:615:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buffer[PAF_RECORD_MAX + 1];
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilpaf.c:616:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[PAF_RECORD_MAX + 1];
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilpaf.c:1616:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(record->comment, comment, sz + 1);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilpaf.c:2408:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
stream = fopen(_pilPAFGetValueString(paf->header, PAF_NAME), "wb");
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilpaf.c:2448:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[PAF_RECORD_MAX];
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilqc.c:58:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char pafName[MAX_PAF_NAME_LENGTH];
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilqc.c:71:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char version[DICT_LINE_LENGTH];
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilqc.c:72:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[DICT_LINE_LENGTH];
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilqc.c:79:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fp = fopen(name, "r")))
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilrecipe.c:250:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((src = open(srcpath, O_RDONLY)) == -1)
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilrecipe.c:258:16: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((dst = open(dstpath, O_CREAT | O_WRONLY | O_TRUNC,
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilrecipe.c:571:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char optfmt[64], optname[4096];
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilrecipe.c:572:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char message[4096];
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilrecipe.c:893:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *name = (char *)rpar[np].name;
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilrecipe.c:986:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char category[PIL_CATEGORY_MAX + 1];
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilrecipe.c:1080:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(name, ".fits");
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilrecipe.c:1096:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(name, ".paf");
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilrecipe.c:1150:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char srcfile[PIL_PATHNAME_MAX + 1];
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilrecipe.c:1247:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char linkname[PIL_PATHNAME_MAX + 1];
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilrecipe.c:1352:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cwd[PIL_PATHNAME_MAX + 1];
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilrecipe.c:1353:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char srcfile[PIL_PATHNAME_MAX + 1], dstfile[PIL_PATHNAME_MAX + 1];
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilrecipe.c:1755:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
name = (char *)options[option_index].name;
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilrecipe.c:1982:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char logfile_dir[PIL_PATHNAME_MAX + 1];
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilrecipe.c:2124:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char product_dir[PIL_PATHNAME_MAX + 1], export_dir[PIL_PATHNAME_MAX + 1];
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilrecipe.c:2217:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char product_name[PIL_PATHNAME_MAX + 1];
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilrecipe.c:2283:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char product_name[PIL_PATHNAME_MAX + 1];
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilstrutils.c:86:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(s, string, sz);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilstrutils.c:122:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(s, string, n);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/piltimer.c:401:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char tstring[11];
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/piltimer.c:410:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tstring, "%4d-%02d-%02d",
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/piltimer.c:441:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char tstring[12];
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/piltimer.c:450:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tstring, "%02d:%02d:%02d.%03ld",
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/piltimer.c:483:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char tstring[29];
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/piltimer.c:530:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char tstring[24];
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/piltimer.c:540:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tstring, "%4d-%02d-%02dT%02d:%02d:%02d.%03ld",
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/piltranslator.c:984:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[PIL_LINE_LENGTH_MAX];
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/piltranslator.c:985:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char alias[PIL_LINE_LENGTH_MAX];
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/piltranslator.c:986:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[PIL_LINE_LENGTH_MAX];
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/piltranslator.c:987:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char form[PIL_LINE_LENGTH_MAX];
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/piltranslator.c:988:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char comment[PIL_LINE_LENGTH_MAX];
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/piltranslator.c:992:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen (filename, "r")) == NULL) {
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/piltranslator.c:1152:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
n = atoi(p);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/piltranslator.c:1224:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char translation[MAX_TRN_LENGTH];
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/piltranslator.c:1261:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
n = atoi(p);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/piltranslator.c:1574:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[PIL_LINE_LENGTH_MAX];
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/piltranslator.c:1575:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char alias[PIL_LINE_LENGTH_MAX];
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/piltranslator.c:1576:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[PIL_LINE_LENGTH_MAX];
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/piltranslator.c:1580:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen (filename, "r")) == NULL) {
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilutils.c:240:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char split[MAX_LENGTH];
data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/catalogue/casu_utilfunctions.c:17:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *notabkeys[NNOTABKEYS] = {"^CRVAL[1-2]*$","^CRPIX[1-2]*",
data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/catalogue/casu_utilfunctions.c:306:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[9],key2[9];
data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/catalogue/classify.c:97:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *g_colsfull[NCOLFULL] = {"Aper_flux_3","Aper_flux_1","Aper_flux_4",
data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/catalogue/classify.c:207:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *cols[ MAX(NCOL32, NCOLFULL) ], colname[32];
data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/catalogue/classify.c:233:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
cols[i] = (char *)g_colsfull[i];
data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/catalogue/classify.c:288:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(colname,"Areal_%zd_profile",i+1);
data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/catalogue/create_table.c:304:49: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern int imcore_do_seeing_gen(ap_t *ap, const char *col_ellipt,
data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/catalogue/create_table.c:305:32: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *col_pkht, char *col_areals[NAREAL],
data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/catalogue/create_table.c:305:48: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *col_pkht, char *col_areals[NAREAL],
data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/catalogue/create_table_6.c:95:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *ttype[NCOLS]={"Sequence_number","Isophotal_flux",
data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/catalogue/create_table_6.c:124:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *tunit[NCOLS]={"Number","ADU",
data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/catalogue/create_table_6.c:273:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *areal_colnames[NAREAL];
data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/catalogue/create_table_6.c:278:30: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
areal_colnames[i] = (char *)ttype[g_areal_cols[i]-1];
data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/catalogue/imcore_conf.c:164:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char card[64];
data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/hdrl_collapse.c:1863:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ddst + y, dsrc, cpl_vector_get_size(src->reject_low));
data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/hdrl_collapse.c:1866:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ddst + y, dsrc, cpl_vector_get_size(src->reject_high));
data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/hdrl_utils.c:484:18: [2] (tmpfile) mkstemp:
Potential for temporary file vulnerability in some circumstances. Some
older Unix-like systems create temp files with permission to write by all
by default, so be sure to set the umask to override this. Also, some older
Unix systems might fail to use O_EXCL when opening the file, so make sure
that O_EXCL is used by the library (CWE-377).
int fd = mkstemp(template);
data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/hdrl_utils.c:775:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ddata, sdata, naxis1 * naxis2 * sizeof(ddata[0]));
data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/hdrl_utils.c:1514:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&dstatus[i], cpl_array_get_data_int(lstatus),
data/cpl-plugin-vimos-4.1.1+dfsg/mosca/libmosca/global_distortion.cpp:138:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *clab[6] = {"c0", "c1", "c2", "c3", "c4", "c5"};
data/cpl-plugin-vimos-4.1.1+dfsg/mosca/libmosca/global_distortion.cpp:257:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_COLNAME];
data/cpl-plugin-vimos-4.1.1+dfsg/mosca/libmosca/spatial_distortion.cpp:352:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *clab[6] = {"c0", "c1", "c2", "c3", "c4", "c5"};
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vimos_ima_bias.c:249:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char alldesc[SZ_ALLDESC];
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vimos_ima_bias.c:417:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *vimos_names[VIMOS_NEXTN];
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vimos_ima_bias.c:603:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outfile[3][BUFSIZ],dateobs[81];
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vimos_ima_dark.c:274:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char alldesc[SZ_ALLDESC];
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vimos_ima_dark.c:457:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *vimos_names[VIMOS_NEXTN];
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vimos_ima_dark.c:730:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outfile[3][BUFSIZ],dateobs[81];
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vimos_ima_det_noise.c:58:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char extname[11];
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vimos_ima_det_noise.c:181:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char alldesc[SZ_ALLDESC];
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vimos_ima_det_noise.c:315:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *vimos_names[VIMOS_NEXTN];
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vimos_ima_fringe.c:223:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char alldesc[SZ_ALLDESC];
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vimos_ima_fringe.c:379:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bname[BUFSIZ],*vimos_names[VIMOS_NEXTN];
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vimos_ima_fringe.c:800:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *fname,*bname,filter[16],dateobs[32];
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vimos_ima_science.c:435:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char alldesc[SZ_ALLDESC];
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vimos_ima_science.c:771:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filt[16],projid[16],*fname,bname[BUFSIZ],*junk1,*junk2,pcat[32];
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vimos_ima_science.c:772:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *vimos_names[VIMOS_NEXTN],*assoc[2],photosys[8];
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vimos_ima_science.c:1162:15: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
(void)strcpy(photosys,"VEGA");
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vimos_ima_science.c:2000:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filt[32];
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vimos_ima_science.c:2185:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bname[BUFSIZ],filt[32],*base,*tname,prop[9];
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vimos_ima_science.c:2428:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bname[BUFSIZ],*base,*tname,filt[32],prop[9];
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vimos_ima_science.c:2580:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bname[BUFSIZ],*base,*tname;
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vimos_ima_science.c:2832:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpfname[BUFSIZ];
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vimos_ima_science.c:3052:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filter[16];
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vimos_ima_standard.c:363:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char alldesc[SZ_ALLDESC];
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vimos_ima_standard.c:640:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filt[16],projid[16],*fname,bname[BUFSIZ],*junk1,*junk2,*pcat;
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vimos_ima_standard.c:641:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *vimos_names[VIMOS_NEXTN],*assoc,photosys[8];
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vimos_ima_standard.c:1448:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filt[32];
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vimos_ima_standard.c:1634:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filt[32];
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vimos_ima_twilight_flat.c:308:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char alldesc[SZ_ALLDESC];
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vimos_ima_twilight_flat.c:512:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *vimos_names[VIMOS_NEXTN];
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vimos_ima_twilight_flat.c:893:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outfile[5][BUFSIZ],dateobs[81],filter[16];
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vimos_science.cc:895:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char version[80];
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vimos_science.cc:1428:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char version[80];
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmbias.cc:532:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char version[80];
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmbias.cc:538:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mbiasName[PATHNAME_MAX + 1];
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmdark.c:624:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char masterDarkName[PATHNAME_MAX + 1];
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmdark.c:625:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char comment[MAX_COMMENT_LENGTH];
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmdark.c:1645:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(masterDarkName, ".fits");
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmdet.c:396:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char badPixelImageName[PATHNAME_MAX + 1];
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmdet.c:397:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errorImageName[PATHNAME_MAX + 1];
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmdet.c:398:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ccdTableName[PATHNAME_MAX + 1];
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmdet.c:1510:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(ccdTableName, ".fits");
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmdet.c:1542:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(badPixelImageName, ".fits");
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmdet.c:1576:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(errorImageName, "errorImage");
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmdet.c:1577:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(errorImageName, ".fits");
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifucalib.c:549:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char masterFlatName[PATHNAME_MAX + 1];
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifucalib.c:550:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char extraName[PATHNAME_MAX + 1];
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifucalib.c:551:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char traceName[PATHNAME_MAX + 1];
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifucalib.c:552:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char transName[PATHNAME_MAX + 1];
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifucalib.c:553:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char idsName[PATHNAME_MAX + 1];
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifucalib.c:554:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char parName[50];
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifucalib.c:555:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char colName[5];
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifucalib.c:603:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char unit[20];
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifucalib.c:604:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char comment[80];
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifucalib.c:605:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char grismName[20];
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifucalib.c:606:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filterName[20];
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifucalib.c:607:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ifuShutter[10];
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifucalib.c:1357:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(parName, "ESO QC IFU LOST%d", slit + 1);
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifucalib.c:1362:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(parName, "ESO QC IFU TRACE%d RMS", slit + 1);
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifucalib.c:1367:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(parName, "ESO QC IFU REFROW%d", slit + 1);
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifucalib.c:1372:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(parName, "ESO QC IFU TRACE%d CENTRAL", slit + 1);
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifucalib.c:1377:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(parName, "ESO QC IFU TRACE%d SLOPE", slit + 1);
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifucalib.c:1383:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(parName, "ESO QC IFU TRACE%d COEFF%d", slit + 1, i);
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifucalib.c:1475:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(parName, "ESO QC IFU WAVELOST%d", slit + 1);
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifucalib.c:1478:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(parName, "ESO QC IFU WAVECAL%d COEFF%d", slit + 1, i);
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifucalib.c:1725:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(traceName, ".fits");
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifucalib.c:1742:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(colName, "c%d", i);
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifucalib.c:1862:11: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(idsName, ".fits");
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifucalib.c:1878:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(colName, "c%d", i);
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifucalib.c:1953:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(transName, ".fits");
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifucalib.c:2361:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(parName, "QC.IFU.REFROW%d", slit + 1);
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifucalib.c:2370:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(parName, "QC.IFU.LOST%d", slit + 1);
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifucalib.c:2379:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(parName, "QC.IFU.TRACE%d.RMS", slit + 1);
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifucalib.c:2388:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(parName, "QC.IFU.TRACE%d.CENTRAL", slit + 1);
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifucalib.c:2397:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(parName, "QC.IFU.TRACE%d.SLOPE", slit + 1);
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifucalib.c:2405:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(parName, "QC.IFU.TRACE%d.COEFF%d", slit + 1, i);
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifucalib.c:2409:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(unit, "pixel"); break;
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifucalib.c:2411:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(unit, "pixel/pixel"); break;
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifucalib.c:2413:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(unit, "pixel/pixel^%d", i);
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifucalib.c:2416:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(comment, "Median coefficient %d of tracing", i);
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifucalib.c:2692:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(parName, "QC.IFU.WAVELOST%d", slit + 1);
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifucalib.c:2698:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(parName, "QC.IFU.WAVECAL%d.COEFF%d", slit + 1, i);
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifucalib.c:2702:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(unit, "pixel"); break;
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifucalib.c:2704:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(unit, "pixel/Angstrom"); break;
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifucalib.c:2706:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(unit, "pixel/Angstrom^%d", i);
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifucalib.c:2709:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(comment, "Median coefficient %d of IDS", i);
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifucalib.c:2806:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(masterFlatName, ".fits");
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifucalib.c:2855:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(extraName, ".fits");
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifucalib.c:2883:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(extraName, ".fits");
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifucombine.c:287:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fovName[PATHNAME_MAX + 1];
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifucombine.c:300:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tplStart[24], atplStart[24];
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifucombine.c:476:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(fovName, ".fits");
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifucombinecube.cc:368:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cubeName[PATHNAME_MAX + 1];
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifucombinecube.cc:387:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tplStart[24];
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifucombinecube.cc:707:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(cubeName, ".fits");
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifuscience.c:388:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outIdsName[PATHNAME_MAX + 1];
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifuscience.c:390:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outTraceName[PATHNAME_MAX + 1];
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifuscience.c:392:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reducedName[PATHNAME_MAX + 1];
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifuscience.c:393:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fovName[PATHNAME_MAX + 1];
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifuscience.c:395:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char grismName[20];
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifuscience.c:396:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filterName[20];
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifuscience.c:397:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ifuShutter[10];
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifuscience.c:491:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tablename[1024];
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifuscience.c:1032:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(outTraceName, ".fits");
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifuscience.c:1117:11: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(outIdsName, ".fits");
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifuscience.c:1671:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(reducedName, ".fits");
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifuscience.c:1700:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(fovName, ".fits");
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifuscience.c:1729:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(reducedName, ".fits");
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifustandard.c:375:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reducedName[PATHNAME_MAX + 1];
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifustandard.c:376:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fovName[PATHNAME_MAX + 1];
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifustandard.c:377:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char skyName[PATHNAME_MAX + 1];
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifustandard.c:378:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char starName[PATHNAME_MAX + 1];
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifustandard.c:379:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sphotTableName[PATHNAME_MAX + 1];
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifustandard.c:380:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char parName[30];
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifustandard.c:382:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char grismName[20];
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifustandard.c:383:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filterName[20];
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifustandard.c:384:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ifuShutter[10];
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifustandard.c:1844:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(parName, "QC.IFU.EFFICIENCY%d.LAMBDA", i + 1);
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifustandard.c:1848:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(parName, "QC.IFU.EFFICIENCY%d", i + 1);
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifustandard.c:1870:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(sphotTableName, ".fits");
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifustandard.c:2090:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(reducedName, ".fits");
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifustandard.c:2124:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(fovName, ".fits");
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifustandard.c:2155:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(skyName, ".fits");
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifustandard.c:2183:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(starName, ".fits");
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmspphot.c:300:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char output1DName[PATHNAME_MAX + 1];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/moses.c:615:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_COLNAME];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/moses.c:641:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_COLNAME];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/moses.c:1216:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *clab[6] = {"c0", "c1", "c2", "c3", "c4", "c5"};
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/moses.c:1775:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *clab[6] = {"c0", "c1", "c2", "c3", "c4", "c5"};
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/moses.c:1929:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *clab[6] = {"c0", "c1", "c2", "c3", "c4", "c5"};
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/moses.c:2056:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *clab[6] = {"c0", "c1", "c2", "c3", "c4", "c5"};
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/moses.c:2364:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *clab[6] = {"c0", "c1", "c2", "c3", "c4", "c5"};
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/moses.c:2574:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *clab[6] = {"c0", "c1", "c2", "c3", "c4", "c5"};
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/moses.c:3213:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *clab[6] = {"c0", "c1", "c2", "c3", "c4", "c5"};
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/moses.c:3344:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *clab[6] = {"c0", "c1", "c2", "c3", "c4", "c5"};
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/moses.c:3748:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *clab[6] = {"c0", "c1", "c2", "c3", "c4", "c5"};
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/moses.c:5901:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *clab[6] = {"c0", "c1", "c2", "c3", "c4", "c5"};
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/moses.c:5908:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_COLNAME];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/moses.c:8404:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char trace_id[MAX_COLNAME];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/moses.c:8828:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char trace_id[MAX_COLNAME];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/moses.c:8829:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char trace_res[MAX_COLNAME];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/moses.c:8830:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char trace_mod[MAX_COLNAME];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/moses.c:8831:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *clab[6] = {"c0", "c1", "c2", "c3", "c4", "c5"};
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/moses.c:8985:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *clab[6] = {"c0", "c1", "c2", "c3", "c4", "c5"};
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/moses.c:9168:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *clab[6] = {"c0", "c1", "c2", "c3", "c4", "c5"};
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/moses.c:9597:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *clab[6] = {"c0", "c1", "c2", "c3", "c4", "c5"};
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/moses.c:9604:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_COLNAME];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/moses.c:10364:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *clab[6] = {"c0", "c1", "c2", "c3", "c4", "c5"};
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/moses.c:10653:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *clab[6] = {"c0", "c1", "c2", "c3", "c4", "c5"};
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/moses.c:10682:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char offname[MAX_COLNAME];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/moses.c:10683:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_COLNAME];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/moses.c:11144:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *clab[6] = {"c0", "c1", "c2", "c3", "c4", "c5"};
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/moses.c:11208:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char offname[MAX_COLNAME];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/moses.c:11250:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_COLNAME];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/moses.c:11388:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *clab[6] = {"c0", "c1", "c2", "c3", "c4", "c5"};
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/moses.c:11413:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_COLNAME];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/moses.c:11414:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[MAX_COLNAME];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/moses.c:12030:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *clab[6] = {"c0", "c1", "c2", "c3", "c4", "c5"};
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/moses.c:12115:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *clab[6] = {"c0", "c1", "c2", "c3", "c4", "c5"};
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/moses.c:12228:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *clab[6] = {"c0", "c1", "c2", "c3", "c4", "c5"};
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/moses.c:12578:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *clab[6] = {"c0", "c1", "c2", "c3", "c4", "c5"};
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/moses.c:13669:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_COLNAME];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/moses.c:14528:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *clab[6] = {"c0", "c1", "c2", "c3", "c4", "c5"};
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/moses.c:14803:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_COLNAME];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/moses.c:15179:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_COLNAME];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/moses.c:15324:37: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
max_satur = atoi(max_saturated);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/moses.c:15742:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyname[MAX_COLNAME];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/moses.c:15981:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyname[MAX_COLNAME];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/moses.c:16394:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyname[MAX_COLNAME];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/moses.c:16434:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(keyname, "ESO INS SLIT%d X", i+1);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/moses.c:16440:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(keyname, "ESO INS SLIT%d Y", i+1);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/moses.c:16447:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(keyname, "ESO INS SLIT%d X", j+1);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/moses.c:16453:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(keyname, "ESO INS SLIT%d Y", j+1);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/moses.c:16462:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(keyname, "ESO INS SLIT%d ID", i+1);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/moses.c:16468:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(keyname, "ESO INS SLIT%d ID", j+1);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/moses.c:16494:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(keyname, "ESO INS REF%d X", i+1);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/moses.c:16500:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(keyname, "ESO INS REF%d Y", i+1);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/moses.c:16507:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(keyname, "ESO INS REF%d X", j+1);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/moses.c:16513:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(keyname, "ESO INS REF%d Y", j+1);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/moses.c:16522:21: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(keyname, "ESO INS REF%d ID", i+1);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/moses.c:16528:21: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(keyname, "ESO INS REF%d ID", j+1);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/moses.c:16570:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(keyname, "ESO INS SLIT%d X", i+1);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/moses.c:16572:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(keyname, "ESO INS SLIT%d Y", i+1);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/moses.c:16576:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(keyname, "ESO INS SLIT%d X", j+1);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/moses.c:16578:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(keyname, "ESO INS SLIT%d Y", j+1);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/moses.c:16592:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(keyname, "ESO INS SLIT%d ID", i+1);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/moses.c:16595:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(keyname, "ESO INS SLIT%d DIMX", i+1);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/moses.c:16602:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(keyname, "ESO INS SLIT%d BEZIER DY", i+1);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/moses.c:16607:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(keyname, "ESO INS SLIT%d DIMY", i+1);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/moses.c:16630:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(keyname, "ESO INS REF%d X", i+1);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/moses.c:16632:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(keyname, "ESO INS REF%d Y", i+1);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/moses.c:16636:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(keyname, "ESO INS REF%d X", j+1);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/moses.c:16638:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(keyname, "ESO INS REF%d Y", j+1);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/moses.c:16652:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(keyname, "ESO INS REF%d ID", i+1);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/moses.c:16655:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(keyname, "ESO INS REF%d DIMX", i+1);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/moses.c:16662:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(keyname, "ESO INS REF%d DIMY", i+1);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_calib_impl.cc:284:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char version[80];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_calib_impl.cc:2198:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char version[80];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_calib_mult.cc:291:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char version[80];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_calib_mult.cc:2422:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char version[80];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_chop_region.c:84:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reg[64];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_chop_region.c:118:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void)sprintf(reg,"[%d:%d,%d:%d]",imin,imax,jmin,jmax);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_dfs.c:217:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char package[PACKSZ];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_dfs.c:294:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char package[PACKSZ];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_dfs.c:341:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(filename, ".fits");
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_dfs.c:1083:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(filename, ".fits");
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_dfs.c:1262:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(filename, ".fits");
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_dfs.c:1526:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(filename, ".fits");
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_dfs.c:1566:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(filename, ".fits");
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_dfs.c:1615:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(filename, ".fits");
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_flat_normalise.cc:102:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *clab[6] = {"c0", "c1", "c2", "c3", "c4", "c5"};
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_imaging_utils.c:317:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[16];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_imaging_utils.c:377:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[16];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_imaging_utils.c:436:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name1[16],name2[16];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_imaging_utils.c:665:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chipname[16];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_imaging_utils.c:684:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
vimos_names[i] = (char *)vimos_oldnames[i];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_imaging_utils.c:687:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
vimos_names[i] = (char *)vimos_newnames[i];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_imaging_utils.c:717:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chipname[16];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_imaging_utils.c:1251:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[16];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_imaging_utils.h:42:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *vimos_newnames[VIMOS_NEXTN] = {"BRIAN","Keith","Tom",
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_imaging_utils.h:44:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *vimos_oldnames[VIMOS_NEXTN] = {"CCD-59B","CCD-59A","CCD-60A",
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_imaging_utils.h:67:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[32];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_pfits.c:177:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[64];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_response.cc:108:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_COLNAME];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_response.cc:339:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_COLNAME];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_science_impl.cc:208:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char version[80];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_science_impl.cc:1676:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyname[40];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_science_impl.cc:1703:25: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(keyname, "ESO QC MOS EFFICIENCY%d LAMBDA",
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_science_impl.cc:1711:25: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(keyname, "ESO QC MOS EFFICIENCY%d", i + 1);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_science_impl.cc:2407:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_COLNAME];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmadf.c:429:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char descVal[81];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmadf.c:483:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char strValue[80];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmadf.c:1720:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char descVal[81];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmadfifutable.c:50:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char comment[80];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmccdtable.c:248:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char instMode[80];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmdetector.c:1359:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char comment[MAX_COMMENT_LENGTH];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmdetector.c:1533:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char comment[MAX_COMMENT_LENGTH];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmdistmodels.c:545:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[80];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmdistmodels.c:567:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(string, "%#.14E", optModX->coefs[i][j]);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmdistmodels.c:586:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(string, "%#.14E", optModY->coefs[i][j]);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmdistmodels.c:828:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[80];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmdistmodels.c:843:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(string, "%#.14E", crvMod->coefs[i]->coefs[j][k]);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmdistmodels.c:962:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[80];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmdistmodels.c:978:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(string, "%#.14E", idsMat->coefs[i]->coefs[j][k]);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmextractiontable.c:373:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char comment[72];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmextractiontable.c:781:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char colName[80];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmextractiontable.c:782:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char comment[80];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmextractiontable.c:943:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(colName,"CRV_POL_%d",i);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmextractiontable.c:959:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(colName,"INV_DIS_%d",i);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmextractiontable.c:1236:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char colName[80];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmextractiontable.c:1238:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *ttype[84], *tform[84], comment[80];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmextractiontable.c:1324:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(colName,"CRV_POL_%d",i);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmextractiontable.c:1332:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(colName,"INV_DIS_%d",i);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmextractiontable.h:157:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[VM_DESC_LENGTH];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmfit.c:1072:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
if (i || j) sprintf(pos, " (%d,%d)", i, j);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmfit.c:1073:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
else sprintf(pos, "(%d,%d)", i, j);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmgrismtable.c:100:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char descName[80];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmgrismtable.c:101:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char comment[80];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmgrismtable.c:122:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(descName,"ESO PRO SKY WLEN%d",i+1);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmifu.c:2388:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char colName[MAX_COLNAME];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmifu.c:2830:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char colName[MAX_COLNAME];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmifu.c:2977:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char colName[MAX_COLNAME];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmifu.c:3071:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char colName[MAX_COLNAME];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmifu.c:3239:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char colName[MAX_COLNAME];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmifu.c:3505:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char colName[MAX_COLNAME];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmifu.c:3743:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char colName[MAX_COLNAME];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmifu.c:3744:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bakName[MAX_COLNAME];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmifu.c:3887:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char distance[MAX_COLNAME];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmifu.c:3888:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char flux[MAX_COLNAME];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmifu.c:4025:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char distance[MAX_COLNAME];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmifu.c:4026:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char flux[MAX_COLNAME];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmifu.c:4146:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char distance[MAX_COLNAME];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmifu.c:4147:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char flux[MAX_COLNAME];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmifu.c:4460:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char colName[MAX_COLNAME];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmifu.c:4575:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char colName[MAX_COLNAME];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmifu.c:4684:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char colName[MAX_COLNAME];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmifu.c:4869:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char colName[MAX_COLNAME];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmifu.c:4971:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char colName[MAX_COLNAME];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmifu.c:5052:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char colName[MAX_COLNAME];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmifu.c:5158:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char colTrace[MAX_COLNAME];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmifu.c:5159:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char colSpectrum[MAX_COLNAME];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmifu.c:5379:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char colTrace[MAX_COLNAME];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmifu.c:5380:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char colSpectrum[MAX_COLNAME];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmifu.c:5483:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char colTrace[MAX_COLNAME];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmifu.c:5484:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char colSpectrum[MAX_COLNAME];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmifu.c:5676:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char colSpectrum[MAX_COLNAME];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmifu.c:5959:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char colName[MAX_COLNAME];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmifu.c:6176:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char colName[MAX_COLNAME];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmifu.c:6370:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char colName[MAX_COLNAME];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmifu.c:6503:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char colName[MAX_COLNAME];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmifu.c:6576:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char colName[MAX_COLNAME];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmifu.c:6583:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tablename[1024];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmifufibers.c:94:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char comment[80];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmifufibers.c:1576:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char comment[80];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmifuflat.c:68:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char comment[80];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmifuflat.c:133:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char comment[80];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmifuimage.c:64:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char comment[80];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmifuimage.c:192:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char comment[80];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmifusky.c:70:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char comment[80];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmifusphotcalib.c:71:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char comment[80];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmifutable.c:402:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char fileName[20] = "ifuTable.dat";
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmifutable.c:403:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ofp = fopen(fileName, "w");
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmifutable.c:458:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char comment[80];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmifutable.c:776:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *ttype[84], *tform[84];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmifutable.h:218:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[VM_DESC_LENGTH];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmifuutils.c:66:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char comment[80];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmifuutils.c:481:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char comment[80];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmimage.c:152:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[FLEN_KEYWORD], value[FLEN_VALUE], value1[FLEN_VALUE];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmimage.c:153:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char comment[FLEN_COMMENT], comment1[FLEN_COMMENT];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmimage.c:154:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type[1];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmimage.c:234:33: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tDesc = newIntDescriptor(name, atol(value), comment);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmimage.c:3071:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(extNames[i-2],"Not found");
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmimageset.c:276:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char inImaName[80];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmimageset.c:290:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((ifp = fopen(imageList,"r")) == NULL)
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmimgutils.c:350:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char valcoefX[80], valcoefY[80];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmimgutils.c:351:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char comment[COMMENT_LENGTH];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmimgutils.c:549:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char valcoefX[80],valcoefY[80];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmimgutils.c:550:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char comment[COMMENT_LENGTH];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmimgutils.c:727:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char comment[COMMENT_LENGTH];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmimgutils.c:728:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char valcoef[80] = "0.";
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmimgutils.c:852:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char comment[COMMENT_LENGTH];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmimgutils.c:909:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char comment[COMMENT_LENGTH];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmimgutils.c:922:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(*pafName, "w");
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmimgutils.c:1187:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char comment[COMMENT_LENGTH];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmimgutils.c:1201:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(*pafName, "w");
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmimgutils.c:1715:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char comment[COMMENT_LENGTH];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmlinecatalog.c:104:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char comment[80];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmlinecatalog.c:298:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *ttype[84], *tform[84];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmmossphotcalib.c:105:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char comment[80];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmmossphotcalib.c:272:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char comment[80];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmmossphotcalib.c:418:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char comment[80];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmmosutils.c:894:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char grismName[80];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmmosutils.c:895:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char grismId[80];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmmosutils.c:951:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char grismName[10];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmmosutils.c:952:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char grismId[80];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmmosutils.c:1480:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mshuString[80];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmmosutils.c:1707:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(pafName, "w");
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmmosutils.c:1904:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(pafName, "w");
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmmosutils.c:2030:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char grismName[80];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmmosutils.c:2031:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[PATHNAME_MAX + 1];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmmosutils.c:2051:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(pafName, "w");
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmmoswavecalib.c:140:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char comment[80];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmmoswavecalib.c:617:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char comment[80];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmmoswavecalib.c:922:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char comment[80];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmmoswavecalib.c:1082:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char insMode[80];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmobjecttable.c:251:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char comment[80];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmobjecttable.c:425:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *ttype[84], *tform[84];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmobjecttable.h:102:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[VM_DESC_LENGTH];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmqcutils.c:480:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(finalList, acceptedList, acceptedCount * sizeof(VimosImage *));
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmqcutils.c:481:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(finalList + acceptedCount, rejectedList,
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmqcutils.c:565:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char comment[COMMENT_LENGTH];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmqcutils.c:715:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char comment[COMMENT_LENGTH];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmqcutils.c:990:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(descName, "ESO ");
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmqcutils.c:1063:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(descName, "ESO ");
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmqcutils.c:1141:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(descName, "HIERARCH ESO ");
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmqcutils.c:1225:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(descName, "HIERARCH ESO ");
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmsphottable.c:102:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char comment[80];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmsphottable.c:251:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *ttype[84], *tform[84];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmtable.c:114:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(newDesc->descName, "Undefined");
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmtable.c:1230:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(newCol->colName, "Undefined");
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmtable.c:1525:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char descName[80];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmtable.c:2668:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(column->colName, name, sz);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmtable.c:3211:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(column->colName, source->colName, sz);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmtable.c:3260:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(column->colValue->p, source->colValue->p, nbytes);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmtable.c:3385:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[FLEN_KEYWORD], value[FLEN_VALUE], value1[FLEN_VALUE];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmtable.c:3386:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char comment[FLEN_COMMENT];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmtable.c:3387:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type[1];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmtable.c:3460:33: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tDesc = newIntDescriptor(name, atol(value), comment);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmtable.c:3517:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char charBuf[68];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmtable.c:3702:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tform[colNumber],"%dA",maxLength);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmtable.c:3819:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char comment[80];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmtable.c:3957:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char comment[80];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmtable.c:4166:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char card[FLEN_CARD];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmtable.h:191:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[VM_DESC_LENGTH];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmutils.c:986:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errText[50];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmutils.c:1086:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cval[FLEN_CARD];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmutils.c:1096:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errText[50];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmutils.c:1097:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char card[FLEN_CARD];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmutils.c:1098:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[FLEN_CARD];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmutils.c:1099:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char kname[FLEN_CARD];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmutils.c:1100:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char parName[FLEN_CARD];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmutils.c:1101:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char parValue[MAX_PLENGTH + 1];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmutils.c:1900:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[80];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmutils.c:1974:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char version[100] = PACKAGE_VERSION; //Defined in config.h
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmwcsutils.c:596:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char valcoef[80] = "0.";
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmwcsutils.c:669:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char comment[80];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmwcsutils.c:839:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (wcs->radecsys,"FK5");
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmwcsutils.c:841:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (wcs->radecsys,"FK4");
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmwcsutils.c:854:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (wcs->radecsys, "LINEAR");
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmwcsutils.c:858:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (wcs->radecout, "FK4");
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmwcsutils.c:860:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (wcs->radecout, "FK5");
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmwindowtable.c:543:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char comment[80];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmwindowtable.c:882:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *ttype[84], *tform[84];
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmwindowtable.h:173:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[VM_DESC_LENGTH];
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_fits.c:173:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nf = strlen(p->extname) + strlen(p->fname) + 3;
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_fits.c:173:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nf = strlen(p->extname) + strlen(p->fname) + 3;
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_getstds.c:1137:12: [1] (buffer) fscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
while (fscanf(fd,"%8191s %1023s %g %g %g %g",
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_getstds.c:1403:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (send(sock,buf,strlen(buf),0) < 0) {
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_getstds.c:1513:11: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
(void)strncpy(buf,url_encode(buf2),BUFSIZ);
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_getstds.c:1585:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(instring);
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_imcombine.c:279:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(expkey)) {
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_photcal_extinct.c:1011:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
j = strlen(v);
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_photcal_extinct.c:1079:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
j = strlen(v);
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_tfits.c:122:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nf = strlen(p->extname) + strlen(p->fname) + 3;
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_tfits.c:122:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nf = strlen(p->extname) + strlen(p->fname) + 3;
data/cpl-plugin-vimos-4.1.1+dfsg/casu/src/casu_utils.c:1272:11: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
(void)strncpy(out,c,len);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/actread.c:555:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lpath = strlen (cdpath) + 32;
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/actread.c:596:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (actfile) < 24)
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/actread.c:599:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (sc->isfil, actfile, 23);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/binread.c:298:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lname = strlen (star->objname) + 1;
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/binread.c:330:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lname = strlen (star->objname) + 1;
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/binread.c:362:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lname = strlen (star->objname) + 1;
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/binread.c:565:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lname = strlen (star->objname) + 1;
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/binread.c:616:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strlen (str) < 64) {
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/binread.c:627:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strlen (str) < 64) {
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/binread.c:637:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strlen (str) < 64)
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/binread.c:657:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (binpath, "/");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/binread.c:676:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
nr = (int) read (fcat, sc, 28);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/binread.c:738:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (binfile) < 24)
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/binread.c:741:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (sc->isfil, binfile, 23);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/binread.c:768:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lf = strlen (binfile);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/binread.c:917:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((int)read (sc->entadd, sc->catline, sc->nbent) < 1)
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catread.c:242:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lname = strlen (star->objname) + 1;
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catread.c:267:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lname = strlen (star->objname) + 1;
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catread.c:293:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lname = strlen (star->objname) + 1;
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catread.c:499:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lname = strlen (star->objname) + 1;
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catread.c:571:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (catpath, "/");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catread.c:625:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (header, sc->catbuff, lhead);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catread.c:629:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (header, sc->catbuff, 79);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catread.c:702:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (sc->isname, catdesc, ldesc);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catread.c:704:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (sc->isname, catdesc, 63);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catread.c:856:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (st->objname, token, 31);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catread.c:965:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (st->objname, token, 31);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catread.c:1069:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (value) > 0)
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:347:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lpath = (strlen (progpath0) + 2) / 8;
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:352:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = strlen (progpath); i > -1; i--) {
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:655:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lstr = strlen (string);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:954:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lstr = strlen (string);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:1070:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tokens->lline = strlen (string);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:1079:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
naddw = strlen (cwhite);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:1224:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (token, tokens->tok1[it], ltok);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:1249:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (token, tokens->tok1[it], ltok);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:1255:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (token, tokens->tok1[-it], ltok);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:1259:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (token, tokens->tok1[1], ltok);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:1311:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lastring = string + strlen (string);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:1314:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (keyword,keyword0, sizeof(keyword)-1);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:1327:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (skey, "=");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/catutil.c:1354:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pval = pval + strlen (skey);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/ctgread.c:297:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lname = strlen (star->objname) + 1;
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/ctgread.c:326:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lname = strlen (star->objname) + 1;
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/ctgread.c:356:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lname = strlen (star->objname) + 1;
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/ctgread.c:582:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lname = strlen (star->objname) + 1;
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/ctgread.c:655:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (catpath, "/");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/ctgread.c:693:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (catname) < 24)
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/ctgread.c:696:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (sc->isfil, catname, 23);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/ctgread.c:725:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (header, sc->catbuff+2, lhead-2);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/ctgread.c:729:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (header, sc->catbuff+1, lhead-1);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/ctgread.c:733:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (header, sc->catbuff, lhead);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/ctgread.c:840:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (sc->isname, catdesc+2, ldesc-2);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/ctgread.c:844:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (sc->isname, catdesc+1, ldesc-1);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/ctgread.c:848:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (sc->isname, catdesc, ldesc);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/ctgread.c:1020:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (st->objname, token, 31);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/ctgread.c:1165:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (st->objname, token, 31);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/ctgread.c:1294:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (value) > 0)
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/fileutil.c:187:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lastchar = token + strlen (token) - 1;
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/fitsfile.c:173:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
nbr = read (fd, fitsbuf, nbytes);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/fitsfile.c:207:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (headnext, fitsbuf, nbr);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/fitsfile.c:234:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (pheader, header, lprim);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/fitsfile.c:311:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
nbr = read (fd, fitsbuf, nbytes);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/fitsfile.c:354:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy (header, "SIMPLE ", 8);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/fitsfile.c:372:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (headend, pheader, lprim);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/fitsfile.c:457:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
nbread = read (fd, imleft, nbleft);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/fitsfile.c:685:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lpnam[ifield] = strlen (pw[ifield].kname);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/fitsfile.c:761:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
nbr = read (fd, tbuff, nbuff);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/fitsfile.c:774:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (line, tbuff, nbline);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/fitsfile.c:779:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (line, tbuff1, nbline);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/fitsfile.c:877:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (string, entry+kw->kf, length);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/fitsfile.c:1220:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
nbr = read (fdin, image, nbbuff);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/fortvimoswcs.c:328:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (coorsys, getvimoswcsout (vimoswcs), nc);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/fortvimoswcs.c:376:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (coorsys, getvimoswcsin (vimoswcs), nc);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/fortvimoswcs.c:400:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (coorsys, getradecsys (vimoswcs), nc);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hget.c:115:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lval = strlen (value);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hget.c:117:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (val, value, VLENGTH);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hget.c:164:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lval = strlen (value);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hget.c:166:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (val, value, VLENGTH);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hget.c:211:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lval = strlen (value);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hget.c:213:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (val, value, VLENGTH);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hget.c:308:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lval = strlen (value);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hget.c:310:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (val, value, VLENGTH);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hget.c:347:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lval = strlen (value);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hget.c:349:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (val, value, VLENGTH);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hget.c:572:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lval = strlen (value);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hget.c:576:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (stri, value, lstri-1);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hget.c:621:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lval = strlen (value);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hget.c:625:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (str, value, lstr-1);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hget.c:658:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nchar = strlen (value);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hget.c:715:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (keyword,keyword0, sizeof(keyword)-1);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hget.c:739:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (line,vpos,80);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hget.c:909:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lkey = strlen (keyword);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hget.c:998:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lhstr = strlen (hstring);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hget.c:1015:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lkey = strlen (keyword);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hget.c:1122:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (value) > 0)
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hget.c:1146:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ls1 = strlen (s1);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hget.c:1170:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ls2 = strlen (s2);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hget.c:1239:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lstr = strlen (string);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hput.c:149:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0; i < strlen (value); i++)
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hput.c:214:2: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (value, "T");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hput.c:216:2: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (value, "F");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hput.c:240:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lkw = strlen (keyword);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hput.c:249:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lroot = strlen (keyroot);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hput.c:259:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lcv = strlen (cval);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hput.c:261:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (newkey, "_");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hput.c:316:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lkeyword = strlen (keyword);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hput.c:322:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lcval = strlen (cval);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hput.c:328:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (&value[1],cval,lcval);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hput.c:365:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lkeyword = strlen (keyword);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hput.c:366:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lval = strlen (value);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hput.c:389:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (v2, v1, 80);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hput.c:395:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (v1,keyword,7);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hput.c:407:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (v1+9,value,lv1);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hput.c:432:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (v2, ve, 80);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hput.c:442:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (line, v1, 80);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hput.c:458:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (newcom, c1+1, lcom);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hput.c:462:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lcom = strlen (newcom);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hput.c:475:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (v1, keyword, lkeyword);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hput.c:484:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (vp, value, lval);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hput.c:492:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (vp, value, lval);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hput.c:503:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (vp, newcom, lcom);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hput.c:537:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lkeyword = strlen (keyword);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hput.c:539:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lcom = strlen (comment);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hput.c:555:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (v2, v1, 80);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hput.c:560:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (v1, keyword, lkeyword);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hput.c:576:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (line, v1, 80);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hput.c:594:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy (c0, "/ ",2);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hput.c:602:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (c1, comment, lcom);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hput.c:639:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (v, v2, 80);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hput.c:680:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (v2, v, 80);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hput.c:684:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lkey = strlen (keyword);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hput.c:685:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (hplace, keyword, lkey);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hput.c:722:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lv2 = strlen (keyword2);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hput.c:867:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (tstring) < lstr-1)
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hput.c:870:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (string, tstring, lstr-1);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hput.c:1009:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (tstring) < lstr-1)
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hput.c:1012:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (string, tstring, lstr-1);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hput.c:1061:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (tstring) < lstr-1)
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/hput.c:1064:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (string, tstring, lstr-1);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/iget.c:315:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lval = strlen (value);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/iget.c:319:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (str, value, lstr-1);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/iget.c:449:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lkey = strlen (keyword);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imhfile.c:263:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (newpixname);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imhfile.c:449:11: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
(void)strncpy (endline,"END", 3);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imhfile.c:493:11: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
(void)strncpy (fitsheader, endline, 80);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imhfile.c:569:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((lstr = strlen (objname)) < 8) {
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imhfile.c:594:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lname = strlen (hdrname);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imhfile.c:700:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
(void)strncpy (fhead, fitsline, 80);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imhfile.c:712:10: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
(void)strncpy (fhead, fitsline, 80);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imhfile.c:742:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
(void)strncpy (fhead, fitsline, 80);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imhfile.c:753:10: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
(void)strncpy (fhead, fitsline, 80);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imhfile.c:769:11: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
(void)strncpy (fhead, endline, 80);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imhfile.c:777:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy (endline," ",3);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imhfile.c:779:8: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
(void)strncpy (fp, endline,80);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imhfile.c:959:8: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
(void)strncpy (newpixname, hdrname, SZ_IM2PIXFILE);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imhfile.c:962:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (newpixname);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imhfile.c:977:8: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
(void)strncpy (newpixname, hdrname, SZ_IM2PIXFILE);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imhfile.c:980:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (newpixname);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imhfile.c:997:8: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
(void)strncpy (newpixname, hdrname, SZ_IM2PIXFILE);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imhfile.c:998:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (newpixname);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imhfile.c:1541:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nc = strlen (string);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imsetvimoswcs.c:163:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (matchcat) > 0) {
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imsetvimoswcs.c:480:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (imcatname) == 0)
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imsetvimoswcs.c:599:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strlen (imcatname) == 0)
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imsetvimoswcs.c:624:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strlen (imcatname) == 0)
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imsetvimoswcs.c:640:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strlen (imcatname) == 0)
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imvimoswcs.c:284:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str = str + strlen (str) - 1;
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imvimoswcs.c:305:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lastchar = filename + strlen (filename) - 1;
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imvimoswcs.c:484:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lname = strlen (fname);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imvimoswcs.c:486:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lext = strlen (ext);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imvimoswcs.c:487:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (newname, fname, lname - lext);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imvimoswcs.c:504:6: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (newname, "_");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imvimoswcs.c:510:6: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (newname, "m");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/imvimoswcs.c:512:6: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (newname, "r");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/matchstar.c:517:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lastchar = nextline + strlen(nextline) - 1;
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/slasubs.c:276:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen ( order );
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/tabread.c:242:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lname = strlen (star->objname) + 1;
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/tabread.c:273:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lname = strlen (star->objname) + 1;
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/tabread.c:305:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lname = strlen (star->objname) + 1;
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/tabread.c:501:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lname = strlen (star->objname) + 1;
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/tabread.c:697:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lval = strlen (value);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/tabread.c:749:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (tabname) < 24)
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/tabread.c:752:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (sc->isfil, tabname, 23);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/tabread.c:765:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (sc->keyid, startab->colname[i], startab->lcol[i]);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/tabread.c:769:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (sc->keyid, startab->colname[i], startab->lcol[i]);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/tabread.c:773:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (sc->keyid, startab->colname[i], startab->lcol[i]);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/tabread.c:788:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (sc->keyra, startab->colname[i], startab->lcol[i]);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/tabread.c:802:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (sc->keydec, startab->colname[i], startab->lcol[i]);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/tabread.c:818:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (sc->keymag1, startab->colname[i], startab->lcol[i]);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/tabread.c:862:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (cstr) > 0) {
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/tabread.c:894:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (cstr) > 0) {
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/tabread.c:947:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (sc->keytype, startab->colname[i], startab->lcol[i]);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/tabread.c:1040:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lnum = strlen (cstr);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/tabread.c:1113:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lnum = strlen (cnum);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/tabread.c:1252:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
taberr = (char *) calloc (64 + strlen (tabfile), 1);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/tabread.c:1261:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
taberr = (char *) calloc (64 + strlen (tabfile), 1);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/tabread.c:1272:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
taberr = (char *) calloc (64 + strlen (tabfile), 1);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/tabread.c:1282:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lname = strlen (tabfile) + 2;
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/tabread.c:1284:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
taberr = (char *) calloc (64 + strlen (tabfile), 1);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/tabread.c:1296:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
taberr = (char *) calloc (64 + strlen (tabfile), 1);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/tabread.c:1341:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (tabtable->tabname, thisname, nchar);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/tabread.c:1345:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lname = strlen (tabname);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/tabread.c:1376:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
taberr = (char *) calloc (64 + strlen (tabfile), 1);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/tabread.c:1625:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (string, entry, ncstr);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/tabread.c:1688:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lkey = strlen (keyword);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/tabread.c:1721:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (result, str0, ncstr);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/ty2read.c:514:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lpath = strlen (str) + 16;
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/ty2read.c:519:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lpath = strlen (ty2cd) + 16;
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/ty2read.c:583:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tabpath = (char *) malloc (strlen (str) + 16);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/ty2read.c:587:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tabpath = (char *) malloc (strlen (ty2cd) + 16);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/ty2read.c:760:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lpath = strlen(str) + 18;
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/ty2read.c:765:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lpath = strlen(ty2cd) + 18;
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/ty2read.c:803:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (ty2file) < 24)
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/ty2read.c:806:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (sc->isfil, ty2file, 23);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/uacread.c:948:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strlen (uapath) > 0)
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:351:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy (ctype1, "XLON",4);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:461:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy (ctype2+1, "LAT",3);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:468:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy (ctype2+1, "LAT",3);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:1431:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lcom = strlen (command);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:1558:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (coorsys == NULL || strlen (coorsys) < 1 ||
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:1567:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen(vimoswcs->radecout) - 1;
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:1570:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen(vimoswcs->radecout) - 1;
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:1573:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen(vimoswcs->radecout) - 1;
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:1584:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen(vimoswcs->radecout) - 1;
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:1587:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen(vimoswcs->radecout) - 1;
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:1590:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen(vimoswcs->radecout) - 1;
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:1667:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (coorsys == NULL || strlen (coorsys) < 1) {
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:1675:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen(vimoswcs->radecin) - 1;
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:1678:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen(vimoswcs->radecin) - 1;
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:1681:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen(vimoswcs->radecin) - 1;
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:1692:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen(vimoswcs->radecin) - 1;
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:1695:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen(vimoswcs->radecin) - 1;
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:1698:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen(vimoswcs->radecin) - 1;
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:1842:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy (vimoswcstring,"********* **********",lstr);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:1844:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy (vimoswcstring,"*******************",lstr);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:1869:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy (vimoswcstring,"************* *************",lstr);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:1871:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy (vimoswcstring,"**************************",lstr);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:1934:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (lstr > strlen(vimoswcs->radecout)+1 && vimoswcs->printsys) {
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:1936:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (vimoswcstring," ");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:1938:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (vimoswcstring," ");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:1947:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lstring = strlen (rastr) + strlen (decstr) + 1;
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:1947:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lstring = strlen (rastr) + strlen (decstr) + 1;
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:1948:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lunits = strlen (vimoswcs->units[0]) + strlen (vimoswcs->units[1]) + 2;
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:1948:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lunits = strlen (vimoswcs->units[0]) + strlen (vimoswcs->units[1]) + 2;
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:1951:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (vimoswcs->units[0]) > 0) {
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:1952:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (rastr, " ");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:1955:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (vimoswcs->units[1]) > 0) {
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:1956:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (decstr, " ");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:1970:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy (vimoswcstring,"********** *********",lstr);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:1972:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy (vimoswcstring,"*******************",lstr);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:1979:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (vimoswcs->units[0]) > 0) {
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:1980:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (vimoswcstring, " ");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:1983:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (vimoswcs->units[1]) > 0) {
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:1984:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (vimoswcstring, " ");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:2338:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
{ if (strlen (filename) < 256)
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:2341:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (vimoswcsfile, filename, 255);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:2353:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
{ if (strlen (vimoswcsfile) > 0)
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcs.c:2394:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lcom = strlen (vimoswcscomm) + 2;
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsfort.c:328:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (coorsys, getvimoswcsout (vimoswcs), nc);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsfort.c:376:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (coorsys, getvimoswcsin (vimoswcs), nc);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsfort.c:400:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (coorsys, getradecsys (vimoswcs), nc);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit.c:103:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (upname) == 1)
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit.c:133:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lstring = strlen (string);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit.c:296:2: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (vimoswcs->ctype[2], "");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit.c:299:2: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (vimoswcs->ctype[3], "");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit.c:819:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (vimoswcs->radecsys) == 0 || vimoswcs->prjcode == VIMOSWCS_LIN)
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit0.c:134:2: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (vimoswcs->ctype[2], "");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit0.c:136:2: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (vimoswcs->ctype[3], "");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit0.c:629:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (vimoswcs->radecsys) == 0 || vimoswcs->prjcode == VIMOSWCS_LIN)
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit1.c:134:2: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (vimoswcs->ctype[2], "");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit1.c:136:2: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (vimoswcs->ctype[3], "");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinit1.c:629:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (vimoswcs->radecsys) == 0 || vimoswcs->prjcode == VIMOSWCS_LIN)
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinitm.c:105:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (upname) == 1)
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinitm.c:135:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lstring = strlen (string);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinitm.c:296:2: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (vimoswcs->ctype[2], "");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinitm.c:299:2: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (vimoswcs->ctype[3], "");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcsinitm.c:818:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (vimoswcs->radecsys) == 0 || vimoswcs->prjcode == VIMOSWCS_LIN)
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcslib.c:428:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(vimoswcs->pcode, "");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcslib.c:429:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(requir, "");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/vimoswcslib.c:496:10: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(requir, "");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/webread.c:91:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lurl = strlen (caturl);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/webread.c:183:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (tabtable->tabdata == NULL || strlen (tabtable->tabdata) == 0) {
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/webread.c:243:6: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (numlist, ",");
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/webread.c:266:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (tabtable->tabdata == NULL || strlen (tabtable->tabdata) == 0) {
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/webread.c:325:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (server, servurl, lserver);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/webread.c:329:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lsrch = strlen (srchpar) + strlen (cgipart) + 2;
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/webread.c:329:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lsrch = strlen (srchpar) + strlen (cgipart) + 2;
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/webread.c:373:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lline = strlen (linebuff);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/webread.c:380:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lline = strlen (linebuff);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/webread.c:413:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nc = nc + strlen (linebuff);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/webread.c:415:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lbuff = 100 * strlen (linebuff);
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/webread.c:447:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lname = strlen (caturl) + 2;
data/cpl-plugin-vimos-4.1.1+dfsg/external/libwcs/webread.c:457:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lname = strlen (srchpar) + 2;
data/cpl-plugin-vimos-4.1.1+dfsg/irplib/irplib_framelist.c:1171:17: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
cpl_boolean equal;
data/cpl-plugin-vimos-4.1.1+dfsg/irplib/irplib_framelist.c:1193:14: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if (!equal) {
data/cpl-plugin-vimos-4.1.1+dfsg/irplib/irplib_framelist.c:1205:14: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if (!equal) {
data/cpl-plugin-vimos-4.1.1+dfsg/irplib/irplib_framelist.c:1217:14: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if (!equal) {
data/cpl-plugin-vimos-4.1.1+dfsg/irplib/irplib_framelist.c:1229:14: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if (!equal) {
data/cpl-plugin-vimos-4.1.1+dfsg/irplib/irplib_framelist.c:1241:14: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if (!equal) {
data/cpl-plugin-vimos-4.1.1+dfsg/irplib/irplib_framelist.c:1253:14: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if (!equal) {
data/cpl-plugin-vimos-4.1.1+dfsg/irplib/irplib_framelist.c:1264:14: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if (!equal) {
data/cpl-plugin-vimos-4.1.1+dfsg/irplib/irplib_framelist.c:1279:10: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if (!equal) {
data/cpl-plugin-vimos-4.1.1+dfsg/irplib/irplib_framelist.c:1284:12: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
return equal;
data/cpl-plugin-vimos-4.1.1+dfsg/irplib/irplib_sdp_spectrum.c:923:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n1 = strlen(va[i]);
data/cpl-plugin-vimos-4.1.1+dfsg/irplib/irplib_sdp_spectrum.c:924:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n2 = strlen(vb[i]);
data/cpl-plugin-vimos-4.1.1+dfsg/irplib/irplib_sdp_spectrum.c:1283:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t keylen = strlen(keyword_table[mid].name);
data/cpl-plugin-vimos-4.1.1+dfsg/irplib/irplib_sdp_spectrum.c:1302:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(record->name) != strlen(name)) {
data/cpl-plugin-vimos-4.1.1+dfsg/irplib/irplib_sdp_spectrum.c:1302:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(record->name) != strlen(name)) {
data/cpl-plugin-vimos-4.1.1+dfsg/irplib/irplib_sdp_spectrum.c:1306:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const char *c = name + strlen(record->name);
data/cpl-plugin-vimos-4.1.1+dfsg/irplib/irplib_sdp_spectrum.c:2621:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cpl_size extra_length = (extra != NULL ? (cpl_size) strlen(extra) : 0);
data/cpl-plugin-vimos-4.1.1+dfsg/irplib/irplib_sdp_spectrum.c:2655:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name_length = (cpl_size) strlen(name);
data/cpl-plugin-vimos-4.1.1+dfsg/irplib/irplib_sdp_spectrum.c:2659:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fragment_length = (cpl_size) strlen(fragment);
data/cpl-plugin-vimos-4.1.1+dfsg/irplib/irplib_sdp_spectrum.c:2673:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(writepos, fragment, bytesleft);
data/cpl-plugin-vimos-4.1.1+dfsg/irplib/irplib_sdp_spectrum.c:2676:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(writepos, name, bytesleft);
data/cpl-plugin-vimos-4.1.1+dfsg/irplib/irplib_sdp_spectrum.c:2683:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(writepos, join_fragment, bytesleft);
data/cpl-plugin-vimos-4.1.1+dfsg/irplib/irplib_sdp_spectrum.c:2684:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bytesleft -= (cpl_size) strlen(join_fragment);
data/cpl-plugin-vimos-4.1.1+dfsg/irplib/irplib_sdp_spectrum.c:2685:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
writepos += (cpl_size) strlen(join_fragment);
data/cpl-plugin-vimos-4.1.1+dfsg/irplib/irplib_sdp_spectrum.c:2686:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(writepos, extra, bytesleft);
data/cpl-plugin-vimos-4.1.1+dfsg/irplib/irplib_sdp_spectrum.c:2690:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(writepos, end_fragment, bytesleft);
data/cpl-plugin-vimos-4.1.1+dfsg/irplib/tests/irplib_utils-test.c:177:21: [1] (buffer) sscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
cpl_test_assert(sscanf(line, "%31s %16lf", &str[0], &val) != EOF);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/kazlib/dict.c:1236:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int sz = strlen(str) + 1;
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/kazlib/hash.c:882:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int sz = strlen(str) + 1;
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/kazlib/list.c:817:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int sz = strlen(str) + 1;
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/getopt.c:234:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
# if (!defined __STDC__ || !__STDC__) && !defined strlen
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/getopt.c:237:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
extern int strlen (const char *);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/getopt.c:428:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = nonoption_flags_max_len = strlen (orig_str);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/getopt.c:656:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
== (unsigned int) strlen (p->name))
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/getopt.c:683:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nextchar += strlen (nextchar);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/getopt.c:715:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nextchar += strlen (nextchar);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/getopt.c:731:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nextchar += strlen (nextchar);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/getopt.c:736:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nextchar += strlen (nextchar);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/getopt.c:847:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((unsigned int) (nameend - nextchar) == strlen (p->name))
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/getopt.c:870:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nextchar += strlen (nextchar);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/getopt.c:890:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nextchar += strlen (nextchar);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/getopt.c:904:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nextchar += strlen (nextchar);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/getopt.c:908:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nextchar += strlen (nextchar);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilcdb.c:121:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!name || strlen(name) == 0)
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilcdb.c:399:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t sz = strlen(value);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilcdb.c:402:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (sz++ > strlen(db_value->value)) {
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilcdb.c:828:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
parString[count] = (char *)pil_calloc(strlen(db_key) + 5, sizeof(char));
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilcdb.c:835:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
parString[count] = (char *)pil_calloc(strlen(db_key)
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilcdb.c:836:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(db_data->value) + 5,
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilcdb.c:841:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
parString[count] = (char *)pil_calloc(strlen(db_key)
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilcdb.c:842:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(db_data->value) + 2,
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pildfsconfig.c:150:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (sz != strlen(path))
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pildfsconfig.c:198:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!s || *(s + strlen(instrument)) != '\0') {
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pildfsconfig.c:199:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sz = strlen(root);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pildfsconfig.c:203:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sz += strlen(instrument) + 2;
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pildfsconfig.c:212:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(s, instrument, strlen(instrument) + 1);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pildfsconfig.c:705:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (filename && strlen(filename) > 0) {
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilfileutils.c:98:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p += strlen(path) - 1;
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilfileutils.c:160:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(src) > PIL_PATHNAME_MAX)
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilfileutils.c:163:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(spath, src, PIL_PATHNAME_MAX);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilfileutils.c:171:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(tpath, "/");
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilfileutils.c:177:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(tpath, "/");
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilfileutils.c:188:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sz = strlen(tpath);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilfileutils.c:193:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sz = strlen(tpath);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilfileutils.c:197:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sz += strlen(s) + 1;
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilfileutils.c:203:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(tpath, "/");
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilfileutils.c:223:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(tpath) > PIL_PATHNAME_MAX)
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilfileutils.c:226:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(dest, tpath, PIL_PATHNAME_MAX);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilfileutils.c:404:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(filename) > PIL_PATHNAME_MAX)
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilfileutils.c:407:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tfile, filename, PIL_PATHNAME_MAX);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilfileutils.c:422:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(basename, s + 1, PIL_PATHNAME_MAX);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilfileutils.c:424:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(basename, tfile, PIL_PATHNAME_MAX);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilfileutils.c:470:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(dirname, filename, sz);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilfileutils.c:537:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(pwordexp.we_wordv[0]) > PIL_PATHNAME_MAX) {
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilfileutils.c:541:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tpath, pwordexp.we_wordv[0], PIL_PATHNAME_MAX);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilfileutils.c:583:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (*(filepath + strlen(filepath) - 1) == '/')
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilframe.c:266:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((length = strlen(filename)) > PIL_PATHNAME_MAX)
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilframe.c:269:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (length++ > strlen(frame->filename))
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilmessages.c:356:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
startTerminalLine = strlen(messageTerminal);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilmessages.c:371:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(messageLog, " ");
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilmessages.c:372:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(messageTerminal, " ");
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilmessages.c:764:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(name) >= MAX_RECIPE_NAME) {
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilmessages.c:765:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(recipeName, name, MAX_RECIPE_NAME);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilpaf.c:137:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sz = (strlen((char *)value) + 1) * sizeof(char);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilpaf.c:629:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(record->name) + 1 > PAF_RECORD_MAX)
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilpaf.c:637:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sz = strlen(record->name);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilpaf.c:638:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buffer, record->name, sz);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilpaf.c:664:25: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(value, ".");
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilpaf.c:682:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sz = strlen(value);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilpaf.c:691:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(&buffer[pos], value, sz);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilpaf.c:710:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(&buffer[pos], "# ", 2);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilpaf.c:712:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sz = strlen(record->comment);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilpaf.c:713:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(&buffer[pos], record->comment, sz);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilpaf.c:1210:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sz = strlen(name);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilpaf.c:1607:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t sz = strlen(comment);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilpaf.c:1609:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (sz != strlen(record->comment)) {
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilqc.c:187:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int length = strlen(INSTRUMENT) + 1;
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilqc.c:192:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length += strlen(comment) + 1;
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilqc.c:234:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int length = strlen(INSTRUMENT) + 1;
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilqc.c:239:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length += strlen(comment) + 1;
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilqc.c:242:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length += strlen(unit) + 3;
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilqc.c:283:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int length = strlen(INSTRUMENT) + 1;
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilqc.c:288:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length += strlen(comment) + 1;
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilqc.c:291:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length += strlen(unit) + 3;
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilrecipe.c:287:20: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((rbytes = read(src, buf, blksize)) > 0)
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilrecipe.c:422:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(group, name, sz);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilrecipe.c:593:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen(common_options[i++].opt.name);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilrecipe.c:600:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen(parg[i++].name);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilrecipe.c:911:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name = name + strlen(group) + 1;
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilrecipe.c:1009:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sz = strlen(path) + strlen(prefix);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilrecipe.c:1009:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sz = strlen(path) + strlen(prefix);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilrecipe.c:1039:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sz = strlen(path) + strlen(pilRecGetName());
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilrecipe.c:1039:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sz = strlen(path) + strlen(pilRecGetName());
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilrecipe.c:1056:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sz = strlen(path) + strlen(pilFrmGetCategory(frame));
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilrecipe.c:1056:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sz = strlen(path) + strlen(pilFrmGetCategory(frame));
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilrecipe.c:1059:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(category, pilFrmGetCategory(frame), PIL_CATEGORY_MAX);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilrecipe.c:1074:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sz = strlen(name);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilrecipe.c:1079:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (sz + strlen(".fits") <= PIL_PATHNAME_MAX)
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilrecipe.c:1095:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (sz + strlen(".paf") <= PIL_PATHNAME_MAX)
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilrecipe.c:1769:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name = name + strlen(group) + 1;
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilstrutils.c:84:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sz = strlen(string) + 1;
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/piltask.c:200:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (argc < 1 || !argv || !argv[0] || strlen(argv[0]) > PIL_PATHNAME_MAX)
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/piltranslator.c:1143:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(p);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/piltranslator.c:1249:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(p);
data/cpl-plugin-vimos-4.1.1+dfsg/libpil/pil/pilutils.c:145:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
t = s + strlen(s) - 1;
data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/hdrl_imagelist_io.c:489:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const int msgmin = (int)strlen(msg) - 5;
data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/hdrl_imagelist_io.c:502:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const int imsgmin = (int)strlen(imsg) - 5;
data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/hdrl_imagelist_io.c:548:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const int imsgmin = (int)strlen(imsg) - 5;
data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/hdrl_utils.c:346:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const char * sep = strlen(prefix) > 0 ? "." : "";
data/cpl-plugin-vimos-4.1.1+dfsg/mosca/hdrl/hdrl_utils.c:391:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (val == NULL || strlen(val) == 0) {
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vimos_ima_fringe.c:827:19: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
(void)strncpy(filter,"unknown",16);
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vimos_ima_fringe.c:829:19: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
(void)strncpy(dateobs,"1900-01-01T00:00:00.000",32);
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vimos_ima_fringe.c:837:15: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
(void)strcpy(outfname,"");
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vimos_ima_science.c:1078:17: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(pcat,cpl_propertylist_get_string(pp,"EXTNAME"),32);
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vimos_ima_science.c:1087:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(pcat,cpl_propertylist_get_string(pp,"PHOTCAT"),32);
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vimos_ima_science.c:1091:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(pcat,junk1,32);
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vimos_ima_science.c:1122:21: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(photosys,cpl_propertylist_get_string(pp,"PHOTOSYS"),8);
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vimos_ima_science.c:2793:15: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
(void)strcpy(outfname,"");
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vimos_ima_standard.c:943:17: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(photosys,cpl_propertylist_get_string(pp,"PHOTOSYS"),8);
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vimos_ima_standard.c:1829:15: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
(void)strcpy(outfname,"");
data/cpl-plugin-vimos-4.1.1+dfsg/recipes/vmifucombinecube.cc:509:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tplStart, astart, 24);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/moses.c:19570:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int nbands = strlen(bands);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_dfs.c:337:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *filename = cpl_calloc(strlen(category) + 6, sizeof(char));
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_dfs.c:1080:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
filename = cpl_calloc(strlen(category) + 6, sizeof(char));
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_dfs.c:1255:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
filename = cpl_calloc(strlen(category) + 6, sizeof(char));
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_dfs.c:1513:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char * filename = cpl_calloc(strlen(tag) + 6, sizeof(char));
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_dfs.c:1552:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char * filename = cpl_calloc(strlen(tag) + 6, sizeof(char));
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vimos_dfs.c:1604:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char * filename = cpl_calloc(strlen(tag) + 6, sizeof(char));
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmccdtable.c:66:9: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(currentColumn->colName,"X");
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmccdtable.c:71:9: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(currentColumn->colName,"Y");
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmcpl.c:443:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
group = context + strlen("vimos.");
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmfit.c:686:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0; i < (int)strlen(s); i++) {
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmfit.c:1074:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmimage.c:189:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen(name) == 0 ) {
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmimage.c:201:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(comment1);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmimageset.c:305:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nChar = strlen(inImaName);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmimgutils.c:918:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = sizeof(char) * (strlen(namePAF)+7);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmimgutils.c:1197:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = sizeof(char) * (strlen(namePAF)+7);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmmosutils.c:1701:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = sizeof(char) * (strlen(namePAF)+7);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmmosutils.c:1898:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = sizeof(char) * (strlen(namePAF)+7);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmmosutils.c:2047:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(filename) + 1;
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmqcutils.c:983:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
descName = cpl_malloc((strlen(name) + 5) * sizeof(char *));
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmqcutils.c:1056:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
descName = cpl_malloc((strlen(name) + 5) * sizeof(char *));
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmqcutils.c:1134:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
descName = cpl_malloc((strlen(name) + 15) * sizeof(char *));
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmqcutils.c:1218:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
descName = cpl_malloc((strlen(name) + 15) * sizeof(char *));
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmtable.c:140:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(newDesc->descComment, "");
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmtable.c:241:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sz = strlen(value);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmtable.c:652:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tDesc->len = strlen(value);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmtable.c:1032:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nchar = strlen(str);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmtable.c:1045:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((pos+strlen(pos)) == (descName+nchar)) delDesc = currDesc;
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmtable.c:1640:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nchar = strlen(name);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmtable.c:1673:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((pos + strlen(pos)) == (descName + nchar)) {
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmtable.c:1731:7: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(comment, "");
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmtable.c:1742:7: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(comment, "");
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmtable.c:1767:7: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(comment, "");
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmtable.c:1795:7: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(comment, "");
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmtable.c:1806:7: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(comment, "");
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmtable.c:1831:7: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(comment, "");
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmtable.c:1859:7: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(comment, "");
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmtable.c:1874:7: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(comment, "");
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmtable.c:1902:7: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(comment, "");
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmtable.c:1930:7: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(comment, "");
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmtable.c:1941:7: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(comment, "");
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmtable.c:1966:7: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(comment, "");
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmtable.c:1992:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(val, "");
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmtable.c:1995:7: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(comment, "");
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmtable.c:2003:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(val, "");
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmtable.c:2006:7: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(comment, "");
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmtable.c:2028:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(val, "");
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmtable.c:2031:7: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(comment, "");
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmtable.c:2082:7: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(comment, "");
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmtable.c:2093:7: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(comment, "");
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmtable.c:2127:7: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(comment, "");
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmtable.c:2156:7: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(comment, "");
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmtable.c:2167:7: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(comment, "");
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmtable.c:2201:7: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(comment, "");
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmtable.c:2231:7: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(comment, "");
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmtable.c:2242:7: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(comment, "");
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmtable.c:2276:7: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(comment, "");
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmtable.c:2665:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((sz = strlen(name)) > VM_DESC_LENGTH - 1)
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmtable.c:3206:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((sz = strlen(name)) > VM_DESC_LENGTH - 1) {
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmtable.c:3429:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen(name) == 0 ) {
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmtable.c:3697:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen(stArray[i])+1;
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmutils.c:137:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nBlanks = PAF_VALUE_POSITION - strlen(name);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmutils.c:175:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nBlanks = PAF_VALUE_POSITION - strlen(name);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmutils.c:211:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nBlanks = PAF_VALUE_POSITION - strlen(name);
data/cpl-plugin-vimos-4.1.1+dfsg/vimos/vmwcsutils.c:853:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (wcs->radecsys) == 0 || wcs->prjcode == VIMOSWCS_LIN)
ANALYSIS SUMMARY:
Hits = 2786
Lines analyzed = 330200 in approximately 8.56 seconds (38583 lines/second)
Physical Source Lines of Code (SLOC) = 186089
Hits@level = [0] 1193 [1] 513 [2] 1583 [3] 67 [4] 603 [5] 20
Hits@level+ = [0+] 3979 [1+] 2786 [2+] 2273 [3+] 690 [4+] 623 [5+] 20
Hits/KSLOC@level+ = [0+] 21.3822 [1+] 14.9713 [2+] 12.2146 [3+] 3.7079 [4+] 3.34786 [5+] 0.107475
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.