Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/cpprest-2.10.16/Release/include/cpprest/astreambuf.h
Examining data/cpprest-2.10.16/Release/include/cpprest/asyncrt_utils.h
Examining data/cpprest-2.10.16/Release/include/cpprest/base_uri.h
Examining data/cpprest-2.10.16/Release/include/cpprest/containerstream.h
Examining data/cpprest-2.10.16/Release/include/cpprest/details/SafeInt3.hpp
Examining data/cpprest-2.10.16/Release/include/cpprest/details/basic_types.h
Examining data/cpprest-2.10.16/Release/include/cpprest/details/cpprest_compat.h
Examining data/cpprest-2.10.16/Release/include/cpprest/details/fileio.h
Examining data/cpprest-2.10.16/Release/include/cpprest/details/http_helpers.h
Examining data/cpprest-2.10.16/Release/include/cpprest/details/http_server.h
Examining data/cpprest-2.10.16/Release/include/cpprest/details/http_server_api.h
Examining data/cpprest-2.10.16/Release/include/cpprest/details/nosal.h
Examining data/cpprest-2.10.16/Release/include/cpprest/details/resource.h
Examining data/cpprest-2.10.16/Release/include/cpprest/details/web_utilities.h
Examining data/cpprest-2.10.16/Release/include/cpprest/filestream.h
Examining data/cpprest-2.10.16/Release/include/cpprest/http_client.h
Examining data/cpprest-2.10.16/Release/include/cpprest/http_compression.h
Examining data/cpprest-2.10.16/Release/include/cpprest/http_headers.h
Examining data/cpprest-2.10.16/Release/include/cpprest/http_listener.h
Examining data/cpprest-2.10.16/Release/include/cpprest/http_msg.h
Examining data/cpprest-2.10.16/Release/include/cpprest/interopstream.h
Examining data/cpprest-2.10.16/Release/include/cpprest/json.h
Examining data/cpprest-2.10.16/Release/include/cpprest/oauth1.h
Examining data/cpprest-2.10.16/Release/include/cpprest/oauth2.h
Examining data/cpprest-2.10.16/Release/include/cpprest/producerconsumerstream.h
Examining data/cpprest-2.10.16/Release/include/cpprest/rawptrstream.h
Examining data/cpprest-2.10.16/Release/include/cpprest/streams.h
Examining data/cpprest-2.10.16/Release/include/cpprest/uri.h
Examining data/cpprest-2.10.16/Release/include/cpprest/uri_builder.h
Examining data/cpprest-2.10.16/Release/include/cpprest/version.h
Examining data/cpprest-2.10.16/Release/include/cpprest/ws_client.h
Examining data/cpprest-2.10.16/Release/include/cpprest/ws_msg.h
Examining data/cpprest-2.10.16/Release/include/pplx/pplx.h
Examining data/cpprest-2.10.16/Release/include/pplx/pplxcancellation_token.h
Examining data/cpprest-2.10.16/Release/include/pplx/pplxconv.h
Examining data/cpprest-2.10.16/Release/include/pplx/pplxinterface.h
Examining data/cpprest-2.10.16/Release/include/pplx/pplxlinux.h
Examining data/cpprest-2.10.16/Release/include/pplx/pplxtasks.h
Examining data/cpprest-2.10.16/Release/include/pplx/pplxwin.h
Examining data/cpprest-2.10.16/Release/include/pplx/threadpool.h
Examining data/cpprest-2.10.16/Release/samples/BingRequest/bingrequest.cpp
Examining data/cpprest-2.10.16/Release/samples/BlackJack/BlackJack_Client/BlackJackClient.cpp
Examining data/cpprest-2.10.16/Release/samples/BlackJack/BlackJack_Server/BlackJack_Server.cpp
Examining data/cpprest-2.10.16/Release/samples/BlackJack/BlackJack_Server/Dealer.cpp
Examining data/cpprest-2.10.16/Release/samples/BlackJack/BlackJack_Server/Table.cpp
Examining data/cpprest-2.10.16/Release/samples/BlackJack/BlackJack_Server/Table.h
Examining data/cpprest-2.10.16/Release/samples/BlackJack/BlackJack_Server/messagetypes.h
Examining data/cpprest-2.10.16/Release/samples/BlackJack/BlackJack_Server/stdafx.cpp
Examining data/cpprest-2.10.16/Release/samples/BlackJack/BlackJack_Server/stdafx.h
Examining data/cpprest-2.10.16/Release/samples/BlackJack/BlackJack_UIClient/App.xaml.cpp
Examining data/cpprest-2.10.16/Release/samples/BlackJack/BlackJack_UIClient/App.xaml.h
Examining data/cpprest-2.10.16/Release/samples/BlackJack/BlackJack_UIClient/CardShape.xaml.cpp
Examining data/cpprest-2.10.16/Release/samples/BlackJack/BlackJack_UIClient/CardShape.xaml.h
Examining data/cpprest-2.10.16/Release/samples/BlackJack/BlackJack_UIClient/Player.xaml.cpp
Examining data/cpprest-2.10.16/Release/samples/BlackJack/BlackJack_UIClient/Player.xaml.h
Examining data/cpprest-2.10.16/Release/samples/BlackJack/BlackJack_UIClient/PlayingTable.xaml.cpp
Examining data/cpprest-2.10.16/Release/samples/BlackJack/BlackJack_UIClient/PlayingTable.xaml.h
Examining data/cpprest-2.10.16/Release/samples/BlackJack/BlackJack_UIClient/messagetypes.h
Examining data/cpprest-2.10.16/Release/samples/BlackJack/BlackJack_UIClient/pch.cpp
Examining data/cpprest-2.10.16/Release/samples/BlackJack/BlackJack_UIClient/pch.h
Examining data/cpprest-2.10.16/Release/samples/CasaLens/casalens.cpp
Examining data/cpprest-2.10.16/Release/samples/CasaLens/casalens.h
Examining data/cpprest-2.10.16/Release/samples/CasaLens/datafetcher.cpp
Examining data/cpprest-2.10.16/Release/samples/CasaLens/stdafx.cpp
Examining data/cpprest-2.10.16/Release/samples/CasaLens/stdafx.h
Examining data/cpprest-2.10.16/Release/samples/FacebookDemo/App.xaml.cpp
Examining data/cpprest-2.10.16/Release/samples/FacebookDemo/App.xaml.h
Examining data/cpprest-2.10.16/Release/samples/FacebookDemo/Facebook.cpp
Examining data/cpprest-2.10.16/Release/samples/FacebookDemo/Facebook.h
Examining data/cpprest-2.10.16/Release/samples/FacebookDemo/MainPage.xaml.cpp
Examining data/cpprest-2.10.16/Release/samples/FacebookDemo/MainPage.xaml.h
Examining data/cpprest-2.10.16/Release/samples/FacebookDemo/pch.cpp
Examining data/cpprest-2.10.16/Release/samples/FacebookDemo/pch.h
Examining data/cpprest-2.10.16/Release/samples/OAuth2Live/App.xaml.cpp
Examining data/cpprest-2.10.16/Release/samples/OAuth2Live/App.xaml.h
Examining data/cpprest-2.10.16/Release/samples/OAuth2Live/MainPage.xaml.cpp
Examining data/cpprest-2.10.16/Release/samples/OAuth2Live/MainPage.xaml.h
Examining data/cpprest-2.10.16/Release/samples/OAuth2Live/pch.cpp
Examining data/cpprest-2.10.16/Release/samples/OAuth2Live/pch.h
Examining data/cpprest-2.10.16/Release/samples/Oauth1Client/Oauth1Client.cpp
Examining data/cpprest-2.10.16/Release/samples/Oauth2Client/Oauth2Client.cpp
Examining data/cpprest-2.10.16/Release/samples/SearchFile/searchfile.cpp
Examining data/cpprest-2.10.16/Release/samples/WindowsLiveAuth/App.xaml.cpp
Examining data/cpprest-2.10.16/Release/samples/WindowsLiveAuth/App.xaml.h
Examining data/cpprest-2.10.16/Release/samples/WindowsLiveAuth/MainPage.xaml.cpp
Examining data/cpprest-2.10.16/Release/samples/WindowsLiveAuth/MainPage.xaml.h
Examining data/cpprest-2.10.16/Release/samples/WindowsLiveAuth/live_connect.h
Examining data/cpprest-2.10.16/Release/samples/WindowsLiveAuth/pch.cpp
Examining data/cpprest-2.10.16/Release/samples/WindowsLiveAuth/pch.h
Examining data/cpprest-2.10.16/Release/src/http/client/http_client.cpp
Examining data/cpprest-2.10.16/Release/src/http/client/http_client_asio.cpp
Examining data/cpprest-2.10.16/Release/src/http/client/http_client_impl.h
Examining data/cpprest-2.10.16/Release/src/http/client/http_client_msg.cpp
Examining data/cpprest-2.10.16/Release/src/http/client/http_client_winhttp.cpp
Examining data/cpprest-2.10.16/Release/src/http/client/http_client_winrt.cpp
Examining data/cpprest-2.10.16/Release/src/http/client/x509_cert_utilities.cpp
Examining data/cpprest-2.10.16/Release/src/http/common/connection_pool_helpers.h
Examining data/cpprest-2.10.16/Release/src/http/common/http_compression.cpp
Examining data/cpprest-2.10.16/Release/src/http/common/http_helpers.cpp
Examining data/cpprest-2.10.16/Release/src/http/common/http_msg.cpp
Examining data/cpprest-2.10.16/Release/src/http/common/internal_http_helpers.h
Examining data/cpprest-2.10.16/Release/src/http/common/x509_cert_utilities.h
Examining data/cpprest-2.10.16/Release/src/http/listener/http_listener.cpp
Examining data/cpprest-2.10.16/Release/src/http/listener/http_listener_msg.cpp
Examining data/cpprest-2.10.16/Release/src/http/listener/http_server_api.cpp
Examining data/cpprest-2.10.16/Release/src/http/listener/http_server_asio.cpp
Examining data/cpprest-2.10.16/Release/src/http/listener/http_server_httpsys.cpp
Examining data/cpprest-2.10.16/Release/src/http/listener/http_server_httpsys.h
Examining data/cpprest-2.10.16/Release/src/http/listener/http_server_impl.h
Examining data/cpprest-2.10.16/Release/src/http/oauth/oauth1.cpp
Examining data/cpprest-2.10.16/Release/src/http/oauth/oauth2.cpp
Examining data/cpprest-2.10.16/Release/src/json/json.cpp
Examining data/cpprest-2.10.16/Release/src/json/json_parsing.cpp
Examining data/cpprest-2.10.16/Release/src/json/json_serialization.cpp
Examining data/cpprest-2.10.16/Release/src/pch/stdafx.cpp
Examining data/cpprest-2.10.16/Release/src/pch/stdafx.h
Examining data/cpprest-2.10.16/Release/src/pplx/pplx.cpp
Examining data/cpprest-2.10.16/Release/src/pplx/pplxapple.cpp
Examining data/cpprest-2.10.16/Release/src/pplx/pplxlinux.cpp
Examining data/cpprest-2.10.16/Release/src/pplx/pplxwin.cpp
Examining data/cpprest-2.10.16/Release/src/pplx/threadpool.cpp
Examining data/cpprest-2.10.16/Release/src/streams/fileio_posix.cpp
Examining data/cpprest-2.10.16/Release/src/streams/fileio_win32.cpp
Examining data/cpprest-2.10.16/Release/src/streams/fileio_winrt.cpp
Examining data/cpprest-2.10.16/Release/src/uri/uri.cpp
Examining data/cpprest-2.10.16/Release/src/uri/uri_builder.cpp
Examining data/cpprest-2.10.16/Release/src/utilities/asyncrt_utils.cpp
Examining data/cpprest-2.10.16/Release/src/utilities/base64.cpp
Examining data/cpprest-2.10.16/Release/src/utilities/web_utilities.cpp
Examining data/cpprest-2.10.16/Release/src/websockets/client/ws_client.cpp
Examining data/cpprest-2.10.16/Release/src/websockets/client/ws_client_impl.h
Examining data/cpprest-2.10.16/Release/src/websockets/client/ws_client_winrt.cpp
Examining data/cpprest-2.10.16/Release/src/websockets/client/ws_client_wspp.cpp
Examining data/cpprest-2.10.16/Release/src/websockets/client/ws_msg.cpp
Examining data/cpprest-2.10.16/Release/tests/common/TestRunner/test_module_loader.cpp
Examining data/cpprest-2.10.16/Release/tests/common/TestRunner/test_module_loader.h
Examining data/cpprest-2.10.16/Release/tests/common/TestRunner/test_runner.cpp
Examining data/cpprest-2.10.16/Release/tests/common/UnitTestpp/config.h
Examining data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/AssertException.cpp
Examining data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/AssertException.h
Examining data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/CheckMacros.h
Examining data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/Checks.h
Examining data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/CompositeTestReporter.cpp
Examining data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/CompositeTestReporter.h
Examining data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/CurrentTest.cpp
Examining data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/CurrentTest.h
Examining data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/DeferredTestReporter.cpp
Examining data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/DeferredTestReporter.h
Examining data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/DeferredTestResult.cpp
Examining data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/DeferredTestResult.h
Examining data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/ExceptionMacros.h
Examining data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/ExecuteTest.h
Examining data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/GlobalSettings.cpp
Examining data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/GlobalSettings.h
Examining data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/HelperMacros.h
Examining data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/MemoryOutStream.cpp
Examining data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/MemoryOutStream.h
Examining data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/Posix/SignalTranslator.cpp
Examining data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/Posix/SignalTranslator.h
Examining data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/Posix/TimeHelpers.cpp
Examining data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/Posix/TimeHelpers.h
Examining data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/ReportAssert.cpp
Examining data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/ReportAssert.h
Examining data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/ReportAssertImpl.h
Examining data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/Test.cpp
Examining data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/Test.h
Examining data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/TestDetails.cpp
Examining data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/TestDetails.h
Examining data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/TestList.cpp
Examining data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/TestList.h
Examining data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/TestMacros.h
Examining data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/TestProperties.h
Examining data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/TestReporter.cpp
Examining data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/TestReporter.h
Examining data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/TestReporterStdout.cpp
Examining data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/TestReporterStdout.h
Examining data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/TestResults.cpp
Examining data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/TestResults.h
Examining data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/TestRunner.cpp
Examining data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/TestRunner.h
Examining data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/TestSuite.h
Examining data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/TimeHelpers.h
Examining data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/Win32/TimeHelpers.cpp
Examining data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/Win32/TimeHelpers.h
Examining data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/XmlTestReporter.cpp
Examining data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/XmlTestReporter.h
Examining data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/stdafx.cpp
Examining data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/stdafx.h
Examining data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/tests/RecordingReporter.h
Examining data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/tests/ScopedCurrentTest.h
Examining data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/tests/TestAssertHandler.cpp
Examining data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/tests/TestCheckMacros.cpp
Examining data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/tests/TestChecks.cpp
Examining data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/tests/TestCompositeTestReporter.cpp
Examining data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/tests/TestCurrentTest.cpp
Examining data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/tests/TestDeferredTestReporter.cpp
Examining data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/tests/TestMemoryOutStream.cpp
Examining data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/tests/TestTest.cpp
Examining data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/tests/TestTestList.cpp
Examining data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/tests/TestTestMacros.cpp
Examining data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/tests/TestTestResults.cpp
Examining data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/tests/TestTestRunner.cpp
Examining data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/tests/TestTestSuite.cpp
Examining data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/tests/TestUnitTestPP.cpp
Examining data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/tests/TestXmlTestReporter.cpp
Examining data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/tests/stdafx.cpp
Examining data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/tests/stdafx.h
Examining data/cpprest-2.10.16/Release/tests/common/UnitTestpp/unittestpp.h
Examining data/cpprest-2.10.16/Release/tests/common/utilities/include/common_utilities_public.h
Examining data/cpprest-2.10.16/Release/tests/common/utilities/include/locale_guard.h
Examining data/cpprest-2.10.16/Release/tests/common/utilities/include/os_utilities.h
Examining data/cpprest-2.10.16/Release/tests/common/utilities/os_utilities.cpp
Examining data/cpprest-2.10.16/Release/tests/functional/http/client/building_request_tests.cpp
Examining data/cpprest-2.10.16/Release/tests/functional/http/client/client_construction.cpp
Examining data/cpprest-2.10.16/Release/tests/functional/http/client/compression_tests.cpp
Examining data/cpprest-2.10.16/Release/tests/functional/http/client/connection_pool_tests.cpp
Examining data/cpprest-2.10.16/Release/tests/functional/http/client/header_tests.cpp
Examining data/cpprest-2.10.16/Release/tests/functional/http/client/http_client_fuzz_tests.cpp
Examining data/cpprest-2.10.16/Release/tests/functional/http/client/http_client_tests.cpp
Examining data/cpprest-2.10.16/Release/tests/functional/http/client/http_client_tests.h
Examining data/cpprest-2.10.16/Release/tests/functional/http/client/http_methods_tests.cpp
Examining data/cpprest-2.10.16/Release/tests/functional/http/client/multiple_requests.cpp
Examining data/cpprest-2.10.16/Release/tests/functional/http/client/oauth1_tests.cpp
Examining data/cpprest-2.10.16/Release/tests/functional/http/client/oauth2_tests.cpp
Examining data/cpprest-2.10.16/Release/tests/functional/http/client/outside_tests.cpp
Examining data/cpprest-2.10.16/Release/tests/functional/http/client/pipeline_stage_tests.cpp
Examining data/cpprest-2.10.16/Release/tests/functional/http/client/progress_handler_tests.cpp
Examining data/cpprest-2.10.16/Release/tests/functional/http/client/proxy_tests.cpp
Examining data/cpprest-2.10.16/Release/tests/functional/http/client/request_helper_tests.cpp
Examining data/cpprest-2.10.16/Release/tests/functional/http/client/request_stream_tests.cpp
Examining data/cpprest-2.10.16/Release/tests/functional/http/client/request_uri_tests.cpp
Examining data/cpprest-2.10.16/Release/tests/functional/http/client/response_extract_tests.cpp
Examining data/cpprest-2.10.16/Release/tests/functional/http/client/response_stream_tests.cpp
Examining data/cpprest-2.10.16/Release/tests/functional/http/client/status_code_reason_phrase_tests.cpp
Examining data/cpprest-2.10.16/Release/tests/functional/http/client/stdafx.cpp
Examining data/cpprest-2.10.16/Release/tests/functional/http/client/stdafx.h
Examining data/cpprest-2.10.16/Release/tests/functional/http/client/timeout_handler.h
Examining data/cpprest-2.10.16/Release/tests/functional/http/client/to_string_tests.cpp
Examining data/cpprest-2.10.16/Release/tests/functional/http/client/authentication_tests.cpp
Examining data/cpprest-2.10.16/Release/tests/functional/http/client/connections_and_errors.cpp
Examining data/cpprest-2.10.16/Release/tests/functional/http/client/redirect_tests.cpp
Examining data/cpprest-2.10.16/Release/tests/functional/http/listener/building_response_tests.cpp
Examining data/cpprest-2.10.16/Release/tests/functional/http/listener/connections_and_errors.cpp
Examining data/cpprest-2.10.16/Release/tests/functional/http/listener/header_tests.cpp
Examining data/cpprest-2.10.16/Release/tests/functional/http/listener/http_listener_tests.h
Examining data/cpprest-2.10.16/Release/tests/functional/http/listener/listener_construction_tests.cpp
Examining data/cpprest-2.10.16/Release/tests/functional/http/listener/reply_helper_tests.cpp
Examining data/cpprest-2.10.16/Release/tests/functional/http/listener/request_extract_tests.cpp
Examining data/cpprest-2.10.16/Release/tests/functional/http/listener/request_handler_tests.cpp
Examining data/cpprest-2.10.16/Release/tests/functional/http/listener/request_relative_uri_tests.cpp
Examining data/cpprest-2.10.16/Release/tests/functional/http/listener/request_stream_tests.cpp
Examining data/cpprest-2.10.16/Release/tests/functional/http/listener/requests_tests.cpp
Examining data/cpprest-2.10.16/Release/tests/functional/http/listener/response_stream_tests.cpp
Examining data/cpprest-2.10.16/Release/tests/functional/http/listener/status_code_reason_phrase_tests.cpp
Examining data/cpprest-2.10.16/Release/tests/functional/http/listener/stdafx.cpp
Examining data/cpprest-2.10.16/Release/tests/functional/http/listener/stdafx.h
Examining data/cpprest-2.10.16/Release/tests/functional/http/listener/to_string_tests.cpp
Examining data/cpprest-2.10.16/Release/tests/functional/http/utilities/http_asserts.cpp
Examining data/cpprest-2.10.16/Release/tests/functional/http/utilities/include/http_asserts.h
Examining data/cpprest-2.10.16/Release/tests/functional/http/utilities/include/http_test_utilities.h
Examining data/cpprest-2.10.16/Release/tests/functional/http/utilities/include/http_test_utilities_public.h
Examining data/cpprest-2.10.16/Release/tests/functional/http/utilities/include/test_http_client.h
Examining data/cpprest-2.10.16/Release/tests/functional/http/utilities/include/test_http_server.h
Examining data/cpprest-2.10.16/Release/tests/functional/http/utilities/include/test_server_utilities.h
Examining data/cpprest-2.10.16/Release/tests/functional/http/utilities/stdafx.cpp
Examining data/cpprest-2.10.16/Release/tests/functional/http/utilities/stdafx.h
Examining data/cpprest-2.10.16/Release/tests/functional/http/utilities/test_http_client.cpp
Examining data/cpprest-2.10.16/Release/tests/functional/http/utilities/test_http_server.cpp
Examining data/cpprest-2.10.16/Release/tests/functional/http/utilities/test_server_utilities.cpp
Examining data/cpprest-2.10.16/Release/tests/functional/json/construction_tests.cpp
Examining data/cpprest-2.10.16/Release/tests/functional/json/fuzz_tests.cpp
Examining data/cpprest-2.10.16/Release/tests/functional/json/iterator_tests.cpp
Examining data/cpprest-2.10.16/Release/tests/functional/json/json_numbers_tests.cpp
Examining data/cpprest-2.10.16/Release/tests/functional/json/negative_parsing_tests.cpp
Examining data/cpprest-2.10.16/Release/tests/functional/json/parsing_tests.cpp
Examining data/cpprest-2.10.16/Release/tests/functional/json/to_as_and_operators_tests.cpp
Examining data/cpprest-2.10.16/Release/tests/functional/misc/atl_headers/Resource.h
Examining data/cpprest-2.10.16/Release/tests/functional/misc/atl_headers/header_test1.cpp
Examining data/cpprest-2.10.16/Release/tests/functional/misc/atl_headers/header_test2.cpp
Examining data/cpprest-2.10.16/Release/tests/functional/pplx/pplx_test/pplx_op_test.cpp
Examining data/cpprest-2.10.16/Release/tests/functional/pplx/pplx_test/pplx_task_options.cpp
Examining data/cpprest-2.10.16/Release/tests/functional/pplx/pplx_test/pplxtask_tests.cpp
Examining data/cpprest-2.10.16/Release/tests/functional/pplx/pplx_test/stdafx.cpp
Examining data/cpprest-2.10.16/Release/tests/functional/pplx/pplx_test/stdafx.h
Examining data/cpprest-2.10.16/Release/tests/functional/streams/CppSparseFile.cpp
Examining data/cpprest-2.10.16/Release/tests/functional/streams/CppSparseFile.h
Examining data/cpprest-2.10.16/Release/tests/functional/streams/fstreambuf_tests.cpp
Examining data/cpprest-2.10.16/Release/tests/functional/streams/fuzz_tests.cpp
Examining data/cpprest-2.10.16/Release/tests/functional/streams/memstream_tests.cpp
Examining data/cpprest-2.10.16/Release/tests/functional/streams/ostream_tests.cpp
Examining data/cpprest-2.10.16/Release/tests/functional/streams/prefix.h
Examining data/cpprest-2.10.16/Release/tests/functional/streams/stdafx.cpp
Examining data/cpprest-2.10.16/Release/tests/functional/streams/stdafx.h
Examining data/cpprest-2.10.16/Release/tests/functional/streams/stdstream_tests.cpp
Examining data/cpprest-2.10.16/Release/tests/functional/streams/streams_tests.h
Examining data/cpprest-2.10.16/Release/tests/functional/streams/winrt_interop_tests.cpp
Examining data/cpprest-2.10.16/Release/tests/functional/streams/istream_tests.cpp
Examining data/cpprest-2.10.16/Release/tests/functional/uri/accessor_tests.cpp
Examining data/cpprest-2.10.16/Release/tests/functional/uri/combining_tests.cpp
Examining data/cpprest-2.10.16/Release/tests/functional/uri/constructor_tests.cpp
Examining data/cpprest-2.10.16/Release/tests/functional/uri/conversions_tests.cpp
Examining data/cpprest-2.10.16/Release/tests/functional/uri/diagnostic_tests.cpp
Examining data/cpprest-2.10.16/Release/tests/functional/uri/encoding_tests.cpp
Examining data/cpprest-2.10.16/Release/tests/functional/uri/operator_tests.cpp
Examining data/cpprest-2.10.16/Release/tests/functional/uri/resolve_uri_tests.cpp
Examining data/cpprest-2.10.16/Release/tests/functional/uri/splitting_tests.cpp
Examining data/cpprest-2.10.16/Release/tests/functional/uri/stdafx.cpp
Examining data/cpprest-2.10.16/Release/tests/functional/uri/stdafx.h
Examining data/cpprest-2.10.16/Release/tests/functional/uri/uri_builder_tests.cpp
Examining data/cpprest-2.10.16/Release/tests/functional/uri/uri_tests.h
Examining data/cpprest-2.10.16/Release/tests/functional/utils/base64.cpp
Examining data/cpprest-2.10.16/Release/tests/functional/utils/datetime.cpp
Examining data/cpprest-2.10.16/Release/tests/functional/utils/macro_test.cpp
Examining data/cpprest-2.10.16/Release/tests/functional/utils/nonce_generator_tests.cpp
Examining data/cpprest-2.10.16/Release/tests/functional/utils/stdafx.cpp
Examining data/cpprest-2.10.16/Release/tests/functional/utils/stdafx.h
Examining data/cpprest-2.10.16/Release/tests/functional/utils/strings.cpp
Examining data/cpprest-2.10.16/Release/tests/functional/utils/utils_tests.h
Examining data/cpprest-2.10.16/Release/tests/functional/utils/win32_encryption_tests.cpp
Examining data/cpprest-2.10.16/Release/tests/functional/websockets/client/client_construction.cpp
Examining data/cpprest-2.10.16/Release/tests/functional/websockets/client/close_tests.cpp
Examining data/cpprest-2.10.16/Release/tests/functional/websockets/client/error_tests.cpp
Examining data/cpprest-2.10.16/Release/tests/functional/websockets/client/proxy_tests.cpp
Examining data/cpprest-2.10.16/Release/tests/functional/websockets/client/receive_msg_tests.cpp
Examining data/cpprest-2.10.16/Release/tests/functional/websockets/client/send_msg_tests.cpp
Examining data/cpprest-2.10.16/Release/tests/functional/websockets/client/stdafx.cpp
Examining data/cpprest-2.10.16/Release/tests/functional/websockets/client/stdafx.h
Examining data/cpprest-2.10.16/Release/tests/functional/websockets/client/websocket_client_tests.h
Examining data/cpprest-2.10.16/Release/tests/functional/websockets/client/authentication_tests.cpp
Examining data/cpprest-2.10.16/Release/tests/functional/websockets/utilities/stdafx.cpp
Examining data/cpprest-2.10.16/Release/tests/functional/websockets/utilities/stdafx.h
Examining data/cpprest-2.10.16/Release/tests/functional/websockets/utilities/test_websocket_server.cpp
Examining data/cpprest-2.10.16/Release/tests/functional/websockets/utilities/test_websocket_server.h
FINAL RESULTS:
data/cpprest-2.10.16/Release/samples/CasaLens/casalens.cpp:141:9: [4] (format) wprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
wprintf(U("Usage: casalens.exe port\n"));
data/cpprest-2.10.16/Release/samples/Oauth1Client/Oauth1Client.cpp:69:11: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
(void)system(browser_cmd.c_str());
data/cpprest-2.10.16/Release/samples/Oauth1Client/Oauth1Client.cpp:73:11: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
(void)system(browser_cmd.c_str());
data/cpprest-2.10.16/Release/samples/Oauth2Client/Oauth2Client.cpp:72:11: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
(void)system(browser_cmd.c_str());
data/cpprest-2.10.16/Release/samples/Oauth2Client/Oauth2Client.cpp:76:11: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
(void)system(browser_cmd.c_str());
data/cpprest-2.10.16/Release/src/http/client/http_client_asio.cpp:188:16: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
boost::system::error_code error;
data/cpprest-2.10.16/Release/src/http/client/http_client_asio.cpp:193:12: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
boost::system::error_code cancel()
data/cpprest-2.10.16/Release/src/http/client/http_client_asio.cpp:196:16: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
boost::system::error_code error;
data/cpprest-2.10.16/Release/src/http/client/http_client_asio.cpp:210:55: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
bool was_reused_and_closed_by_server(const boost::system::error_code& ec) const
data/cpprest-2.10.16/Release/src/http/client/http_client_asio.cpp:236:24: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (boost::system::error_code(ERR_PACK(ERR_LIB_SSL, 0, SSL_R_SHORT_READ),
data/cpprest-2.10.16/Release/src/http/client/http_client_asio.cpp:336:16: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
boost::system::error_code error_ignored;
data/cpprest-2.10.16/Release/src/http/client/http_client_asio.cpp:433:69: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
self.m_pool_epoch_timer.async_wait([weak_pool](const boost::system::error_code& ec) {
data/cpprest-2.10.16/Release/src/http/client/http_client_asio.cpp:595:42: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
void handle_resolve(const boost::system::error_code& ec, tcp::resolver::iterator endpoints)
data/cpprest-2.10.16/Release/src/http/client/http_client_asio.cpp:613:46: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
void handle_tcp_connect(const boost::system::error_code& ec, tcp::resolver::iterator endpoints)
data/cpprest-2.10.16/Release/src/http/client/http_client_asio.cpp:653:48: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
void handle_write_request(const boost::system::error_code& err)
data/cpprest-2.10.16/Release/src/http/client/http_client_asio.cpp:671:46: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
void handle_status_line(const boost::system::error_code& ec)
data/cpprest-2.10.16/Release/src/http/client/http_client_asio.cpp:968:36: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
const boost::system::error_code& ec,
data/cpprest-2.10.16/Release/src/http/client/http_client_asio.cpp:985:38: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (ec == boost::system::errc::broken_pipe)
data/cpprest-2.10.16/Release/src/http/client/http_client_asio.cpp:991:38: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (ec == boost::system::errc::connection_refused)
data/cpprest-2.10.16/Release/src/http/client/http_client_asio.cpp:998:32: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
boost::system::errc::no_such_file_or_directory) // bug in boost error_code mapping
data/cpprest-2.10.16/Release/src/http/client/http_client_asio.cpp:1009:38: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
void handle_connect(const boost::system::error_code& ec, tcp::resolver::iterator endpoints)
data/cpprest-2.10.16/Release/src/http/client/http_client_asio.cpp:1017:39: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
else if (ec.value() == boost::system::errc::operation_canceled ||
data/cpprest-2.10.16/Release/src/http/client/http_client_asio.cpp:1048:38: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
void handle_resolve(const boost::system::error_code& ec, tcp::resolver::iterator endpoints)
data/cpprest-2.10.16/Release/src/http/client/http_client_asio.cpp:1100:40: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
void handle_handshake(const boost::system::error_code& ec)
data/cpprest-2.10.16/Release/src/http/client/http_client_asio.cpp:1141:44: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
void handle_write_headers(const boost::system::error_code& ec)
data/cpprest-2.10.16/Release/src/http/client/http_client_asio.cpp:1160:49: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
void handle_write_chunked_body(const boost::system::error_code& ec)
data/cpprest-2.10.16/Release/src/http/client/http_client_asio.cpp:1223:47: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
void handle_write_large_body(const boost::system::error_code& ec)
data/cpprest-2.10.16/Release/src/http/client/http_client_asio.cpp:1276:41: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
void handle_write_body(const boost::system::error_code& ec)
data/cpprest-2.10.16/Release/src/http/client/http_client_asio.cpp:1307:42: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
void handle_status_line(const boost::system::error_code& ec)
data/cpprest-2.10.16/Release/src/http/client/http_client_asio.cpp:1351:54: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
void handle_failed_read_status_line(const boost::system::error_code& ec, const char* generic_error_message)
data/cpprest-2.10.16/Release/src/http/client/http_client_asio.cpp:1528:43: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
void handle_chunk_header(const boost::system::error_code& ec)
data/cpprest-2.10.16/Release/src/http/client/http_client_asio.cpp:1547:37: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
boost::system::error_code(),
data/cpprest-2.10.16/Release/src/http/client/http_client_asio.cpp:1607:36: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
void handle_chunk(const boost::system::error_code& ec, int to_read)
data/cpprest-2.10.16/Release/src/http/client/http_client_asio.cpp:1717:43: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
void handle_read_content(const boost::system::error_code& ec)
data/cpprest-2.10.16/Release/src/http/client/http_client_asio.cpp:1875:88: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
m_timer.async_wait([ctx AND_CAPTURE_MEMBER_FUNCTION_POINTERS](const boost::system::error_code& ec) {
data/cpprest-2.10.16/Release/src/http/client/http_client_asio.cpp:1889:92: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
m_timer.async_wait([ctx AND_CAPTURE_MEMBER_FUNCTION_POINTERS](const boost::system::error_code& ec) {
data/cpprest-2.10.16/Release/src/http/client/http_client_asio.cpp:1905:49: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
static void handle_timeout(const boost::system::error_code& ec, const std::weak_ptr<asio_context>& ctx)
data/cpprest-2.10.16/Release/src/http/listener/http_server_asio.cpp:196:87: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
void on_accept(std::unique_ptr<boost::asio::ip::tcp::socket> socket, const boost::system::error_code& ec);
data/cpprest-2.10.16/Release/src/http/listener/http_server_asio.cpp:309:74: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
const boost::system::error_code& ec);
data/cpprest-2.10.16/Release/src/http/listener/http_server_asio.cpp:393:37: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
[this](const boost::system::error_code&) { (will_deref_and_erase_t) this->start_request_response(); });
data/cpprest-2.10.16/Release/src/http/listener/http_server_asio.cpp:414:58: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
will_deref_and_erase_t handle_http_line(const boost::system::error_code& ec);
data/cpprest-2.10.16/Release/src/http/listener/http_server_asio.cpp:416:43: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
will_deref_t handle_body(const boost::system::error_code& ec);
data/cpprest-2.10.16/Release/src/http/listener/http_server_asio.cpp:417:53: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
will_deref_t handle_chunked_header(const boost::system::error_code& ec);
data/cpprest-2.10.16/Release/src/http/listener/http_server_asio.cpp:418:51: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
will_deref_t handle_chunked_body(const boost::system::error_code& ec, int toWrite);
data/cpprest-2.10.16/Release/src/http/listener/http_server_asio.cpp:472:95: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
will_deref_and_erase_t handle_headers_written(const http_response& response, const boost::system::error_code& ec);
data/cpprest-2.10.16/Release/src/http/listener/http_server_asio.cpp:474:69: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
const boost::system::error_code& ec);
data/cpprest-2.10.16/Release/src/http/listener/http_server_asio.cpp:476:71: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
const boost::system::error_code& ec);
data/cpprest-2.10.16/Release/src/http/listener/http_server_asio.cpp:477:96: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
will_deref_and_erase_t handle_response_written(const http_response& response, const boost::system::error_code& ec);
data/cpprest-2.10.16/Release/src/http/listener/http_server_asio.cpp:537:67: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
m_acceptor->async_accept(*socket, [this, socket](const boost::system::error_code& ec) {
data/cpprest-2.10.16/Release/src/http/listener/http_server_asio.cpp:550:16: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
boost::system::error_code ec;
data/cpprest-2.10.16/Release/src/http/listener/http_server_asio.cpp:567:73: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
*m_ssl_stream, m_request_buf, CRLFCRLF, [this](const boost::system::error_code& ec, std::size_t) {
data/cpprest-2.10.16/Release/src/http/listener/http_server_asio.cpp:576:59: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
[this](const boost::system::error_code& ec, std::size_t) {
data/cpprest-2.10.16/Release/src/http/listener/http_server_asio.cpp:583:89: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
void hostport_listener::on_accept(std::unique_ptr<ip::tcp::socket> socket, const boost::system::error_code& ec)
data/cpprest-2.10.16/Release/src/http/listener/http_server_asio.cpp:597:16: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
boost::system::error_code error_ignored;
data/cpprest-2.10.16/Release/src/http/listener/http_server_asio.cpp:612:23: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
catch (boost::system::system_error&)
data/cpprest-2.10.16/Release/src/http/listener/http_server_asio.cpp:626:77: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
m_acceptor->async_accept(*newSocket, [this, newSocket](const boost::system::error_code& ec) {
data/cpprest-2.10.16/Release/src/http/listener/http_server_asio.cpp:634:78: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
will_deref_and_erase_t asio_server_connection::handle_http_line(const boost::system::error_code& ec)
data/cpprest-2.10.16/Release/src/http/listener/http_server_asio.cpp:750:16: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
boost::system::error_code socket_ec;
data/cpprest-2.10.16/Release/src/http/listener/http_server_asio.cpp:836:33: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
[this](const boost::system::error_code& ec, size_t) { (will_deref_t) this->handle_body(ec); });
data/cpprest-2.10.16/Release/src/http/listener/http_server_asio.cpp:842:73: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
will_deref_t asio_server_connection::handle_chunked_header(const boost::system::error_code& ec)
data/cpprest-2.10.16/Release/src/http/listener/http_server_asio.cpp:865:75: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
async_read_until_buffersize(len + 2, [this, len](const boost::system::error_code& ec, size_t) {
data/cpprest-2.10.16/Release/src/http/listener/http_server_asio.cpp:873:71: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
will_deref_t asio_server_connection::handle_chunked_body(const boost::system::error_code& ec, int toWrite)
data/cpprest-2.10.16/Release/src/http/listener/http_server_asio.cpp:903:63: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
will_deref_t asio_server_connection::handle_body(const boost::system::error_code& ec)
data/cpprest-2.10.16/Release/src/http/listener/http_server_asio.cpp:934:41: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
[this](const boost::system::error_code& ec, size_t) { (will_deref_t) this->handle_body(ec); });
data/cpprest-2.10.16/Release/src/http/listener/http_server_asio.cpp:950:82: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
boost::asio::async_write(*m_ssl_stream, m_response_buf, [=](const boost::system::error_code& ec, std::size_t) {
data/cpprest-2.10.16/Release/src/http/listener/http_server_asio.cpp:956:78: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
boost::asio::async_write(*m_socket, m_response_buf, [=](const boost::system::error_code& ec, std::size_t) {
data/cpprest-2.10.16/Release/src/http/listener/http_server_asio.cpp:968:69: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
*m_ssl_stream, m_request_buf, CRLF, [this](const boost::system::error_code& ec, size_t) {
data/cpprest-2.10.16/Release/src/http/listener/http_server_asio.cpp:975:65: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
*m_socket, m_request_buf, CRLF, [this](const boost::system::error_code& ec, size_t) {
data/cpprest-2.10.16/Release/src/http/listener/http_server_asio.cpp:1122:91: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
const boost::system::error_code& ec)
data/cpprest-2.10.16/Release/src/http/listener/http_server_asio.cpp:1161:89: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
const boost::system::error_code& ec)
data/cpprest-2.10.16/Release/src/http/listener/http_server_asio.cpp:1189:84: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
const boost::system::error_code& ec)
data/cpprest-2.10.16/Release/src/http/listener/http_server_asio.cpp:1206:85: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
const boost::system::error_code& ec)
data/cpprest-2.10.16/Release/src/json/json_serialization.cpp:166:24: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
numChars = snprintf(tempBuffer, tempSize, "%" PRId64, m_number.m_intval);
data/cpprest-2.10.16/Release/src/json/json_serialization.cpp:168:24: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
numChars = snprintf(tempBuffer, tempSize, "%" PRIu64, m_number.m_uintval);
data/cpprest-2.10.16/Release/src/utilities/asyncrt_utils.cpp:793:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(outCursor,
data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/DeferredTestResult.cpp:50:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
std::strcpy(failureStr, failureStr_);
data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/MemoryOutStream.cpp:68:5: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(txt, format, value);
data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/MemoryOutStream.cpp:97:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(m_buffer, txt);
data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/MemoryOutStream.cpp:175:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buffer, m_buffer);
data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/TestReporterStdout.cpp:65:5: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stdout, format, args);
data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/tests/RecordingReporter.h:74:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(lastStartedSuite, test.suiteName);
data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/tests/RecordingReporter.h:75:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(lastStartedTest, test.testName);
data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/tests/RecordingReporter.h:83:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(lastFailedFile, test.filename);
data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/tests/RecordingReporter.h:85:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(lastFailedSuite, test.suiteName);
data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/tests/RecordingReporter.h:86:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(lastFailedTest, test.testName);
data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/tests/RecordingReporter.h:87:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(lastFailedMessage, failure);
data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/tests/RecordingReporter.h:95:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(lastFinishedSuite, test.suiteName);
data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/tests/RecordingReporter.h:96:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(lastFinishedTest, test.testName);
data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/tests/TestDeferredTestReporter.cpp:136:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(failureMessage, goodStr);
data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/tests/TestDeferredTestReporter.cpp:138:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(failureMessage, badStr);
data/cpprest-2.10.16/Release/samples/BingRequest/bingrequest.cpp:38:43: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (const char* env_http_proxy = std::getenv("http_proxy"))
data/cpprest-2.10.16/Release/src/pplx/pplxwin.cpp:55:6: [3] (misc) InitializeCriticalSection:
Exceptions can be thrown in low-memory situations. Use
InitializeCriticalSectionAndSpinCount instead.
void InitializeCriticalSection(LPCRITICAL_SECTION _cs)
data/cpprest-2.10.16/Release/src/pplx/pplxwin.cpp:61:11: [3] (misc) InitializeCriticalSection:
Exceptions can be thrown in low-memory situations. Use
InitializeCriticalSectionAndSpinCount instead.
::InitializeCriticalSection(_cs);
data/cpprest-2.10.16/Release/src/pplx/pplxwin.cpp:116:15: [3] (misc) InitializeCriticalSection:
Exceptions can be thrown in low-memory situations. Use
InitializeCriticalSectionAndSpinCount instead.
platform::InitializeCriticalSection(reinterpret_cast<LPCRITICAL_SECTION>(&_M_impl));
data/cpprest-2.10.16/Release/src/pplx/pplxwin.cpp:124:47: [3] (misc) EnterCriticalSection:
On some versions of Windows, exceptions can be thrown in low-memory
situations. Use InitializeCriticalSectionAndSpinCount instead.
_PPLXIMP void critical_section_impl::lock() { EnterCriticalSection(reinterpret_cast<LPCRITICAL_SECTION>(&_M_impl)); }
data/cpprest-2.10.16/Release/tests/common/TestRunner/test_runner.cpp:518:24: [3] (misc) LoadLibrary:
Ensure that the full path to the library is specified, or current directory
may be used (CWE-829, CWE-20). Use registry entry or GetWindowsDirectory to
find library path, if you aren't already.
HMODULE hComBase = LoadLibrary(L"combase.dll");
data/cpprest-2.10.16/Release/tests/functional/streams/stdstream_tests.cpp:720:16: [3] (random) setstate:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
inFile.setstate(std::ios::failbit);
data/cpprest-2.10.16/Release/include/cpprest/details/SafeInt3.hpp:155:29: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define C_ASSERT(e) typedef char __C_ASSERT__[(e) ? 1 : -1]
data/cpprest-2.10.16/Release/include/cpprest/filestream.h:542:26: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
std::memcpy(
data/cpprest-2.10.16/Release/include/cpprest/filestream.h:586:14: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
std::memcpy((void*)ptr, this->m_info->m_buffer + bufoff * sizeof(_CharType), copy * sizeof(_CharType));
data/cpprest-2.10.16/Release/include/cpprest/filestream.h:714:68: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
static pplx::task<std::shared_ptr<basic_streambuf<_CharType>>> open(
data/cpprest-2.10.16/Release/include/cpprest/filestream.h:731:68: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
static pplx::task<std::shared_ptr<basic_streambuf<_CharType>>> open(
data/cpprest-2.10.16/Release/include/cpprest/filestream.h:957:45: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
static pplx::task<streambuf<_CharType>> open(const utility::string_t& file_name,
data/cpprest-2.10.16/Release/include/cpprest/filestream.h:966:59: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
auto bfb = details::basic_file_buffer<_CharType>::open(file_name, mode, prot);
data/cpprest-2.10.16/Release/include/cpprest/filestream.h:981:45: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
static pplx::task<streambuf<_CharType>> open(::Windows::Storage::StorageFile ^ file,
data/cpprest-2.10.16/Release/include/cpprest/filestream.h:984:59: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
auto bfb = details::basic_file_buffer<_CharType>::open(file, mode);
data/cpprest-2.10.16/Release/include/cpprest/filestream.h:1022:49: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return streams::file_buffer<_CharType>::open(file_name, mode, prot)
data/cpprest-2.10.16/Release/include/cpprest/filestream.h:1047:49: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return streams::file_buffer<_CharType>::open(file_name, mode, prot)
data/cpprest-2.10.16/Release/include/cpprest/filestream.h:1064:49: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return streams::file_buffer<_CharType>::open(file, mode)
data/cpprest-2.10.16/Release/include/cpprest/filestream.h:1082:49: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return streams::file_buffer<_CharType>::open(file, mode)
data/cpprest-2.10.16/Release/include/cpprest/http_listener.h:175:34: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
_ASYNCRTIMP pplx::task<void> open();
data/cpprest-2.10.16/Release/include/cpprest/http_listener.h:267:22: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
pplx::task<void> open() { return m_impl->open(); }
data/cpprest-2.10.16/Release/include/cpprest/http_listener.h:267:46: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
pplx::task<void> open() { return m_impl->open(); }
data/cpprest-2.10.16/Release/samples/BingRequest/bingrequest.cpp:67:27: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file_buffer<uint8_t>::open(outputFileName, std::ios::out)
data/cpprest-2.10.16/Release/samples/BlackJack/BlackJack_Server/BlackJack_Server.cpp:25:22: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
pplx::task<void> open() { return m_listener.open(); }
data/cpprest-2.10.16/Release/samples/BlackJack/BlackJack_Server/BlackJack_Server.cpp:25:49: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
pplx::task<void> open() { return m_listener.open(); }
data/cpprest-2.10.16/Release/samples/BlackJack/BlackJack_Server/BlackJack_Server.cpp:48:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
g_httpDealer->open().wait();
data/cpprest-2.10.16/Release/samples/BlackJack/BlackJack_Server/Dealer.cpp:32:22: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
pplx::task<void> open() { return m_listener.open(); }
data/cpprest-2.10.16/Release/samples/BlackJack/BlackJack_Server/Dealer.cpp:32:49: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
pplx::task<void> open() { return m_listener.open(); }
data/cpprest-2.10.16/Release/samples/CasaLens/casalens.cpp:73:28: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
pplx::task<void> CasaLens::open()
data/cpprest-2.10.16/Release/samples/CasaLens/casalens.cpp:75:23: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return m_listener.open().then([](pplx::task<void> t) { handle_error(t); });
data/cpprest-2.10.16/Release/samples/CasaLens/casalens.cpp:149:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
listener.open().wait();
data/cpprest-2.10.16/Release/samples/CasaLens/casalens.h:65:22: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
pplx::task<void> open();
data/cpprest-2.10.16/Release/samples/Oauth1Client/Oauth1Client.cpp:117:21: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
m_listener->open().wait();
data/cpprest-2.10.16/Release/samples/Oauth2Client/Oauth2Client.cpp:120:21: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
m_listener->open().wait();
data/cpprest-2.10.16/Release/src/http/client/http_client_winhttp.cpp:791:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
unsigned long open()
data/cpprest-2.10.16/Release/src/http/client/http_client_winhttp.cpp:965:31: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
unsigned long error = open();
data/cpprest-2.10.16/Release/src/http/common/http_helpers.cpp:87:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[9];
data/cpprest-2.10.16/Release/src/http/common/http_helpers.cpp:93:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&data[0], buffer, 8);
data/cpprest-2.10.16/Release/src/http/listener/http_listener.cpp:68:47: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
pplx::task<void> details::http_listener_impl::open()
data/cpprest-2.10.16/Release/src/http/listener/http_server_asio.cpp:530:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
m_acceptor->open(endpoint.protocol());
data/cpprest-2.10.16/Release/src/http/oauth/oauth1.cpp:139:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char digest[EVP_MAX_MD_SIZE];
data/cpprest-2.10.16/Release/src/json/json_parsing.cpp:818:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(const_cast<CharType*>(token.string_val.c_str() + prevSize), start, numChars * sizeof(CharType));
data/cpprest-2.10.16/Release/src/json/json_parsing.cpp:839:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(const_cast<CharType*>(token.string_val.c_str() + prevSize), start, numChars * sizeof(CharType));
data/cpprest-2.10.16/Release/src/json/json_serialization.cpp:153:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempBuffer[tempSize];
data/cpprest-2.10.16/Release/src/json/json_serialization.cpp:177:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempBuffer[tempSize];
data/cpprest-2.10.16/Release/src/json/json_serialization.cpp:217:9: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
wchar_t tempBuffer[tempSize];
data/cpprest-2.10.16/Release/src/json/json_serialization.cpp:231:9: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
wchar_t tempBuffer[tempSize];
data/cpprest-2.10.16/Release/src/streams/fileio_posix.cpp:166:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int f = open(name.c_str(), cmode, 0666);
data/cpprest-2.10.16/Release/src/streams/fileio_posix.cpp:407:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if (bufrem > 0) memcpy(newbuf, fInfo->m_buffer + bufpos * charSize, bufrem * charSize);
data/cpprest-2.10.16/Release/src/streams/fileio_posix.cpp:461:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, fInfo->m_buffer + bufoff * charSize, copy);
data/cpprest-2.10.16/Release/src/streams/fileio_posix.cpp:472:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, fInfo->m_buffer + bufoff * charSize, copy);
data/cpprest-2.10.16/Release/src/streams/fileio_win32.cpp:696:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if (bufrem > 0) memcpy(newbuf, fInfo->m_buffer + bufpos * char_size, bufrem * char_size);
data/cpprest-2.10.16/Release/src/streams/fileio_win32.cpp:778:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, fInfo->m_buffer + bufoff * char_size, copy);
data/cpprest-2.10.16/Release/src/streams/fileio_win32.cpp:790:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, fInfo->m_buffer + bufoff * char_size, copy);
data/cpprest-2.10.16/Release/src/streams/fileio_winrt.cpp:425:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if (bufrem > 0) memcpy(newbuf, fInfo->m_buffer + bufpos * char_size, bufrem * char_size);
data/cpprest-2.10.16/Release/src/streams/fileio_winrt.cpp:504:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, fInfo->m_buffer + bufoff * char_size, copy);
data/cpprest-2.10.16/Release/src/streams/fileio_winrt.cpp:516:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, fInfo->m_buffer + bufoff * char_size, copy);
data/cpprest-2.10.16/Release/src/streams/fileio_winrt.cpp:908:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer_data, ptr, count);
data/cpprest-2.10.16/Release/src/streams/fileio_winrt.cpp:977:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, buffer_data, size);
data/cpprest-2.10.16/Release/src/utilities/asyncrt_utils.cpp:775:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outBuffer[38]; // Thu, 01 Jan 1970 00:00:00 GMT\0
data/cpprest-2.10.16/Release/src/utilities/asyncrt_utils.cpp:804:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(outCursor, " GMT", 4);
data/cpprest-2.10.16/Release/src/utilities/asyncrt_utils.cpp:819:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(
data/cpprest-2.10.16/Release/src/utilities/asyncrt_utils.cpp:830:35: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
size_t appended = sprintf(outCursor, ".%07d", fracSec);
data/cpprest-2.10.16/Release/src/utilities/asyncrt_utils.cpp:871:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char max_days_in_month[12] = {
data/cpprest-2.10.16/Release/src/utilities/base64.cpp:137:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char target[3];
data/cpprest-2.10.16/Release/src/utilities/base64.cpp:166:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char target[3];
data/cpprest-2.10.16/Release/tests/common/TestRunner/test_runner.cpp:80:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char exe_directory_buffer[MAX_PATH];
data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/DeferredTestResult.h:51:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char failureStr[1024];
data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/MemoryOutStream.cpp:67:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char txt[32];
data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/tests/RecordingReporter.h:109:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lastStartedSuite[kMaxStringLength];
data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/tests/RecordingReporter.h:110:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lastStartedTest[kMaxStringLength];
data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/tests/RecordingReporter.h:113:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lastFailedFile[kMaxStringLength];
data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/tests/RecordingReporter.h:115:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lastFailedSuite[kMaxStringLength];
data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/tests/RecordingReporter.h:116:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lastFailedTest[kMaxStringLength];
data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/tests/RecordingReporter.h:117:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lastFailedMessage[kMaxStringLength];
data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/tests/RecordingReporter.h:120:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lastFinishedSuite[kMaxStringLength];
data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/tests/RecordingReporter.h:121:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lastFinishedTest[kMaxStringLength];
data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/tests/TestChecks.cpp:152:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
std::memcpy(&nan, &bitpattern, sizeof(bitpattern));
data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/tests/TestChecks.cpp:163:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
std::memcpy(&nan, &bitpattern, sizeof(bitpattern));
data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/tests/TestDeferredTestReporter.cpp:130:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char failureMessage[128];
data/cpprest-2.10.16/Release/tests/functional/http/client/authentication_tests.cpp:452:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&data[0], "raw data", rawDataSize);
data/cpprest-2.10.16/Release/tests/functional/http/client/authentication_tests.cpp:502:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&data[0], "raw data", rawDataSize);
data/cpprest-2.10.16/Release/tests/functional/http/client/building_request_tests.cpp:102:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&vector_body[0], &str_body[0], str_body.size() * sizeof(utility::char_t));
data/cpprest-2.10.16/Release/tests/functional/http/client/compression_tests.cpp:79:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(output, input, bytes);
data/cpprest-2.10.16/Release/tests/functional/http/client/compression_tests.cpp:134:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(output, input, bytes);
data/cpprest-2.10.16/Release/tests/functional/http/client/compression_tests.cpp:801:26: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
listener.open().wait();
data/cpprest-2.10.16/Release/tests/functional/http/client/compression_tests.cpp:1210:49: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cmp.data() + skip, v.data(), v.size());
data/cpprest-2.10.16/Release/tests/functional/http/client/compression_tests.cpp:1248:49: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cmp.data() + web::http::details::chunked_encoding::data_offset -
data/cpprest-2.10.16/Release/tests/functional/http/client/compression_tests.cpp:1268:49: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cmp.data() + total + 3, trailer.data(), trailer.size());
data/cpprest-2.10.16/Release/tests/functional/http/client/connections_and_errors.cpp:210:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
listener.open().wait();
data/cpprest-2.10.16/Release/tests/functional/http/client/connections_and_errors.cpp:239:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
listener.open().wait();
data/cpprest-2.10.16/Release/tests/functional/http/client/connections_and_errors.cpp:283:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
listener.open().wait();
data/cpprest-2.10.16/Release/tests/functional/http/client/connections_and_errors.cpp:374:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
listener.open().wait();
data/cpprest-2.10.16/Release/tests/functional/http/client/request_stream_tests.cpp:52:45: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return streams::file_buffer<_CharType>::open(name, std::ios_base::in);
data/cpprest-2.10.16/Release/tests/functional/http/client/request_stream_tests.cpp:57:45: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return streams::file_buffer<_CharType>::open(file, std::ios_base::in);
data/cpprest-2.10.16/Release/tests/functional/http/client/request_stream_tests.cpp:347:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[5] = {'1', '2', '3', '4', '5'};
data/cpprest-2.10.16/Release/tests/functional/http/client/request_stream_tests.cpp:366:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[5] = {'1', '2', '3', '4', '5'};
data/cpprest-2.10.16/Release/tests/functional/http/client/request_stream_tests.cpp:393:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[5] = {'1', '2', '3', '4', '5'};
data/cpprest-2.10.16/Release/tests/functional/http/client/request_stream_tests.cpp:420:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[5] = {'1', '2', '3', '4', '5'};
data/cpprest-2.10.16/Release/tests/functional/http/client/response_extract_tests.cpp:324:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
listener.open().wait();
data/cpprest-2.10.16/Release/tests/functional/http/client/response_stream_tests.cpp:44:45: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return streams::file_buffer<_CharType>::open(name, std::ios_base::in);
data/cpprest-2.10.16/Release/tests/functional/http/client/response_stream_tests.cpp:49:45: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return streams::file_buffer<_CharType>::open(file, std::ios_base::in);
data/cpprest-2.10.16/Release/tests/functional/http/client/response_stream_tests.cpp:93:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chars[128];
data/cpprest-2.10.16/Release/tests/functional/http/client/response_stream_tests.cpp:122:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bufStr[31];
data/cpprest-2.10.16/Release/tests/functional/http/client/response_stream_tests.cpp:124:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&bufStr[0], &(buf.collection())[0], 30);
data/cpprest-2.10.16/Release/tests/functional/http/client/response_stream_tests.cpp:157:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chars[128];
data/cpprest-2.10.16/Release/tests/functional/http/client/response_stream_tests.cpp:305:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
listener.open().wait();
data/cpprest-2.10.16/Release/tests/functional/http/client/response_stream_tests.cpp:336:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
listener.open().wait();
data/cpprest-2.10.16/Release/tests/functional/http/client/response_stream_tests.cpp:368:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
listener.open().wait();
data/cpprest-2.10.16/Release/tests/functional/http/client/response_stream_tests.cpp:406:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
listener.open().wait();
data/cpprest-2.10.16/Release/tests/functional/http/client/response_stream_tests.cpp:450:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
listener.open().wait();
data/cpprest-2.10.16/Release/tests/functional/http/listener/building_response_tests.cpp:39:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
listener.open().wait();
data/cpprest-2.10.16/Release/tests/functional/http/listener/building_response_tests.cpp:68:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
listener.open().wait();
data/cpprest-2.10.16/Release/tests/functional/http/listener/building_response_tests.cpp:92:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
listener.open().wait();
data/cpprest-2.10.16/Release/tests/functional/http/listener/building_response_tests.cpp:125:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
listener.open().wait();
data/cpprest-2.10.16/Release/tests/functional/http/listener/connections_and_errors.cpp:45:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
listener.open().wait();
data/cpprest-2.10.16/Release/tests/functional/http/listener/connections_and_errors.cpp:88:22: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
listener.open().wait();
data/cpprest-2.10.16/Release/tests/functional/http/listener/connections_and_errors.cpp:103:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
listener.open().wait();
data/cpprest-2.10.16/Release/tests/functional/http/listener/connections_and_errors.cpp:130:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
listener.open().wait();
data/cpprest-2.10.16/Release/tests/functional/http/listener/connections_and_errors.cpp:160:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
listener.open().wait();
data/cpprest-2.10.16/Release/tests/functional/http/listener/connections_and_errors.cpp:187:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
listener.open().wait();
data/cpprest-2.10.16/Release/tests/functional/http/listener/connections_and_errors.cpp:213:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
listener.open().wait();
data/cpprest-2.10.16/Release/tests/functional/http/listener/connections_and_errors.cpp:236:32: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
VERIFY_THROWS(listener.open().wait(), http_exception);
data/cpprest-2.10.16/Release/tests/functional/http/listener/connections_and_errors.cpp:243:32: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
VERIFY_THROWS(listener.open().wait(), http_exception);
data/cpprest-2.10.16/Release/tests/functional/http/listener/connections_and_errors.cpp:249:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
listener.open().wait();
data/cpprest-2.10.16/Release/tests/functional/http/listener/connections_and_errors.cpp:270:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
listener.open().wait();
data/cpprest-2.10.16/Release/tests/functional/http/listener/connections_and_errors.cpp:312:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
listener.open().wait();
data/cpprest-2.10.16/Release/tests/functional/http/listener/connections_and_errors.cpp:402:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
listener.open().wait();
data/cpprest-2.10.16/Release/tests/functional/http/listener/header_tests.cpp:36:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
listener.open().wait();
data/cpprest-2.10.16/Release/tests/functional/http/listener/header_tests.cpp:118:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
listener.open().wait();
data/cpprest-2.10.16/Release/tests/functional/http/listener/header_tests.cpp:143:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
listener.open().wait();
data/cpprest-2.10.16/Release/tests/functional/http/listener/listener_construction_tests.cpp:40:32: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
VERIFY_THROWS(listener.open().wait(), std::invalid_argument);
data/cpprest-2.10.16/Release/tests/functional/http/listener/listener_construction_tests.cpp:46:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
listener.open().wait();
data/cpprest-2.10.16/Release/tests/functional/http/listener/listener_construction_tests.cpp:82:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
listener.open().wait();
data/cpprest-2.10.16/Release/tests/functional/http/listener/listener_construction_tests.cpp:132:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
listener1.open().wait();
data/cpprest-2.10.16/Release/tests/functional/http/listener/listener_construction_tests.cpp:135:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
listener2.open().wait();
data/cpprest-2.10.16/Release/tests/functional/http/listener/listener_construction_tests.cpp:138:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
listener3.open().wait();
data/cpprest-2.10.16/Release/tests/functional/http/listener/listener_construction_tests.cpp:196:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
listener.open().wait();
data/cpprest-2.10.16/Release/tests/functional/http/listener/listener_construction_tests.cpp:230:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
listener.open().wait();
data/cpprest-2.10.16/Release/tests/functional/http/listener/listener_construction_tests.cpp:275:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
listener.open().wait();
data/cpprest-2.10.16/Release/tests/functional/http/listener/listener_construction_tests.cpp:331:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
listener.open().wait();
data/cpprest-2.10.16/Release/tests/functional/http/listener/listener_construction_tests.cpp:375:22: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
listener.open().wait();
data/cpprest-2.10.16/Release/tests/functional/http/listener/listener_construction_tests.cpp:385:22: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
listener.open().wait();
data/cpprest-2.10.16/Release/tests/functional/http/listener/listener_construction_tests.cpp:549:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
listener.open().wait();
data/cpprest-2.10.16/Release/tests/functional/http/listener/reply_helper_tests.cpp:38:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
listener.open().wait();
data/cpprest-2.10.16/Release/tests/functional/http/listener/reply_helper_tests.cpp:58:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
listener.open().wait();
data/cpprest-2.10.16/Release/tests/functional/http/listener/request_extract_tests.cpp:40:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
listener.open().wait();
data/cpprest-2.10.16/Release/tests/functional/http/listener/request_extract_tests.cpp:63:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
listener.open().wait();
data/cpprest-2.10.16/Release/tests/functional/http/listener/request_extract_tests.cpp:85:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
listener.open().wait();
data/cpprest-2.10.16/Release/tests/functional/http/listener/request_extract_tests.cpp:111:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
listener.open().wait();
data/cpprest-2.10.16/Release/tests/functional/http/listener/request_extract_tests.cpp:135:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
listener.open().wait();
data/cpprest-2.10.16/Release/tests/functional/http/listener/request_extract_tests.cpp:160:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
listener.open().wait();
data/cpprest-2.10.16/Release/tests/functional/http/listener/request_handler_tests.cpp:38:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
listener.open().wait();
data/cpprest-2.10.16/Release/tests/functional/http/listener/request_handler_tests.cpp:104:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
listener.open().wait();
data/cpprest-2.10.16/Release/tests/functional/http/listener/request_handler_tests.cpp:138:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
listener.open().wait();
data/cpprest-2.10.16/Release/tests/functional/http/listener/request_handler_tests.cpp:169:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
listener.open().wait();
data/cpprest-2.10.16/Release/tests/functional/http/listener/request_handler_tests.cpp:214:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
listener.open().wait();
data/cpprest-2.10.16/Release/tests/functional/http/listener/request_handler_tests.cpp:232:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
listener1.open().wait();
data/cpprest-2.10.16/Release/tests/functional/http/listener/request_handler_tests.cpp:233:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
listener2.open().wait();
data/cpprest-2.10.16/Release/tests/functional/http/listener/request_handler_tests.cpp:234:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
listener3.open().wait();
data/cpprest-2.10.16/Release/tests/functional/http/listener/request_handler_tests.cpp:296:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
listener1.open().wait();
data/cpprest-2.10.16/Release/tests/functional/http/listener/request_handler_tests.cpp:297:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
listener2.open().wait();
data/cpprest-2.10.16/Release/tests/functional/http/listener/request_handler_tests.cpp:337:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
listener.open().wait();
data/cpprest-2.10.16/Release/tests/functional/http/listener/request_handler_tests.cpp:380:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
listener.open().wait();
data/cpprest-2.10.16/Release/tests/functional/http/listener/request_handler_tests.cpp:386:41: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
VERIFY_ARE_EQUAL(0, client->open());
data/cpprest-2.10.16/Release/tests/functional/http/listener/request_handler_tests.cpp:417:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
listener.open().wait();
data/cpprest-2.10.16/Release/tests/functional/http/listener/request_handler_tests.cpp:488:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
listener.open().wait();
data/cpprest-2.10.16/Release/tests/functional/http/listener/request_handler_tests.cpp:521:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
listener.open().wait();
data/cpprest-2.10.16/Release/tests/functional/http/listener/request_relative_uri_tests.cpp:37:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
listener.open().wait();
data/cpprest-2.10.16/Release/tests/functional/http/listener/request_relative_uri_tests.cpp:39:36: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
VERIFY_ARE_EQUAL(0, client.open());
data/cpprest-2.10.16/Release/tests/functional/http/listener/request_relative_uri_tests.cpp:60:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
listener.open().wait();
data/cpprest-2.10.16/Release/tests/functional/http/listener/request_relative_uri_tests.cpp:62:36: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
VERIFY_ARE_EQUAL(0, client.open());
data/cpprest-2.10.16/Release/tests/functional/http/listener/request_relative_uri_tests.cpp:83:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
listener.open().wait();
data/cpprest-2.10.16/Release/tests/functional/http/listener/request_relative_uri_tests.cpp:85:36: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
VERIFY_ARE_EQUAL(0, client.open());
data/cpprest-2.10.16/Release/tests/functional/http/listener/request_relative_uri_tests.cpp:106:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
listener.open().wait();
data/cpprest-2.10.16/Release/tests/functional/http/listener/request_relative_uri_tests.cpp:125:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
listener.open().wait();
data/cpprest-2.10.16/Release/tests/functional/http/listener/request_stream_tests.cpp:39:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
listener.open().wait();
data/cpprest-2.10.16/Release/tests/functional/http/listener/request_stream_tests.cpp:75:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
listener.open().wait();
data/cpprest-2.10.16/Release/tests/functional/http/listener/requests_tests.cpp:39:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
listener.open().wait();
data/cpprest-2.10.16/Release/tests/functional/http/listener/requests_tests.cpp:82:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
listener.open().wait();
data/cpprest-2.10.16/Release/tests/functional/http/listener/requests_tests.cpp:144:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
listener.open().wait();
data/cpprest-2.10.16/Release/tests/functional/http/listener/requests_tests.cpp:173:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
listener.open().wait();
data/cpprest-2.10.16/Release/tests/functional/http/listener/requests_tests.cpp:215:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
listener.open().wait();
data/cpprest-2.10.16/Release/tests/functional/http/listener/requests_tests.cpp:264:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
listener.open().wait();
data/cpprest-2.10.16/Release/tests/functional/http/listener/response_stream_tests.cpp:54:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
listener.open().wait();
data/cpprest-2.10.16/Release/tests/functional/http/listener/response_stream_tests.cpp:91:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
listener.open().wait();
data/cpprest-2.10.16/Release/tests/functional/http/listener/response_stream_tests.cpp:128:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
listener.open().wait();
data/cpprest-2.10.16/Release/tests/functional/http/listener/response_stream_tests.cpp:168:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
listener.open().wait();
data/cpprest-2.10.16/Release/tests/functional/http/listener/response_stream_tests.cpp:202:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
listener.open().wait();
data/cpprest-2.10.16/Release/tests/functional/http/listener/response_stream_tests.cpp:248:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
listener.open().wait();
data/cpprest-2.10.16/Release/tests/functional/http/listener/response_stream_tests.cpp:253:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ptr[4 * 1024] = {'a', 'b', 'c'};
data/cpprest-2.10.16/Release/tests/functional/http/listener/response_stream_tests.cpp:285:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
listener.open().wait();
data/cpprest-2.10.16/Release/tests/functional/http/listener/response_stream_tests.cpp:290:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ptr[4 * 1024];
data/cpprest-2.10.16/Release/tests/functional/http/listener/status_code_reason_phrase_tests.cpp:36:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
listener.open().wait();
data/cpprest-2.10.16/Release/tests/functional/http/listener/status_code_reason_phrase_tests.cpp:62:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
listener.open().wait();
data/cpprest-2.10.16/Release/tests/functional/http/listener/to_string_tests.cpp:47:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
listener.open().wait();
data/cpprest-2.10.16/Release/tests/functional/http/utilities/include/test_http_client.h:95:36: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
TEST_UTILITY_API unsigned long open();
data/cpprest-2.10.16/Release/tests/functional/http/utilities/include/test_http_client.h:128:46: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
VERIFY_ARE_EQUAL(0u, m_p_client->open());
data/cpprest-2.10.16/Release/tests/functional/http/utilities/test_http_client.cpp:76:28: [2] (integer) _wtoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
code = (unsigned short)_wtoi(buffer.c_str());
data/cpprest-2.10.16/Release/tests/functional/http/utilities/test_http_client.cpp:140:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
unsigned long open()
data/cpprest-2.10.16/Release/tests/functional/http/utilities/test_http_client.cpp:396:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
unsigned long open() { return 0; }
data/cpprest-2.10.16/Release/tests/functional/http/utilities/test_http_client.cpp:486:33: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
unsigned long test_http_client::open() { return m_impl->open(); }
data/cpprest-2.10.16/Release/tests/functional/http/utilities/test_http_client.cpp:486:57: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
unsigned long test_http_client::open() { return m_impl->open(); }
data/cpprest-2.10.16/Release/tests/functional/http/utilities/test_http_server.cpp:279:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[buffer_length];
data/cpprest-2.10.16/Release/tests/functional/http/utilities/test_http_server.cpp:318:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4096];
data/cpprest-2.10.16/Release/tests/functional/http/utilities/test_http_server.cpp:331:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&p_test_request->m_body[content_length - bytes_received], buf, bytes_received);
data/cpprest-2.10.16/Release/tests/functional/http/utilities/test_http_server.cpp:525:20: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
m_listener.open().wait();
data/cpprest-2.10.16/Release/tests/functional/streams/fstreambuf_tests.cpp:63:58: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return concurrency::streams::file_buffer<_CharType>::open(name, mode, _Prot);
data/cpprest-2.10.16/Release/tests/functional/streams/fstreambuf_tests.cpp:74:66: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return concurrency::streams::file_buffer<_CharType>::open(file, mode);
data/cpprest-2.10.16/Release/tests/functional/streams/fstreambuf_tests.cpp:82:66: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return concurrency::streams::file_buffer<_CharType>::open(file, mode);
data/cpprest-2.10.16/Release/tests/functional/streams/fstreambuf_tests.cpp:127:23: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
auto stream = open.get();
data/cpprest-2.10.16/Release/tests/functional/streams/fstreambuf_tests.cpp:129:24: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
VERIFY_IS_TRUE(open.is_done());
data/cpprest-2.10.16/Release/tests/functional/streams/fstreambuf_tests.cpp:146:36: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
VERIFY_IS_NULL(is.rdbuf()->open(fname.c_str(), std::ios::in));
data/cpprest-2.10.16/Release/tests/functional/streams/fstreambuf_tests.cpp:157:36: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
VERIFY_IS_NULL(is.rdbuf()->open(fname.c_str(), std::ios::in | std::ios_base::binary));
data/cpprest-2.10.16/Release/tests/functional/streams/fstreambuf_tests.cpp:163:23: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
auto stream = open.get();
data/cpprest-2.10.16/Release/tests/functional/streams/fstreambuf_tests.cpp:165:24: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
VERIFY_IS_TRUE(open.is_done());
data/cpprest-2.10.16/Release/tests/functional/streams/fstreambuf_tests.cpp:186:23: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
auto stream = open.get();
data/cpprest-2.10.16/Release/tests/functional/streams/fstreambuf_tests.cpp:188:24: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
VERIFY_IS_TRUE(open.is_done());
data/cpprest-2.10.16/Release/tests/functional/streams/fstreambuf_tests.cpp:210:23: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
auto stream = open.get();
data/cpprest-2.10.16/Release/tests/functional/streams/fstreambuf_tests.cpp:212:24: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
VERIFY_IS_TRUE(open.is_done());
data/cpprest-2.10.16/Release/tests/functional/streams/fstreambuf_tests.cpp:234:23: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
auto stream = open.get();
data/cpprest-2.10.16/Release/tests/functional/streams/fstreambuf_tests.cpp:236:24: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
VERIFY_IS_TRUE(open.is_done());
data/cpprest-2.10.16/Release/tests/functional/streams/fstreambuf_tests.cpp:259:23: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
auto stream = open.get();
data/cpprest-2.10.16/Release/tests/functional/streams/fstreambuf_tests.cpp:261:24: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
VERIFY_IS_TRUE(open.is_done());
data/cpprest-2.10.16/Release/tests/functional/streams/fstreambuf_tests.cpp:358:9: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
wchar_t buf[10];
data/cpprest-2.10.16/Release/tests/functional/streams/fstreambuf_tests.cpp:480:9: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
wchar_t buf[10];
data/cpprest-2.10.16/Release/tests/functional/streams/fstreambuf_tests.cpp:634:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[10];
data/cpprest-2.10.16/Release/tests/functional/streams/fstreambuf_tests.cpp:685:9: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
wchar_t buf[10];
data/cpprest-2.10.16/Release/tests/functional/streams/fstreambuf_tests.cpp:736:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[10];
data/cpprest-2.10.16/Release/tests/functional/streams/fstreambuf_tests.cpp:822:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/cpprest-2.10.16/Release/tests/functional/streams/fstreambuf_tests.cpp:836:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char readdata[256];
data/cpprest-2.10.16/Release/tests/functional/streams/fstreambuf_tests.cpp:855:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char readdata[256];
data/cpprest-2.10.16/Release/tests/functional/streams/istream_tests.cpp:111:45: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return streams::file_buffer<_CharType>::open(name, std::ios_base::in, _Prot);
data/cpprest-2.10.16/Release/tests/functional/streams/istream_tests.cpp:116:45: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return streams::file_buffer<_CharType>::open(file, std::ios_base::in);
data/cpprest-2.10.16/Release/tests/functional/streams/istream_tests.cpp:209:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[128];
data/cpprest-2.10.16/Release/tests/functional/streams/istream_tests.cpp:744:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chars[128];
data/cpprest-2.10.16/Release/tests/functional/streams/istream_tests.cpp:770:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chars[128];
data/cpprest-2.10.16/Release/tests/functional/streams/istream_tests.cpp:796:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chars[128];
data/cpprest-2.10.16/Release/tests/functional/streams/istream_tests.cpp:1511:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char targetBuf[size];
data/cpprest-2.10.16/Release/tests/functional/streams/memstream_tests.cpp:815:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chars[26];
data/cpprest-2.10.16/Release/tests/functional/streams/memstream_tests.cpp:840:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chars[128];
data/cpprest-2.10.16/Release/tests/functional/streams/memstream_tests.cpp:858:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chars[128];
data/cpprest-2.10.16/Release/tests/functional/streams/memstream_tests.cpp:940:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chars[128];
data/cpprest-2.10.16/Release/tests/functional/streams/memstream_tests.cpp:1350:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[count];
data/cpprest-2.10.16/Release/tests/functional/streams/memstream_tests.cpp:1401:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[count];
data/cpprest-2.10.16/Release/tests/functional/streams/memstream_tests.cpp:1426:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[count];
data/cpprest-2.10.16/Release/tests/functional/streams/memstream_tests.cpp:1442:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chars[128];
data/cpprest-2.10.16/Release/tests/functional/streams/memstream_tests.cpp:1470:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chars[128];
data/cpprest-2.10.16/Release/tests/functional/streams/memstream_tests.cpp:1576:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/cpprest-2.10.16/Release/tests/functional/streams/memstream_tests.cpp:1609:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/cpprest-2.10.16/Release/tests/functional/streams/memstream_tests.cpp:1633:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/cpprest-2.10.16/Release/tests/functional/streams/memstream_tests.cpp:1672:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[128];
data/cpprest-2.10.16/Release/tests/functional/streams/memstream_tests.cpp:1674:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[128];
data/cpprest-2.10.16/Release/tests/functional/streams/memstream_tests.cpp:1713:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[128];
data/cpprest-2.10.16/Release/tests/functional/streams/memstream_tests.cpp:1802:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[128];
data/cpprest-2.10.16/Release/tests/functional/streams/memstream_tests.cpp:1995:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[128], buf2[128];
data/cpprest-2.10.16/Release/tests/functional/streams/memstream_tests.cpp:2038:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[128], buf2[128];
data/cpprest-2.10.16/Release/tests/functional/streams/memstream_tests.cpp:2059:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[128], buf2[128];
data/cpprest-2.10.16/Release/tests/functional/streams/memstream_tests.cpp:2093:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[128], buf2[128];
data/cpprest-2.10.16/Release/tests/functional/streams/memstream_tests.cpp:2207:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[100];
data/cpprest-2.10.16/Release/tests/functional/streams/memstream_tests.cpp:2216:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[100];
data/cpprest-2.10.16/Release/tests/functional/streams/memstream_tests.cpp:2241:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[100];
data/cpprest-2.10.16/Release/tests/functional/streams/memstream_tests.cpp:2251:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[100];
data/cpprest-2.10.16/Release/tests/functional/streams/memstream_tests.cpp:2342:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char data[2];
data/cpprest-2.10.16/Release/tests/functional/streams/memstream_tests.cpp:2354:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char data[4];
data/cpprest-2.10.16/Release/tests/functional/streams/memstream_tests.cpp:2363:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char data[2];
data/cpprest-2.10.16/Release/tests/functional/streams/memstream_tests.cpp:2424:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[size];
data/cpprest-2.10.16/Release/tests/functional/streams/ostream_tests.cpp:76:29: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
auto basic_stream = open.get();
data/cpprest-2.10.16/Release/tests/functional/streams/ostream_tests.cpp:90:20: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
auto cls = open.then([](pplx::task<concurrency::streams::ostream> op) -> pplx::task<void> {
data/cpprest-2.10.16/Release/tests/functional/streams/ostream_tests.cpp:106:23: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
auto stream = open.get();
data/cpprest-2.10.16/Release/tests/functional/streams/ostream_tests.cpp:108:24: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
VERIFY_IS_TRUE(open.is_done());
data/cpprest-2.10.16/Release/tests/functional/streams/ostream_tests.cpp:128:23: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
auto stream = open.get();
data/cpprest-2.10.16/Release/tests/functional/streams/ostream_tests.cpp:130:24: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
VERIFY_IS_TRUE(open.is_done());
data/cpprest-2.10.16/Release/tests/functional/streams/ostream_tests.cpp:155:23: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
auto stream = open.get();
data/cpprest-2.10.16/Release/tests/functional/streams/ostream_tests.cpp:157:24: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
VERIFY_IS_TRUE(open.is_done());
data/cpprest-2.10.16/Release/tests/functional/streams/ostream_tests.cpp:243:23: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
auto stream = open.get();
data/cpprest-2.10.16/Release/tests/functional/streams/ostream_tests.cpp:244:24: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
VERIFY_IS_TRUE(open.is_done());
data/cpprest-2.10.16/Release/tests/functional/streams/ostream_tests.cpp:261:23: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
auto stream = open.get();
data/cpprest-2.10.16/Release/tests/functional/streams/ostream_tests.cpp:263:24: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
VERIFY_IS_TRUE(open.is_done());
data/cpprest-2.10.16/Release/tests/functional/streams/ostream_tests.cpp:320:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char targetBuf[size];
data/cpprest-2.10.16/Release/tests/functional/streams/stdstream_tests.cpp:71:58: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return Concurrency::streams::file_buffer<_CharType>::open(name, std::ios_base::in);
data/cpprest-2.10.16/Release/tests/functional/streams/stdstream_tests.cpp:76:58: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return Concurrency::streams::file_buffer<_CharType>::open(file, std::ios_base::in);
data/cpprest-2.10.16/Release/tests/functional/streams/stdstream_tests.cpp:144:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chars[128];
data/cpprest-2.10.16/Release/tests/functional/streams/stdstream_tests.cpp:157:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chars[128];
data/cpprest-2.10.16/Release/tests/functional/streams/stdstream_tests.cpp:173:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chars[128];
data/cpprest-2.10.16/Release/tests/functional/streams/stdstream_tests.cpp:189:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chars[128];
data/cpprest-2.10.16/Release/tests/functional/streams/stdstream_tests.cpp:204:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chars[128];
data/cpprest-2.10.16/Release/tests/functional/streams/stdstream_tests.cpp:219:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chars[128];
data/cpprest-2.10.16/Release/tests/functional/streams/stdstream_tests.cpp:235:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chars[128];
data/cpprest-2.10.16/Release/tests/functional/streams/stdstream_tests.cpp:320:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chars[1024];
data/cpprest-2.10.16/Release/tests/functional/streams/stdstream_tests.cpp:359:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chars[1024];
data/cpprest-2.10.16/Release/tests/functional/streams/stdstream_tests.cpp:398:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[128];
data/cpprest-2.10.16/Release/tests/functional/streams/stdstream_tests.cpp:427:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[128];
data/cpprest-2.10.16/Release/tests/functional/streams/stdstream_tests.cpp:458:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[128];
data/cpprest-2.10.16/Release/tests/functional/streams/stdstream_tests.cpp:484:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[128];
data/cpprest-2.10.16/Release/tests/functional/streams/stdstream_tests.cpp:515:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[128];
data/cpprest-2.10.16/Release/tests/functional/streams/stdstream_tests.cpp:542:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[128];
data/cpprest-2.10.16/Release/tests/functional/streams/stdstream_tests.cpp:568:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[128];
data/cpprest-2.10.16/Release/tests/functional/streams/stdstream_tests.cpp:704:16: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
inFile.open("stdio_istream_error.txt");
data/cpprest-2.10.16/Release/tests/functional/streams/stdstream_tests.cpp:718:16: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
inFile.open("stdio_istream_setstate.txt");
data/cpprest-2.10.16/Release/tests/functional/streams/stdstream_tests.cpp:733:16: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
inFile.open("stdio_istream_close.txt");
data/cpprest-2.10.16/Release/tests/functional/streams/stdstream_tests.cpp:764:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempBuf[tempBufSize];
data/cpprest-2.10.16/Release/tests/functional/streams/stdstream_tests.cpp:775:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempBuf[tempBufSize];
data/cpprest-2.10.16/Release/tests/functional/streams/stdstream_tests.cpp:784:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tgt_buffer[5];
data/cpprest-2.10.16/Release/tests/functional/utils/strings.cpp:304:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char in[256] = {0};
data/cpprest-2.10.16/Release/tests/functional/websockets/client/receive_msg_tests.cpp:122:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&body[0], "a\0b\0c\0", 6);
data/cpprest-2.10.16/Release/tests/functional/websockets/client/send_msg_tests.cpp:59:49: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return streams::file_buffer<_CharType>::open(name, std::ios_base::in);
data/cpprest-2.10.16/Release/tests/functional/websockets/client/send_msg_tests.cpp:65:49: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return streams::file_buffer<_CharType>::open(file, std::ios_base::in);
data/cpprest-2.10.16/Release/tests/functional/websockets/client/send_msg_tests.cpp:208:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&body[0], "abcdefghijklmnopqrstuvwxyz", 26);
data/cpprest-2.10.16/Release/tests/functional/websockets/client/send_msg_tests.cpp:225:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&body[0], "a\0b\0c\0", 6);
data/cpprest-2.10.16/Release/tests/functional/websockets/client/send_msg_tests.cpp:284:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&body1[0], "abcdefghijklmnopqrstuvwxyz", 26);
data/cpprest-2.10.16/Release/tests/functional/websockets/client/send_msg_tests.cpp:286:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&body2[0], "zyxwvutsrqponmlkjihgfedcba", 26);
data/cpprest-2.10.16/Release/tests/functional/websockets/client/send_msg_tests.cpp:307:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&body1[0], "abcdefghijklmnopqrstuvwxyz", 26);
data/cpprest-2.10.16/Release/tests/functional/websockets/client/send_msg_tests.cpp:328:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&body[0], "abcdefghijklmnopqrstuvwxyz", 26);
data/cpprest-2.10.16/Release/tests/functional/websockets/client/send_msg_tests.cpp:359:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&body[0], "abcdefghijklmnopqrstuvwxyz", 26);
data/cpprest-2.10.16/Release/tests/functional/websockets/client/send_msg_tests.cpp:385:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&body[0], "abcdefghijklmnopqrstuvwxyz", 26);
data/cpprest-2.10.16/Release/tests/functional/websockets/client/send_msg_tests.cpp:408:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&body1[0], "a\0b\0c\0", 6);
data/cpprest-2.10.16/Release/tests/functional/websockets/client/send_msg_tests.cpp:410:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&body2[0], "a\0b\0c\0", 6);
data/cpprest-2.10.16/Release/tests/functional/websockets/client/send_msg_tests.cpp:431:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&body2[0], "a\0b\0c\0", 6);
data/cpprest-2.10.16/Release/include/cpprest/astreambuf.h:244:34: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
virtual pplx::task<int_type> getc() = 0;
data/cpprest-2.10.16/Release/include/cpprest/astreambuf.h:532:34: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
virtual pplx::task<int_type> getc()
data/cpprest-2.10.16/Release/include/cpprest/astreambuf.h:1073:34: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
virtual pplx::task<int_type> getc() { return get_base()->getc(); }
data/cpprest-2.10.16/Release/include/cpprest/astreambuf.h:1073:62: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
virtual pplx::task<int_type> getc() { return get_base()->getc(); }
data/cpprest-2.10.16/Release/include/cpprest/containerstream.h:207:45: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return pplx::task_from_result(this->read(ptr, count));
data/cpprest-2.10.16/Release/include/cpprest/containerstream.h:210:89: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
size_t _sgetn(_Out_writes_(count) _CharType* ptr, _In_ size_t count) { return this->read(ptr, count); }
data/cpprest-2.10.16/Release/include/cpprest/containerstream.h:214:22: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return this->read(ptr, count, false);
data/cpprest-2.10.16/Release/include/cpprest/containerstream.h:235:22: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return this->getc();
data/cpprest-2.10.16/Release/include/cpprest/containerstream.h:381:32: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
auto read_size = this->read(&value, 1, advance);
data/cpprest-2.10.16/Release/include/cpprest/containerstream.h:390:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
size_t read(_Out_writes_(count) _CharType* ptr, _In_ size_t count, bool advance = true)
data/cpprest-2.10.16/Release/include/cpprest/filestream.h:555:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read != 0 && read != size_t(-1))
data/cpprest-2.10.16/Release/include/cpprest/filestream.h:555:30: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read != 0 && read != size_t(-1))
data/cpprest-2.10.16/Release/include/cpprest/filestream.h:559:36: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
m_info->m_rdpos += read / sizeof(_CharType);
data/cpprest-2.10.16/Release/include/cpprest/filestream.h:560:55: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return pplx::task_from_result<size_t>(read / sizeof(_CharType));
data/cpprest-2.10.16/Release/include/cpprest/interopstream.h:277:29: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return m_buffer.getc().get();
data/cpprest-2.10.16/Release/include/cpprest/json.h:1587:21: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
return std::equal(std::begin(m_object), std::end(m_object), std::begin(other->m_object));
data/cpprest-2.10.16/Release/include/cpprest/producerconsumerstream.h:267:27: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
tce.set(this->read(ptr, count));
data/cpprest-2.10.16/Release/include/cpprest/producerconsumerstream.h:275:43: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return can_satisfy(count) ? this->read(ptr, count) : (size_t)traits::requires_async();
data/cpprest-2.10.16/Release/include/cpprest/producerconsumerstream.h:281:43: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return can_satisfy(count) ? this->read(ptr, count, false) : (size_t)traits::requires_async();
data/cpprest-2.10.16/Release/include/cpprest/producerconsumerstream.h:434:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
size_t read(_Out_writes_(count) _CharType* dest, _In_ size_t count, bool advance = true)
data/cpprest-2.10.16/Release/include/cpprest/producerconsumerstream.h:534:32: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
auto read_size = this->read(&value, 1, advance);
data/cpprest-2.10.16/Release/include/cpprest/producerconsumerstream.h:544:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
size_t read(_Out_writes_(count) _CharType* ptr, _In_ size_t count, bool advance = true)
data/cpprest-2.10.16/Release/include/cpprest/producerconsumerstream.h:553:43: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
auto read_from_block = block->read(ptr + read, count - read, advance);
data/cpprest-2.10.16/Release/include/cpprest/producerconsumerstream.h:553:54: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
auto read_from_block = block->read(ptr + read, count - read, advance);
data/cpprest-2.10.16/Release/include/cpprest/producerconsumerstream.h:553:68: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
auto read_from_block = block->read(ptr + read, count - read, advance);
data/cpprest-2.10.16/Release/include/cpprest/producerconsumerstream.h:557:31: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
_ASSERTE(count >= read);
data/cpprest-2.10.16/Release/include/cpprest/producerconsumerstream.h:563:30: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
update_read_head(read);
data/cpprest-2.10.16/Release/include/cpprest/producerconsumerstream.h:566:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return read;
data/cpprest-2.10.16/Release/include/cpprest/rawptrstream.h:245:45: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return pplx::task_from_result(this->read(ptr, count));
data/cpprest-2.10.16/Release/include/cpprest/rawptrstream.h:248:89: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
size_t _sgetn(_Out_writes_(count) _CharType* ptr, _In_ size_t count) { return this->read(ptr, count); }
data/cpprest-2.10.16/Release/include/cpprest/rawptrstream.h:252:22: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return this->read(ptr, count, false);
data/cpprest-2.10.16/Release/include/cpprest/rawptrstream.h:275:22: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return this->getc();
data/cpprest-2.10.16/Release/include/cpprest/rawptrstream.h:421:32: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
auto read_size = this->read(&value, 1, advance);
data/cpprest-2.10.16/Release/include/cpprest/rawptrstream.h:430:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
size_t read(_Out_writes_(count) _CharType* ptr, _In_ size_t count, bool advance = true)
data/cpprest-2.10.16/Release/include/cpprest/streams.h:643:26: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
pplx::task<int_type> read() const
data/cpprest-2.10.16/Release/include/cpprest/streams.h:665:19: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
pplx::task<T> read() const
data/cpprest-2.10.16/Release/include/cpprest/streams.h:686:24: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
pplx::task<size_t> read(streams::streambuf<CharType> target, size_t count) const
data/cpprest-2.10.16/Release/include/cpprest/streams.h:752:35: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return helper()->m_buffer.getc();
data/cpprest-2.10.16/Release/include/cpprest/streams.h:907:31: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return buffer.getc().then(update_after_cr);
data/cpprest-2.10.16/Release/include/cpprest/streams.h:1125:23: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return buffer.getc().then(update);
data/cpprest-2.10.16/Release/include/cpprest/streams.h:1155:27: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
auto get_op = buf.getc();
data/cpprest-2.10.16/Release/include/cpprest/streams.h:1161:26: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
get_op = buf.getc();
data/cpprest-2.10.16/Release/src/http/client/http_client_winhttp.cpp:594:18: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
std::equal(encodedFirst, encodedLast, m_cachedEncodedCert.begin()))
data/cpprest-2.10.16/Release/src/http/client/http_client_winhttp.cpp:1736:28: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
size_t read;
data/cpprest-2.10.16/Release/src/http/client/http_client_winhttp.cpp:1746:30: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
_ASSERTE(read != static_cast<size_t>(-1));
data/cpprest-2.10.16/Release/src/http/client/http_client_winhttp.cpp:1755:64: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
p_request_context->m_remaining_to_write -= read;
data/cpprest-2.10.16/Release/src/http/client/http_client_winhttp.cpp:1765:62: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
static_cast<DWORD>(read),
data/cpprest-2.10.16/Release/src/http/listener/http_server_httpsys.cpp:1034:27: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
m_response.body().read(buf, next_chunk_size).then([this](pplx::task<size_t> op) {
data/cpprest-2.10.16/Release/src/http/listener/http_server_httpsys.cpp:1079:31: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
m_response.body().read(buf, next_chunk_size).then([this, body_data_length](pplx::task<size_t> op) {
data/cpprest-2.10.16/Release/src/http/listener/http_server_httpsys.cpp:1153:31: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
m_response.body().read(buf, next_chunk_size).then([this, body_data_length](pplx::task<size_t> op) {
data/cpprest-2.10.16/Release/src/streams/fileio_posix.cpp:458:63: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
auto cb = create_callback(fInfo, callback, [=](size_t read) {
data/cpprest-2.10.16/Release/src/streams/fileio_posix.cpp:459:36: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
auto copy = (std::min)(read, byteCount);
data/cpprest-2.10.16/Release/src/streams/fileio_posix.cpp:468:30: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (static_cast<int>(read) > 0)
data/cpprest-2.10.16/Release/src/streams/fileio_posix.cpp:470:36: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
auto copy = (std::min)(read, byteCount);
data/cpprest-2.10.16/Release/src/streams/fileio_posix.cpp:477:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return read;
data/cpprest-2.10.16/Release/src/streams/fileio_win32.cpp:505:75: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
result = GetOverlappedResult(fInfo->m_handle, pOverlapped.get(), &read, FALSE) ? static_cast<size_t>(read)
data/cpprest-2.10.16/Release/src/streams/fileio_win32.cpp:505:110: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
result = GetOverlappedResult(fInfo->m_handle, pOverlapped.get(), &read, FALSE) ? static_cast<size_t>(read)
data/cpprest-2.10.16/Release/src/streams/fileio_win32.cpp:613:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
switch (read)
data/cpprest-2.10.16/Release/src/streams/fileio_win32.cpp:617:24: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return read;
data/cpprest-2.10.16/Release/src/streams/fileio_win32.cpp:622:24: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return read;
data/cpprest-2.10.16/Release/src/streams/fileio_win32.cpp:628:34: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
cb->on_completed(read);
data/cpprest-2.10.16/Release/src/streams/fileio_win32.cpp:665:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
switch (read)
data/cpprest-2.10.16/Release/src/streams/fileio_win32.cpp:669:24: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return read;
data/cpprest-2.10.16/Release/src/streams/fileio_win32.cpp:674:24: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return read;
data/cpprest-2.10.16/Release/src/streams/fileio_win32.cpp:680:34: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
cb->on_completed(read);
data/cpprest-2.10.16/Release/src/streams/fileio_win32.cpp:716:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
switch (read)
data/cpprest-2.10.16/Release/src/streams/fileio_win32.cpp:720:24: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return read;
data/cpprest-2.10.16/Release/src/streams/fileio_win32.cpp:725:24: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return read;
data/cpprest-2.10.16/Release/src/streams/fileio_win32.cpp:731:34: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
cb->on_completed(read);
data/cpprest-2.10.16/Release/src/streams/fileio_win32.cpp:774:53: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
auto cb = create_callback(fInfo, [=](size_t read) {
data/cpprest-2.10.16/Release/src/streams/fileio_win32.cpp:776:26: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
auto copy = (read < sz) ? read : sz;
data/cpprest-2.10.16/Release/src/streams/fileio_win32.cpp:776:39: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
auto copy = (read < sz) ? read : sz;
data/cpprest-2.10.16/Release/src/streams/fileio_win32.cpp:785:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read > 0)
data/cpprest-2.10.16/Release/src/streams/fileio_win32.cpp:788:26: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
auto copy = (read < sz) ? read : sz;
data/cpprest-2.10.16/Release/src/streams/fileio_win32.cpp:788:39: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
auto copy = (read < sz) ? read : sz;
data/cpprest-2.10.16/Release/src/streams/fileio_win32.cpp:795:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return read;
data/cpprest-2.10.16/Release/src/streams/fileio_winrt.cpp:278:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read > 0)
data/cpprest-2.10.16/Release/src/streams/fileio_winrt.cpp:280:109: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
reader->ReadBytes(Platform::ArrayReference<unsigned char>(static_cast<unsigned char*>(ptr), read));
data/cpprest-2.10.16/Release/src/streams/fileio_winrt.cpp:283:36: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
callback->on_completed(read);
data/cpprest-2.10.16/Release/src/streams/fileio_winrt.cpp:343:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
switch (read)
data/cpprest-2.10.16/Release/src/streams/fileio_winrt.cpp:347:24: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return read;
data/cpprest-2.10.16/Release/src/streams/fileio_winrt.cpp:352:24: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return read;
data/cpprest-2.10.16/Release/src/streams/fileio_winrt.cpp:358:34: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
cb->on_completed(read);
data/cpprest-2.10.16/Release/src/streams/fileio_winrt.cpp:394:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
switch (read)
data/cpprest-2.10.16/Release/src/streams/fileio_winrt.cpp:398:24: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return read;
data/cpprest-2.10.16/Release/src/streams/fileio_winrt.cpp:403:24: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return read;
data/cpprest-2.10.16/Release/src/streams/fileio_winrt.cpp:409:34: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
cb->on_completed(read);
data/cpprest-2.10.16/Release/src/streams/fileio_winrt.cpp:447:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
switch (read)
data/cpprest-2.10.16/Release/src/streams/fileio_winrt.cpp:451:24: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return read;
data/cpprest-2.10.16/Release/src/streams/fileio_winrt.cpp:456:24: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return read;
data/cpprest-2.10.16/Release/src/streams/fileio_winrt.cpp:462:34: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
cb->on_completed(read);
data/cpprest-2.10.16/Release/src/streams/fileio_winrt.cpp:500:53: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
auto cb = create_callback(fInfo, [=](size_t read) {
data/cpprest-2.10.16/Release/src/streams/fileio_winrt.cpp:502:26: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
auto copy = (read < sz) ? read : sz;
data/cpprest-2.10.16/Release/src/streams/fileio_winrt.cpp:502:39: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
auto copy = (read < sz) ? read : sz;
data/cpprest-2.10.16/Release/src/streams/fileio_winrt.cpp:511:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read > 0)
data/cpprest-2.10.16/Release/src/streams/fileio_winrt.cpp:514:26: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
auto copy = (read < sz) ? read : sz;
data/cpprest-2.10.16/Release/src/streams/fileio_winrt.cpp:514:39: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
auto copy = (read < sz) ? read : sz;
data/cpprest-2.10.16/Release/src/streams/fileio_winrt.cpp:521:24: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return (size_t)read;
data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/Checks.h:280:9: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
equal &= (expected[i] == actual[i]);
data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/Checks.h:282:10: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if (!equal)
data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/Checks.h:307:9: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
equal &= AreClose(expected[i], actual[i], tolerance);
data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/Checks.h:308:12: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
return equal;
data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/Checks.h:321:10: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if (!equal)
data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/Checks.h:349:9: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
equal &= ArrayAreClose(expected[i], actual[i], columns, tolerance);
data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/Checks.h:351:10: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if (!equal)
data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/MemoryOutStream.cpp:88:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int const bytesLeft = m_capacity - (int)strlen(m_buffer);
data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/MemoryOutStream.cpp:89:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int const bytesRequired = (int)strlen(txt) + 1;
data/cpprest-2.10.16/Release/tests/common/UnitTestpp/src/Posix/TimeHelpers.cpp:57:37: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
void TimeHelpers::SleepMs(int ms) { usleep(ms * 1000); }
data/cpprest-2.10.16/Release/tests/common/utilities/os_utilities.cpp:34:5: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(ms * 1000);
data/cpprest-2.10.16/Release/tests/functional/http/client/oauth1_tests.cpp:264:33: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
VERIFY_IS_TRUE(std::equal(suffix.rbegin(), suffix.rend(), header_authorization.rbegin()));
data/cpprest-2.10.16/Release/tests/functional/http/client/oauth1_tests.cpp:295:33: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
VERIFY_IS_TRUE(std::equal(suffix.rbegin(), suffix.rend(), header_authorization.rbegin()));
data/cpprest-2.10.16/Release/tests/functional/http/client/outside_tests.cpp:164:46: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
VERIFY_ARE_EQUAL(response.body().read(temp, 70).get(), 70);
data/cpprest-2.10.16/Release/tests/functional/http/client/request_stream_tests.cpp:75:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(text);
data/cpprest-2.10.16/Release/tests/functional/http/listener/connections_and_errors.cpp:396:69: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
const int e2 = verify_http_exception([=]() { req.body().read().wait(); });
data/cpprest-2.10.16/Release/tests/functional/http/listener/listener_construction_tests.cpp:523:63: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
boost::asio::const_buffer cert(self_signed_cert, std::strlen(self_signed_cert));
data/cpprest-2.10.16/Release/tests/functional/http/listener/listener_construction_tests.cpp:524:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
boost::asio::const_buffer key(private_key, std::strlen(private_key));
data/cpprest-2.10.16/Release/tests/functional/streams/fstreambuf_tests.cpp:331:40: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
t.push_back(istreamBuf.getc().then([i, this](char c) { VERIFY_ARE_EQUAL(i % 26 + 'a', c); }));
data/cpprest-2.10.16/Release/tests/functional/streams/fstreambuf_tests.cpp:530:39: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
uint8_t ch0 = (uint8_t)stream.getc().get();
data/cpprest-2.10.16/Release/tests/functional/streams/fstreambuf_tests.cpp:531:39: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
uint8_t ch1 = (uint8_t)stream.getc().get();
data/cpprest-2.10.16/Release/tests/functional/streams/fstreambuf_tests.cpp:551:39: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
uint8_t ch0 = (uint8_t)stream.getc().get();
data/cpprest-2.10.16/Release/tests/functional/streams/fstreambuf_tests.cpp:571:30: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
wchar_t ch0 = stream.getc().get();
data/cpprest-2.10.16/Release/tests/functional/streams/fstreambuf_tests.cpp:572:30: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
wchar_t ch1 = stream.getc().get();
data/cpprest-2.10.16/Release/tests/functional/streams/fstreambuf_tests.cpp:579:22: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch0 = stream.getc().get();
data/cpprest-2.10.16/Release/tests/functional/streams/fstreambuf_tests.cpp:580:22: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch1 = stream.getc().get();
data/cpprest-2.10.16/Release/tests/functional/streams/fstreambuf_tests.cpp:601:30: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
wchar_t ch0 = stream.getc().get();
data/cpprest-2.10.16/Release/tests/functional/streams/fstreambuf_tests.cpp:602:30: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
wchar_t ch1 = stream.getc().get();
data/cpprest-2.10.16/Release/tests/functional/streams/fstreambuf_tests.cpp:609:22: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch0 = stream.getc().get();
data/cpprest-2.10.16/Release/tests/functional/streams/fstreambuf_tests.cpp:610:22: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch1 = stream.getc().get();
data/cpprest-2.10.16/Release/tests/functional/streams/fstreambuf_tests.cpp:639:39: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
VERIFY_ARE_EQUAL(sizeof(buf), read.get());
data/cpprest-2.10.16/Release/tests/functional/streams/fstreambuf_tests.cpp:656:39: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
VERIFY_ARE_EQUAL(sizeof(buf), read.get());
data/cpprest-2.10.16/Release/tests/functional/streams/fstreambuf_tests.cpp:690:31: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
VERIFY_ARE_EQUAL(10u, read.get());
data/cpprest-2.10.16/Release/tests/functional/streams/fstreambuf_tests.cpp:707:31: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
VERIFY_ARE_EQUAL(10u, read.get());
data/cpprest-2.10.16/Release/tests/functional/streams/fstreambuf_tests.cpp:741:39: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
VERIFY_ARE_EQUAL(sizeof(buf), read.get());
data/cpprest-2.10.16/Release/tests/functional/streams/fstreambuf_tests.cpp:761:39: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
VERIFY_ARE_EQUAL(sizeof(buf), read.get());
data/cpprest-2.10.16/Release/tests/functional/streams/fstreambuf_tests.cpp:798:16: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
stream.getc().wait();
data/cpprest-2.10.16/Release/tests/functional/streams/fstreambuf_tests.cpp:802:16: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
stream.getc().wait();
data/cpprest-2.10.16/Release/tests/functional/streams/fstreambuf_tests.cpp:806:16: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
stream.getc().wait();
data/cpprest-2.10.16/Release/tests/functional/streams/fstreambuf_tests.cpp:824:33: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
VERIFY_THROWS(streambuf.getc().get(), MyException);
data/cpprest-2.10.16/Release/tests/functional/streams/fstreambuf_tests.cpp:863:21: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
istream.read(block, 50).get();
data/cpprest-2.10.16/Release/tests/functional/streams/fstreambuf_tests.cpp:869:21: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
istream.read(block, 256).get();
data/cpprest-2.10.16/Release/tests/functional/streams/fstreambuf_tests.cpp:904:33: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
VERIFY_ARE_EQUAL(inFile.read(buffer, 1).get(), 0);
data/cpprest-2.10.16/Release/tests/functional/streams/fstreambuf_tests.cpp:936:35: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int aCharacter = file_buf.getc().get();
data/cpprest-2.10.16/Release/tests/functional/streams/fstreambuf_tests.cpp:998:43: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int aCharacter = file_buf._stream.getc().get();
data/cpprest-2.10.16/Release/tests/functional/streams/fstreambuf_tests.cpp:1026:36: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
file_buf2.create_istream().read(file_buf1, 1).wait();
data/cpprest-2.10.16/Release/tests/functional/streams/fstreambuf_tests.cpp:1030:36: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
file_buf1.create_istream().read(data_buf, 2).wait();
data/cpprest-2.10.16/Release/tests/functional/streams/fstreambuf_tests.cpp:1046:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
is.read(stream.streambuf(), 1).wait();
data/cpprest-2.10.16/Release/tests/functional/streams/fstreambuf_tests.cpp:1049:20: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
is.read(stream.streambuf(), 1).wait();
data/cpprest-2.10.16/Release/tests/functional/streams/fuzz_tests.cpp:52:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (ifs.read().get() != 0xEF || ifs.read().get() != 0xBB || ifs.read().get() != 0xBF)
data/cpprest-2.10.16/Release/tests/functional/streams/fuzz_tests.cpp:52:45: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (ifs.read().get() != 0xEF || ifs.read().get() != 0xBB || ifs.read().get() != 0xBF)
data/cpprest-2.10.16/Release/tests/functional/streams/fuzz_tests.cpp:52:73: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (ifs.read().get() != 0xEF || ifs.read().get() != 0xBB || ifs.read().get() != 0xBF)
data/cpprest-2.10.16/Release/tests/functional/streams/istream_tests.cpp:137:36: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
char ch = (char)stream.read().get();
data/cpprest-2.10.16/Release/tests/functional/streams/istream_tests.cpp:155:36: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
char ch = (char)stream.read().get();
data/cpprest-2.10.16/Release/tests/functional/streams/istream_tests.cpp:171:30: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
VERIFY_THROWS(stream.read().get(), std::runtime_error);
data/cpprest-2.10.16/Release/tests/functional/streams/istream_tests.cpp:187:38: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
VERIFY_ARE_EQUAL(26u, stream.read(tbuf, 26).get());
data/cpprest-2.10.16/Release/tests/functional/streams/istream_tests.cpp:196:37: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
VERIFY_ARE_EQUAL(0u, stream.read(tbuf, 26).get());
data/cpprest-2.10.16/Release/tests/functional/streams/istream_tests.cpp:212:38: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
VERIFY_ARE_EQUAL(26u, stream.read(tbuf, 26).get());
data/cpprest-2.10.16/Release/tests/functional/streams/istream_tests.cpp:219:37: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
VERIFY_ARE_EQUAL(0u, stream.read(tbuf, 26).get());
data/cpprest-2.10.16/Release/tests/functional/streams/istream_tests.cpp:230:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(text);
data/cpprest-2.10.16/Release/tests/functional/streams/istream_tests.cpp:240:38: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
VERIFY_ARE_EQUAL(52u, stream.read(tbuf, sizeof(buffer)).get());
data/cpprest-2.10.16/Release/tests/functional/streams/istream_tests.cpp:261:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(text);
data/cpprest-2.10.16/Release/tests/functional/streams/istream_tests.cpp:272:30: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
VERIFY_THROWS(stream.read(tbuf, sizeof(buffer)).get(), std::runtime_error);
data/cpprest-2.10.16/Release/tests/functional/streams/istream_tests.cpp:284:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(text);
data/cpprest-2.10.16/Release/tests/functional/streams/istream_tests.cpp:344:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(text);
data/cpprest-2.10.16/Release/tests/functional/streams/istream_tests.cpp:365:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(text);
data/cpprest-2.10.16/Release/tests/functional/streams/istream_tests.cpp:376:42: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
VERIFY_ARE_EQUAL('A', (char)rbuf.getc().get());
data/cpprest-2.10.16/Release/tests/functional/streams/istream_tests.cpp:400:44: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
VERIFY_ARE_EQUAL('a', (char)stream.read().get());
data/cpprest-2.10.16/Release/tests/functional/streams/istream_tests.cpp:421:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(text);
data/cpprest-2.10.16/Release/tests/functional/streams/istream_tests.cpp:428:42: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
VERIFY_ARE_EQUAL('A', (char)rbuf.getc().get());
data/cpprest-2.10.16/Release/tests/functional/streams/istream_tests.cpp:449:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(text);
data/cpprest-2.10.16/Release/tests/functional/streams/istream_tests.cpp:469:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(text);
data/cpprest-2.10.16/Release/tests/functional/streams/istream_tests.cpp:480:42: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
VERIFY_ARE_EQUAL('A', (char)rbuf.getc().get());
data/cpprest-2.10.16/Release/tests/functional/streams/istream_tests.cpp:504:44: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
VERIFY_ARE_EQUAL('a', (char)stream.read().get());
data/cpprest-2.10.16/Release/tests/functional/streams/istream_tests.cpp:528:44: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
VERIFY_ARE_EQUAL('a', (char)stream.read().get());
data/cpprest-2.10.16/Release/tests/functional/streams/istream_tests.cpp:549:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(text);
data/cpprest-2.10.16/Release/tests/functional/streams/istream_tests.cpp:582:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(text);
data/cpprest-2.10.16/Release/tests/functional/streams/istream_tests.cpp:589:42: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
VERIFY_ARE_EQUAL('A', (char)rbuf.getc().get());
data/cpprest-2.10.16/Release/tests/functional/streams/istream_tests.cpp:612:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(text);
data/cpprest-2.10.16/Release/tests/functional/streams/istream_tests.cpp:639:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(text);
data/cpprest-2.10.16/Release/tests/functional/streams/istream_tests.cpp:692:27: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while (c = stream.read().get(), !stream.is_eof())
data/cpprest-2.10.16/Release/tests/functional/streams/istream_tests.cpp:719:76: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
pplx::details::_do_while([=]() -> pplx::task<bool> { return stream.read().then(lambda1); }).wait();
data/cpprest-2.10.16/Release/tests/functional/streams/istream_tests.cpp:735:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(text);
data/cpprest-2.10.16/Release/tests/functional/streams/istream_tests.cpp:761:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(text);
data/cpprest-2.10.16/Release/tests/functional/streams/istream_tests.cpp:788:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(text);
data/cpprest-2.10.16/Release/tests/functional/streams/istream_tests.cpp:812:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(text);
data/cpprest-2.10.16/Release/tests/functional/streams/istream_tests.cpp:829:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(text);
data/cpprest-2.10.16/Release/tests/functional/streams/istream_tests.cpp:846:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(text);
data/cpprest-2.10.16/Release/tests/functional/streams/istream_tests.cpp:863:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(text);
data/cpprest-2.10.16/Release/tests/functional/streams/istream_tests.cpp:881:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(text);
data/cpprest-2.10.16/Release/tests/functional/streams/istream_tests.cpp:897:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(text);
data/cpprest-2.10.16/Release/tests/functional/streams/istream_tests.cpp:913:22: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = wcslen(text);
data/cpprest-2.10.16/Release/tests/functional/streams/istream_tests.cpp:929:22: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = wcslen(text);
data/cpprest-2.10.16/Release/tests/functional/streams/istream_tests.cpp:946:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(text);
data/cpprest-2.10.16/Release/tests/functional/streams/istream_tests.cpp:963:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(text);
data/cpprest-2.10.16/Release/tests/functional/streams/istream_tests.cpp:980:22: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = wcslen(text);
data/cpprest-2.10.16/Release/tests/functional/streams/istream_tests.cpp:997:22: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = wcslen(text);
data/cpprest-2.10.16/Release/tests/functional/streams/istream_tests.cpp:1015:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(text);
data/cpprest-2.10.16/Release/tests/functional/streams/istream_tests.cpp:1032:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(text);
data/cpprest-2.10.16/Release/tests/functional/streams/istream_tests.cpp:1050:22: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = wcslen(text);
data/cpprest-2.10.16/Release/tests/functional/streams/istream_tests.cpp:1067:22: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = wcslen(text);
data/cpprest-2.10.16/Release/tests/functional/streams/istream_tests.cpp:1085:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(text);
data/cpprest-2.10.16/Release/tests/functional/streams/istream_tests.cpp:1101:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(text);
data/cpprest-2.10.16/Release/tests/functional/streams/istream_tests.cpp:1118:22: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = wcslen(text);
data/cpprest-2.10.16/Release/tests/functional/streams/istream_tests.cpp:1134:22: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = wcslen(text);
data/cpprest-2.10.16/Release/tests/functional/streams/istream_tests.cpp:1151:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(text);
data/cpprest-2.10.16/Release/tests/functional/streams/istream_tests.cpp:1169:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(text);
data/cpprest-2.10.16/Release/tests/functional/streams/istream_tests.cpp:1189:22: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = wcslen(text);
data/cpprest-2.10.16/Release/tests/functional/streams/istream_tests.cpp:1207:22: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = wcslen(text);
data/cpprest-2.10.16/Release/tests/functional/streams/istream_tests.cpp:1441:36: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
VERIFY_THROWS(test_istream.read(), std::logic_error);
data/cpprest-2.10.16/Release/tests/functional/streams/istream_tests.cpp:1479:30: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
VERIFY_THROWS(strbuf.getc().get(), std::invalid_argument);
data/cpprest-2.10.16/Release/tests/functional/streams/istream_tests.cpp:1523:28: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
auto t1 = inStream.read(targetBuf, 4);
data/cpprest-2.10.16/Release/tests/functional/streams/istream_tests.cpp:1537:32: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
VERIFY_THROWS(inStream.read(targetBuf, 1).get(), std::runtime_error);
data/cpprest-2.10.16/Release/tests/functional/streams/memstream_tests.cpp:334:19: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
auto c = rbuf.getc().get();
data/cpprest-2.10.16/Release/tests/functional/streams/memstream_tests.cpp:339:30: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
VERIFY_ARE_EQUAL(c, rbuf.getc().get());
data/cpprest-2.10.16/Release/tests/functional/streams/memstream_tests.cpp:345:60: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
VERIFY_ARE_EQUAL(StreamBufferType::traits::eof(), rbuf.getc().get());
data/cpprest-2.10.16/Release/tests/functional/streams/memstream_tests.cpp:435:30: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
VERIFY_ARE_EQUAL(c, rbuf.getc().get());
data/cpprest-2.10.16/Release/tests/functional/streams/memstream_tests.cpp:462:40: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
VERIFY_ARE_EQUAL(contents[1], rbuf.getc().get());
data/cpprest-2.10.16/Release/tests/functional/streams/memstream_tests.cpp:572:32: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
VERIFY_ARE_EQUAL(rwbuf.getc().get(), std::char_traits<char>::eof());
data/cpprest-2.10.16/Release/tests/functional/streams/memstream_tests.cpp:1353:34: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
auto size = instream.read(buf1, count).get();
data/cpprest-2.10.16/Release/tests/functional/streams/memstream_tests.cpp:1379:34: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
auto size = instream.read(buf1, count).get();
data/cpprest-2.10.16/Release/tests/functional/streams/memstream_tests.cpp:1404:34: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
auto size = instream.read(buf1, count).get();
data/cpprest-2.10.16/Release/tests/functional/streams/memstream_tests.cpp:1429:34: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
auto size = instream.read(buf1, count).get();
data/cpprest-2.10.16/Release/tests/functional/streams/memstream_tests.cpp:1647:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read.wait();
data/cpprest-2.10.16/Release/tests/functional/streams/memstream_tests.cpp:1651:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read.get() == len1 + len2)
data/cpprest-2.10.16/Release/tests/functional/streams/memstream_tests.cpp:1729:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
VERIFY_ARE_EQUAL(len1, strlen((char*)buf1));
data/cpprest-2.10.16/Release/tests/functional/streams/memstream_tests.cpp:1822:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
VERIFY_ARE_EQUAL(len1, strlen((char*)buf1));
data/cpprest-2.10.16/Release/tests/functional/streams/memstream_tests.cpp:1862:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len1 = strlen(&text[0]);
data/cpprest-2.10.16/Release/tests/functional/streams/memstream_tests.cpp:1867:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len2 = strlen(&text[0]);
data/cpprest-2.10.16/Release/tests/functional/streams/memstream_tests.cpp:1924:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len1 = strlen(&text[0]);
data/cpprest-2.10.16/Release/tests/functional/streams/memstream_tests.cpp:1929:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len2 = strlen(&text[0]);
data/cpprest-2.10.16/Release/tests/functional/streams/memstream_tests.cpp:2210:33: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
VERIFY_THROWS(rwbuf.getc().get(), MyException);
data/cpprest-2.10.16/Release/tests/functional/streams/memstream_tests.cpp:2218:33: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
VERIFY_THROWS(rwbuf.getc().get(), MyException);
data/cpprest-2.10.16/Release/tests/functional/streams/memstream_tests.cpp:2244:33: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
VERIFY_THROWS(rwbuf.getc().get(), MyException);
data/cpprest-2.10.16/Release/tests/functional/streams/memstream_tests.cpp:2253:33: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
VERIFY_THROWS(rwbuf.getc().get(), MyException);
data/cpprest-2.10.16/Release/tests/functional/streams/memstream_tests.cpp:2458:36: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
VERIFY_ARE_EQUAL(sourceBuf.getc().get(), 'a');
data/cpprest-2.10.16/Release/tests/functional/streams/memstream_tests.cpp:2472:27: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
auto t2 = istream.read();
data/cpprest-2.10.16/Release/tests/functional/streams/memstream_tests.cpp:2492:36: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
VERIFY_ARE_EQUAL(sourceBuf.getc().get(), 'a');
data/cpprest-2.10.16/Release/tests/functional/streams/memstream_tests.cpp:2506:27: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
auto t2 = istream.read();
data/cpprest-2.10.16/Release/tests/functional/streams/ostream_tests.cpp:205:29: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
VERIFY_ARE_EQUAL(is.read().get(), 'a');
data/cpprest-2.10.16/Release/tests/functional/streams/ostream_tests.cpp:206:29: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
VERIFY_ARE_EQUAL(is.read().get(), 'b');
data/cpprest-2.10.16/Release/tests/functional/streams/ostream_tests.cpp:224:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
is.read()
data/cpprest-2.10.16/Release/tests/functional/streams/ostream_tests.cpp:227:31: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return is.read();
data/cpprest-2.10.16/Release/tests/functional/streams/ostream_tests.cpp:287:21: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
istream.read().get();
data/cpprest-2.10.16/Release/tests/functional/streams/stdstream_tests.cpp:90:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bios.write(text, strlen(text));
data/cpprest-2.10.16/Release/tests/functional/streams/stdstream_tests.cpp:326:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ss.read(chars, sizeof(chars) - 1);
data/cpprest-2.10.16/Release/tests/functional/streams/stdstream_tests.cpp:327:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
count += strlen(chars);
data/cpprest-2.10.16/Release/tests/functional/streams/stdstream_tests.cpp:366:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ss.read(chars, sizeof(chars) - 1);
data/cpprest-2.10.16/Release/tests/functional/streams/stdstream_tests.cpp:367:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
count += strlen(chars);
data/cpprest-2.10.16/Release/tests/functional/streams/stdstream_tests.cpp:384:37: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
char ch = (char)astream.read().get();
data/cpprest-2.10.16/Release/tests/functional/streams/stdstream_tests.cpp:401:38: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
VERIFY_ARE_EQUAL(26, astream.read(txtbuf, 26).get());
data/cpprest-2.10.16/Release/tests/functional/streams/stdstream_tests.cpp:408:37: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
VERIFY_ARE_EQUAL(0, astream.read(txtbuf, 26).get());
data/cpprest-2.10.16/Release/tests/functional/streams/stdstream_tests.cpp:456:45: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
VERIFY_ARE_EQUAL('A', (char)astream.read().get());
data/cpprest-2.10.16/Release/tests/functional/streams/stdstream_tests.cpp:513:45: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
VERIFY_ARE_EQUAL('A', (char)astream.read().get());
data/cpprest-2.10.16/Release/tests/functional/streams/stdstream_tests.cpp:540:45: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
VERIFY_ARE_EQUAL('A', (char)astream.read().get());
data/cpprest-2.10.16/Release/tests/functional/streams/stdstream_tests.cpp:612:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(text);
data/cpprest-2.10.16/Release/tests/functional/streams/stdstream_tests.cpp:765:25: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
inputStream.read(&tempBuf[0], tempBufSize);
data/cpprest-2.10.16/Release/tests/functional/streams/winrt_interop_tests.cpp:151:38: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
VERIFY_ARE_EQUAL(11, istream.read().get());
data/cpprest-2.10.16/Release/tests/functional/streams/winrt_interop_tests.cpp:180:38: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
VERIFY_ARE_EQUAL(11, istream.read().get());
data/cpprest-2.10.16/Release/tests/functional/websockets/utilities/test_websocket_server.h:113:29: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
VERIFY_IS_TRUE(std::equal(expected_data.begin(), expected_data.end(), data.begin()));
ANALYSIS SUMMARY:
Hits = 668
Lines analyzed = 104304 in approximately 5.42 seconds (19250 lines/second)
Physical Source Lines of Code (SLOC) = 70798
Hits@level = [0] 17 [1] 258 [2] 313 [3] 7 [4] 90 [5] 0
Hits@level+ = [0+] 685 [1+] 668 [2+] 410 [3+] 97 [4+] 90 [5+] 0
Hits/KSLOC@level+ = [0+] 9.67541 [1+] 9.43529 [2+] 5.79112 [3+] 1.3701 [4+] 1.27122 [5+] 0
Dot directories skipped = 2 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.